adding Backend API Key security

adapter/internal/oasparser/envoyconf/routes_with_clusters_test.go

@@ -123,11 +123,11 @@ func TestCreateRoutesWithClustersWithExactAndRegularExpressionRules(t *testing.T
 	xds.SanitizeGateway("default-gateway", true)
 	httpRouteState.HTTPRouteCombined = &httpRoute
 
-	backendMapping := make(map[string]*v1alpha1.ResolvedBackend)
+	backendMapping := make(map[string]*v1alpha2.ResolvedBackend)
 	backendMapping[k8types.NamespacedName{Namespace: "default", Name: "backend-1"}.String()] =
-		&v1alpha1.ResolvedBackend{Services: []v1alpha1.Service{{Host: "test-service-1.default", Port: 7001}}, Protocol: v1alpha1.HTTPProtocol}
+		&v1alpha2.ResolvedBackend{Services: []v1alpha2.Service{{Host: "test-service-1.default", Port: 7001}}, Protocol: v1alpha2.HTTPProtocol}
 	backendMapping[k8types.NamespacedName{Namespace: "default", Name: "backend-2"}.String()] =
-		&v1alpha1.ResolvedBackend{Services: []v1alpha1.Service{{Host: "test-service-2.default", Port: 7002}}, Protocol: v1alpha1.HTTPProtocol}
+		&v1alpha2.ResolvedBackend{Services: []v1alpha2.Service{{Host: "test-service-2.default", Port: 7002}}, Protocol: v1alpha2.HTTPProtocol}
 	httpRouteState.BackendMapping = backendMapping
 
 	apiState.ProdHTTPRoute = &httpRouteState
@@ -261,9 +261,9 @@ func generateSampleAPI(apiName string, apiVersion string, basePath string) synch
 
 	httpRouteState.HTTPRouteCombined = &httpRoute
 
-	backendMapping := make(map[string]*v1alpha1.ResolvedBackend)
+	backendMapping := make(map[string]*v1alpha2.ResolvedBackend)
 	backendMapping[k8types.NamespacedName{Namespace: "default", Name: apiName + "backend-1"}.String()] =
-		&v1alpha1.ResolvedBackend{Services: []v1alpha1.Service{{Host: "test-service-1.default", Port: 7001}}, Protocol: v1alpha1.HTTPProtocol}
+		&v1alpha2.ResolvedBackend{Services: []v1alpha2.Service{{Host: "test-service-1.default", Port: 7001}}, Protocol: v1alpha2.HTTPProtocol}
 	httpRouteState.BackendMapping = backendMapping
 
 	apiState.ProdHTTPRoute = &httpRouteState
@@ -335,17 +335,17 @@ func TestCreateRoutesWithClustersWithMultiplePathPrefixRules(t *testing.T) {
 
 	httpRouteState.HTTPRouteCombined = &httpRoute
 
-	backendMapping := make(map[string]*v1alpha1.ResolvedBackend)
+	backendMapping := make(map[string]*v1alpha2.ResolvedBackend)
 	backendMapping[k8types.NamespacedName{Namespace: "default", Name: "order-backend"}.String()] =
-		&v1alpha1.ResolvedBackend{Services: []v1alpha1.Service{
+		&v1alpha2.ResolvedBackend{Services: []v1alpha2.Service{
 			{Host: "order-service.default", Port: 80},
 			{Host: "order-service-2.default", Port: 8080}},
-			Protocol: v1alpha1.HTTPProtocol}
+			Protocol: v1alpha2.HTTPProtocol}
 	backendMapping[k8types.NamespacedName{Namespace: "default", Name: "user-backend"}.String()] =
-		&v1alpha1.ResolvedBackend{Services: []v1alpha1.Service{
+		&v1alpha2.ResolvedBackend{Services: []v1alpha2.Service{
 			{Host: "user-service.default", Port: 8081},
 			{Host: "user-service-2.default", Port: 8081}},
-			Protocol: v1alpha1.HTTPProtocol}
+			Protocol: v1alpha2.HTTPProtocol}
 	httpRouteState.BackendMapping = backendMapping
 
 	apiState.ProdHTTPRoute = &httpRouteState
@@ -473,11 +473,11 @@ func TestCreateRoutesWithClustersWithBackendTLSConfigs(t *testing.T) {
 
 	httpRouteState.HTTPRouteCombined = &httpRoute
 
-	backendMapping := make(map[string]*v1alpha1.ResolvedBackend)
+	backendMapping := make(map[string]*v1alpha2.ResolvedBackend)
 	backendMapping[k8types.NamespacedName{Namespace: "default", Name: "test-backend-3"}.String()] =
-		&v1alpha1.ResolvedBackend{Services: []v1alpha1.Service{{Host: "webhook.site", Port: 443}},
-			Protocol: v1alpha1.HTTPSProtocol,
-			TLS: v1alpha1.ResolvedTLSConfig{
+		&v1alpha2.ResolvedBackend{Services: []v1alpha2.Service{{Host: "webhook.site", Port: 443}},
+			Protocol: v1alpha2.HTTPSProtocol,
+			TLS: v1alpha2.ResolvedTLSConfig{
 				ResolvedCertificate: `-----BEGIN CERTIFICATE-----test-cert-data-----END CERTIFICATE-----`,
 			}}
 	httpRouteState.BackendMapping = backendMapping
@@ -610,17 +610,17 @@ func TestCreateRoutesWithClustersDifferentBackendRefs(t *testing.T) {
 
 	httpRouteState.HTTPRouteCombined = &httpRoute
 
-	backendMapping := make(map[string]*v1alpha1.ResolvedBackend)
+	backendMapping := make(map[string]*v1alpha2.ResolvedBackend)
 	backendMapping[k8types.NamespacedName{Namespace: "default", Name: "test-backend-1"}.String()] =
-		&v1alpha1.ResolvedBackend{Services: []v1alpha1.Service{{Host: "webhook.site.1", Port: 443}},
-			Protocol: v1alpha1.HTTPSProtocol,
-			TLS: v1alpha1.ResolvedTLSConfig{
+		&v1alpha2.ResolvedBackend{Services: []v1alpha2.Service{{Host: "webhook.site.1", Port: 443}},
+			Protocol: v1alpha2.HTTPSProtocol,
+			TLS: v1alpha2.ResolvedTLSConfig{
 				ResolvedCertificate: `-----BEGIN CERTIFICATE-----test-cert-data-----END CERTIFICATE-----`,
 			}}
 	backendMapping[k8types.NamespacedName{Namespace: "default", Name: "test-backend-2"}.String()] =
-		&v1alpha1.ResolvedBackend{Services: []v1alpha1.Service{{Host: "webhook.site.2", Port: 443}},
-			Protocol: v1alpha1.HTTPSProtocol,
-			TLS: v1alpha1.ResolvedTLSConfig{
+		&v1alpha2.ResolvedBackend{Services: []v1alpha2.Service{{Host: "webhook.site.2", Port: 443}},
+			Protocol: v1alpha2.HTTPSProtocol,
+			TLS: v1alpha2.ResolvedTLSConfig{
 				ResolvedCertificate: `-----BEGIN CERTIFICATE-----test-cert-data-----END CERTIFICATE-----`,
 			}}
 	httpRouteState.BackendMapping = backendMapping
@@ -702,11 +702,11 @@ func TestCreateRoutesWithClustersSameBackendRefs(t *testing.T) {
 
 	httpRouteState.HTTPRouteCombined = &httpRoute
 
-	backendMapping := make(map[string]*v1alpha1.ResolvedBackend)
+	backendMapping := make(map[string]*v1alpha2.ResolvedBackend)
 	backendMapping[k8types.NamespacedName{Namespace: "default", Name: "test-backend-1"}.String()] =
-		&v1alpha1.ResolvedBackend{Services: []v1alpha1.Service{{Host: "webhook.site", Port: 443}},
-			Protocol: v1alpha1.HTTPSProtocol,
-			TLS: v1alpha1.ResolvedTLSConfig{
+		&v1alpha2.ResolvedBackend{Services: []v1alpha2.Service{{Host: "webhook.site", Port: 443}},
+			Protocol: v1alpha2.HTTPSProtocol,
+			TLS: v1alpha2.ResolvedTLSConfig{
 				ResolvedCertificate: `-----BEGIN CERTIFICATE-----test-cert-data-----END CERTIFICATE-----`,
 			}}
 	httpRouteState.BackendMapping = backendMapping

adapter/internal/oasparser/model/adapter_internal_api.go

@@ -471,8 +471,8 @@ func (adapterInternalAPI *AdapterInternalAPI) SetInfoHTTPRouteCR(httpRoute *gwap
 	for _, rule := range httpRoute.Spec.Rules {
 		var endPoints []Endpoint
 		var policies = OperationPolicies{}
-		var circuitBreaker *dpv1alpha1.CircuitBreaker
-		var healthCheck *dpv1alpha1.HealthCheck
+		var circuitBreaker *dpv1alpha2.CircuitBreaker
+		var healthCheck *dpv1alpha2.HealthCheck
 		resourceAuthScheme := authScheme
 		resourceAPIPolicy := apiPolicy
 		resourceRatelimitPolicy := ratelimitPolicy
@@ -499,7 +499,7 @@ func (adapterInternalAPI *AdapterInternalAPI) SetInfoHTTPRouteCR(httpRoute *gwap
 			resolvedBackend, ok := resourceParams.BackendMapping[backendName.String()]
 			if ok {
 				if resolvedBackend.CircuitBreaker != nil {
-					circuitBreaker = &dpv1alpha1.CircuitBreaker{
+					circuitBreaker = &dpv1alpha2.CircuitBreaker{
 						MaxConnections:     resolvedBackend.CircuitBreaker.MaxConnections,
 						MaxPendingRequests: resolvedBackend.CircuitBreaker.MaxPendingRequests,
 						MaxRequests:        resolvedBackend.CircuitBreaker.MaxRequests,
@@ -522,7 +522,7 @@ func (adapterInternalAPI *AdapterInternalAPI) SetInfoHTTPRouteCR(httpRoute *gwap
 					}
 				}
 				if resolvedBackend.HealthCheck != nil {
-					healthCheck = &dpv1alpha1.HealthCheck{
+					healthCheck = &dpv1alpha2.HealthCheck{
 						Interval:           resolvedBackend.HealthCheck.Interval,
 						Timeout:            resolvedBackend.HealthCheck.Timeout,
 						UnhealthyThreshold: resolvedBackend.HealthCheck.UnhealthyThreshold,
@@ -539,6 +539,16 @@ func (adapterInternalAPI *AdapterInternalAPI) SetInfoHTTPRouteCR(httpRoute *gwap
 						Type:     string(resolvedBackend.Security.Type),
 						Enabled:  true,
 					})
+				case "APIKey":
+					securityConfig = append(securityConfig, EndpointSecurity{
+						Type:    string(resolvedBackend.Security.Type),
+						Enabled: true,
+						CustomParameters: map[string]string{
+							"in":    string(resolvedBackend.Security.APIKey.In),
+							"key":   string(resolvedBackend.Security.APIKey.Name),
+							"value": string(resolvedBackend.Security.APIKey.Value),
+						},
+					})
 				}
 			} else {
 				return fmt.Errorf("backend: %s has not been resolved", backendName)
@@ -996,6 +1006,16 @@ func (adapterInternalAPI *AdapterInternalAPI) SetInfoGQLRouteCR(gqlRoute *dpv1al
 				Type:     string(resolvedBackend.Security.Type),
 				Enabled:  true,
 			})
+		case "APIKey":
+			securityConfig = append(securityConfig, EndpointSecurity{
+				Type:    string(resolvedBackend.Security.Type),
+				Enabled: true,
+				CustomParameters: map[string]string{
+					"in":    string(resolvedBackend.Security.APIKey.In),
+					"key":   string(resolvedBackend.Security.APIKey.Name),
+					"value": string(resolvedBackend.Security.APIKey.Value),
+				},
+			})
 		}
 		adapterInternalAPI.EndpointSecurity = utils.GetPtrSlice(securityConfig)
 	} else {

adapter/internal/oasparser/model/http_route.go

@@ -36,7 +36,7 @@ type ResourceParams struct {
 	ResourceAPIPolicies       map[string]dpv1alpha2.APIPolicy
 	InterceptorServiceMapping map[string]dpv1alpha1.InterceptorService
 	BackendJWTMapping         map[string]dpv1alpha1.BackendJWT
-	BackendMapping            map[string]*dpv1alpha1.ResolvedBackend
+	BackendMapping            map[string]*dpv1alpha2.ResolvedBackend
 	ResourceScopes            map[string]dpv1alpha1.Scope
 	RateLimitPolicies         map[string]dpv1alpha1.RateLimitPolicy
 	ResourceRateLimitPolicies map[string]dpv1alpha1.RateLimitPolicy
@@ -112,7 +112,7 @@ func parseRateLimitPolicyToInternal(ratelimitPolicy *dpv1alpha1.RateLimitPolicy)
 // addOperationLevelInterceptors add the operation level interceptor policy to the policies
 func addOperationLevelInterceptors(policies *OperationPolicies, apiPolicy *dpv1alpha2.APIPolicy,
 	interceptorServicesMapping map[string]dpv1alpha1.InterceptorService,
-	backendMapping map[string]*dpv1alpha1.ResolvedBackend, namespace string) {
+	backendMapping map[string]*dpv1alpha2.ResolvedBackend, namespace string) {
 	if apiPolicy != nil && apiPolicy.Spec.Override != nil {
 		if len(apiPolicy.Spec.Override.RequestInterceptors) > 0 {
 			requestInterceptor := interceptorServicesMapping[types.NamespacedName{
@@ -160,7 +160,7 @@ func addOperationLevelInterceptors(policies *OperationPolicies, apiPolicy *dpv1a
 }
 
 // GetEndpoints creates endpoints using resolved backends in backendMapping
-func GetEndpoints(backendName types.NamespacedName, backendMapping map[string]*dpv1alpha1.ResolvedBackend) []Endpoint {
+func GetEndpoints(backendName types.NamespacedName, backendMapping map[string]*dpv1alpha2.ResolvedBackend) []Endpoint {
 	endpoints := []Endpoint{}
 	backend, ok := backendMapping[backendName.String()]
 	if ok && backend != nil {
@@ -181,7 +181,7 @@ func GetEndpoints(backendName types.NamespacedName, backendMapping map[string]*d
 }
 
 // GetBackendBasePath gets basePath of the the Backend
-func GetBackendBasePath(backendName types.NamespacedName, backendMapping map[string]*dpv1alpha1.ResolvedBackend) string {
+func GetBackendBasePath(backendName types.NamespacedName, backendMapping map[string]*dpv1alpha2.ResolvedBackend) string {
 	backend, ok := backendMapping[backendName.String()]
 	if ok && backend != nil {
 		if len(backend.Services) > 0 {

adapter/internal/operator/controllers/dp/api_controller.go

@@ -162,7 +162,7 @@ func NewAPIController(mgr manager.Manager, operatorDataStore *synchronizer.Opera
 		return err
 	}
 
-	if err := c.Watch(source.Kind(mgr.GetCache(), &dpv1alpha1.Backend{}), handler.EnqueueRequestsFromMapFunc(apiReconciler.populateAPIReconcileRequestsForBackend),
+	if err := c.Watch(source.Kind(mgr.GetCache(), &dpv1alpha2.Backend{}), handler.EnqueueRequestsFromMapFunc(apiReconciler.populateAPIReconcileRequestsForBackend),
 		predicates...); err != nil {
 		loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2615, logging.BLOCKER, "Error watching Backend resources: %v", err))
 		return err
@@ -560,7 +560,7 @@ func (apiReconciler *APIReconciler) concatGQLRoutes(ctx context.Context, gqlRout
 	}
 	resolvedBackend := utils.GetResolvedBackend(ctx, apiReconciler.client, backendNamespacedName, &api)
 	if resolvedBackend != nil {
-		gqlRouteState.BackendMapping = map[string]*dpv1alpha1.ResolvedBackend{
+		gqlRouteState.BackendMapping = map[string]*dpv1alpha2.ResolvedBackend{
 			backendNamespacedName.String(): resolvedBackend,
 		}
 		return gqlRouteState, nil
@@ -827,8 +827,8 @@ func (apiReconciler *APIReconciler) resolveAuthentications(ctx context.Context,
 
 func (apiReconciler *APIReconciler) getResolvedBackendsMapping(ctx context.Context,
 	httpRouteState *synchronizer.HTTPRouteState, interceptorServiceMapping map[string]dpv1alpha1.InterceptorService,
-	api dpv1alpha2.API) (map[string]*dpv1alpha1.ResolvedBackend, error) {
-	backendMapping := make(map[string]*dpv1alpha1.ResolvedBackend)
+	api dpv1alpha2.API) (map[string]*dpv1alpha2.ResolvedBackend, error) {
+	backendMapping := make(map[string]*dpv1alpha2.ResolvedBackend)
 
 	// Resolve backends in HTTPRoute
 	httpRoute := httpRouteState.HTTPRouteCombined
@@ -1061,8 +1061,8 @@ func (apiReconciler *APIReconciler) traverseAPIStateAndUpdateOwnerReferences(ctx
 func (apiReconciler *APIReconciler) retriveParentAPIsAndUpdateOwnerReferene(ctx context.Context, obj k8client.Object) {
 	var requests []reconcile.Request
 	switch obj.(type) {
-	case *dpv1alpha1.Backend:
-		var backend dpv1alpha1.Backend
+	case *dpv1alpha2.Backend:
+		var backend dpv1alpha2.Backend
 		namesapcedName := types.NamespacedName{
 			Name:      string(obj.GetName()),
 			Namespace: string(obj.GetNamespace()),
@@ -1544,7 +1544,7 @@ func (apiReconciler *APIReconciler) getAPIsForScope(ctx context.Context, obj k8c
 // getAPIsForBackend triggers the API controller reconcile method based on the changes detected
 // in backend resources.
 func (apiReconciler *APIReconciler) getAPIsForBackend(ctx context.Context, obj k8client.Object) []reconcile.Request {
-	backend, ok := obj.(*dpv1alpha1.Backend)
+	backend, ok := obj.(*dpv1alpha2.Backend)
 	if !ok {
 		loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2622, logging.TRIVIAL, "Unexpected object type, bypassing reconciliation: %v", backend))
 		return []reconcile.Request{}
@@ -1823,9 +1823,9 @@ func addIndexes(ctx context.Context, mgr manager.Manager) error {
 	}
 
 	// ConfigMap to Backend indexer
-	if err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha1.Backend{}, configMapBackend,
+	if err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha2.Backend{}, configMapBackend,
 		func(rawObj k8client.Object) []string {
-			backend := rawObj.(*dpv1alpha1.Backend)
+			backend := rawObj.(*dpv1alpha2.Backend)
 			var configMaps []string
 			if backend.Spec.TLS != nil && backend.Spec.TLS.ConfigMapRef != nil && len(backend.Spec.TLS.ConfigMapRef.Name) > 0 {
 				configMaps = append(configMaps,
@@ -1840,9 +1840,9 @@ func addIndexes(ctx context.Context, mgr manager.Manager) error {
 	}
 
 	// Secret to Backend indexer
-	if err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha1.Backend{}, secretBackend,
+	if err := mgr.GetFieldIndexer().IndexField(ctx, &dpv1alpha2.Backend{}, secretBackend,
 		func(rawObj k8client.Object) []string {
-			backend := rawObj.(*dpv1alpha1.Backend)
+			backend := rawObj.(*dpv1alpha2.Backend)
 			var secrets []string
 			if backend.Spec.TLS != nil && backend.Spec.TLS.SecretRef != nil && len(backend.Spec.TLS.SecretRef.Name) > 0 {
 				secrets = append(secrets,
@@ -1859,6 +1859,13 @@ func addIndexes(ctx context.Context, mgr manager.Manager) error {
 							Namespace: backend.Namespace,
 						}.String())
 				}
+				if backend.Spec.Security.APIKey != nil {
+					secrets = append(secrets,
+						types.NamespacedName{
+							Name:      string(backend.Spec.Security.APIKey.ValueFrom.Name),
+							Namespace: backend.Namespace,
+						}.String())
+				}
 			}
 			return secrets
 		}); err != nil {

adapter/internal/operator/controllers/dp/gateway_controller.go

@@ -305,8 +305,8 @@ func (gatewayReconciler *GatewayReconciler) getInterceptorServicesForGateway(ctx
 }
 
 func (gatewayReconciler *GatewayReconciler) getResolvedBackendsMapping(ctx context.Context,
-	gatewayStateData *synchronizer.GatewayStateData) map[string]*dpv1alpha1.ResolvedBackend {
-	backendMapping := make(map[string]*dpv1alpha1.ResolvedBackend)
+	gatewayStateData *synchronizer.GatewayStateData) map[string]*dpv1alpha2.ResolvedBackend {
+	backendMapping := make(map[string]*dpv1alpha2.ResolvedBackend)
 	if gatewayStateData.GatewayInterceptorServiceMapping != nil {
 		interceptorServices := maps.Values(gatewayStateData.GatewayInterceptorServiceMapping)
 		for _, interceptorService := range interceptorServices {

adapter/internal/operator/synchronizer/api_state.go

@@ -51,7 +51,7 @@ type APIState struct {
 type HTTPRouteState struct {
 	HTTPRouteCombined   *gwapiv1.HTTPRoute
 	HTTPRoutePartitions map[string]*gwapiv1.HTTPRoute
-	BackendMapping      map[string]*v1alpha1.ResolvedBackend
+	BackendMapping      map[string]*v1alpha2.ResolvedBackend
 	Scopes              map[string]v1alpha1.Scope
 }
 
@@ -61,6 +61,6 @@ type HTTPRouteState struct {
 type GQLRouteState struct {
 	GQLRouteCombined   *v1alpha2.GQLRoute
 	GQLRoutePartitions map[string]*v1alpha2.GQLRoute
-	BackendMapping     map[string]*v1alpha1.ResolvedBackend
+	BackendMapping     map[string]*v1alpha2.ResolvedBackend
 	Scopes             map[string]v1alpha1.Scope
 }

adapter/internal/operator/synchronizer/gateway_state.go

@@ -36,7 +36,7 @@ type GatewayState struct {
 type GatewayStateData struct {
 	GatewayResolvedListenerCerts     map[string]map[string][]byte
 	GatewayAPIPolicies               map[string]v1alpha2.APIPolicy
-	GatewayBackendMapping            map[string]*v1alpha1.ResolvedBackend
+	GatewayBackendMapping            map[string]*v1alpha2.ResolvedBackend
 	GatewayInterceptorServiceMapping map[string]v1alpha1.InterceptorService
 	GatewayCustomRateLimitPolicies   map[string]*v1alpha1.RateLimitPolicy
 }

adapter/internal/operator/synchronizer/gateway_synchronizer.go

@@ -137,7 +137,7 @@ func getCustomRateLimitPolicies(customRateLimitPoliciesDef map[string]*dpv1alpha
 
 func generateGlobalInterceptorResource(gatewayAPIPolicies map[string]dpv1alpha2.APIPolicy,
 	gatewayInterceptorServiceMapping map[string]dpv1alpha1.InterceptorService,
-	gatewayBackendMapping map[string]*dpv1alpha1.ResolvedBackend) (string, *clusterv3.Cluster, []*corev3.Address,
+	gatewayBackendMapping map[string]*dpv1alpha2.ResolvedBackend) (string, *clusterv3.Cluster, []*corev3.Address,
 	*clusterv3.Cluster, []*corev3.Address) {
 	var gwLuaScript string
 	var gwReqICluster, gwResICluster *clusterv3.Cluster
@@ -158,7 +158,7 @@ func generateGlobalInterceptorResource(gatewayAPIPolicies map[string]dpv1alpha2.
 
 func getGlobalInterceptorScript(gatewayAPIPolicies map[string]dpv1alpha2.APIPolicy,
 	gatewayInterceptorServiceMapping map[string]dpv1alpha1.InterceptorService,
-	gatewayBackendMapping map[string]*dpv1alpha1.ResolvedBackend) string {
+	gatewayBackendMapping map[string]*dpv1alpha2.ResolvedBackend) string {
 	iInvCtx := &interceptor.InvocationContext{
 		OrganizationID:   "",
 		BasePath:         "",
@@ -185,7 +185,7 @@ end
 
 func createInterceptors(gatewayAPIPolicies map[string]dpv1alpha2.APIPolicy,
 	gatewayInterceptorServiceMapping map[string]dpv1alpha1.InterceptorService,
-	gatewayBackendMapping map[string]*dpv1alpha1.ResolvedBackend) (requestInterceptor map[string]model.InterceptEndpoint, responseInterceptor map[string]model.InterceptEndpoint) {
+	gatewayBackendMapping map[string]*dpv1alpha2.ResolvedBackend) (requestInterceptor map[string]model.InterceptEndpoint, responseInterceptor map[string]model.InterceptEndpoint) {
 	requestInterceptorMap := make(map[string]model.InterceptEndpoint)
 	responseInterceptorMap := make(map[string]model.InterceptEndpoint)
 
@@ -227,7 +227,7 @@ func createInterceptors(gatewayAPIPolicies map[string]dpv1alpha2.APIPolicy,
 }
 
 func getInterceptorEndpoint(namespace string, interceptorRef *dpv1alpha2.InterceptorReference,
-	gatewayInterceptorServiceMapping map[string]dpv1alpha1.InterceptorService, gatewayBackendMapping map[string]*dpv1alpha1.ResolvedBackend, isReq bool) *model.InterceptEndpoint {
+	gatewayInterceptorServiceMapping map[string]dpv1alpha1.InterceptorService, gatewayBackendMapping map[string]*dpv1alpha2.ResolvedBackend, isReq bool) *model.InterceptEndpoint {
 	interceptor := gatewayInterceptorServiceMapping[types.NamespacedName{
 		Namespace: namespace,
 		Name:      interceptorRef.Name}.String()].Spec