Added configs to enable re-try call with new OAuth token

when the existing token is revoked/invalid

modules/distribution/product/src/main/resources/conf/templates/repository/conf/synapse.properties.j2

@@ -22,4 +22,6 @@
 synapse.artifacts.file.storage.enabled=false
 {% endif %}
 {% endif %}
-
+{% if apim.mediator_config.oauth.enable_retry_call_with_new_token && apim.redis_config is defined %}
+token.cache.class=org.wso2.carbon.apimgt.gateway.mediators.oauth.RedisTokenCache
+{% endif %}

modules/distribution/resources/api_templates/endpoint_template.xml

@@ -90,6 +90,50 @@
 <endpoint xmlns="http://ws.apache.org/ns/synapse" name="$name">
 <http uri-template="$util.escapeXml($ep.get("url"))">
 #timeout( $ep.get('config') )
+#if($enableRetryCallWithNewOauthToken)
+    #set( $endpointSecurity = $endpoint_security.get($type) )
+    #if($endpointSecurity.type == "oauth" || $endpointSecurity.type == "OAUTH")
+        <authentication>
+            <oauth>
+                #if($endpointSecurity.grantType == "client_credentials" || $endpointSecurity.grantType == "CLIENT_CREDENTIALS")
+                    #set($grantType = "clientCredentials")
+                #elseif($endpointSecurity.grantType == "password" || $endpointSecurity.grantType == "PASSWORD")
+                    #set($grantType = "passwordCredentials")
+                #end
+
+                <$grantType>
+                    #if($grantType == "passwordCredentials")
+                        <username>$util.escapeXml($endpointSecurity.username)</username>
+                        #if($isSecureVaultEnabled)
+                            <password>{wso2:vault-lookup('$endpointSecurity.passwordAlias')}</password>
+                        #else
+                            <password>$util.escapeXml($endpointSecurity.password)</password>
+                        #end
+                    #end
+                    <clientId>$util.escapeXml($endpointSecurity.clientId)</clientId>
+                    #if($isSecureVaultEnabled)
+                        <clientSecret>{wso2:vault-lookup('$endpointSecurity.clientSecretAlias')}</clientSecret>
+                    #else
+                        <clientSecret>$util.escapeXml($endpointSecurity.clientSecret)</clientSecret>
+                    #end
+                    <tokenUrl>$util.escapeXml($endpointSecurity.tokenUrl)</tokenUrl>
+                    <connectionTimeout>$util.escapeXml($endpointSecurity.connectionTimeoutDuration)</connectionTimeout>
+                    <connectionRequestTimeout>$util.escapeXml($endpointSecurity.connectionRequestTimeoutDuration)</connectionRequestTimeout>
+                    <socketTimeout>$util.escapeXml($endpointSecurity.socketTimeoutDuration)</socketTimeout>
+                    #set($requestParametersMap = $util.jsonStringToMap($endpointSecurity.customParameters))
+                    #if($requestParametersMap.size() > 0)
+                        <requestParameters>
+                            #foreach($entry in $requestParametersMap.entrySet())
+                                <parameter name="$util.escapeXml($entry.key)">$util.escapeXml($entry.value)</parameter>
+                            #end
+                        </requestParameters>
+                    #end
+                    <authMode/>
+                </$grantType>
+            </oauth>
+        </authentication>
+    #end
+#end
 </http>
 <property name="ENDPOINT_ADDRESS" value="$util.escapeXml($ep.get("url"))"/>
         </endpoint>

modules/distribution/resources/api_templates/velocity_template.xml

@@ -75,7 +75,7 @@
 <target type="body"/>
 </enrich>
         #else
-        #if($endpointsecurity.type == "oauth" || $endpointsecurity.type == "OAUTH")
+        #if(!($enableRetryCallWithNewOauthToken && $endpointClass == "http") && ($endpointsecurity.type == "oauth" || $endpointsecurity.type == "OAUTH"))
 <class name="org.wso2.carbon.apimgt.gateway.mediators.oauth.OAuthMediator">
 <property name="uniqueIdentifier" value="$util.escapeXml($endpointsecurity.uniqueIdentifier)" type="STRING"/>
 <property name="tokenEndpointUrl" value="$util.escapeXml($endpointsecurity.tokenUrl)" type="STRING"/>
@@ -346,12 +346,12 @@ $out_sequences.get("$resource.getUriTemplate()").get($uri)
                 #end
 <filter source="$ctx:AM_KEY_TYPE" regex="$filterRegex">
     <then>
-                    #if($endpointSecurityProd.clientId && ($endpointSecurityProd.type == "oauth" || $endpointSecurityProd.type == "OAUTH"))
+                    #if(!($enableRetryCallWithNewOauthToken && $endpointClass == "http") && $endpointSecurityProd.clientId && ($endpointSecurityProd.type == "oauth" || $endpointSecurityProd.type == "OAUTH"))
         <class name="org.wso2.carbon.apimgt.gateway.mediators.oauth.OAuthResponseMediator"/>
                     #end
     </then>
     <else>
-                    #if($endpointSecuritySand.clientId && ($endpointSecuritySand.type == "oauth" || $endpointSecuritySand.type == "OAUTH"))
+                    #if(!($enableRetryCallWithNewOauthToken && $endpointClass == "http") && $endpointSecuritySand.clientId && ($endpointSecuritySand.type == "oauth" || $endpointSecuritySand.type == "OAUTH"))
         <class name="org.wso2.carbon.apimgt.gateway.mediators.oauth.OAuthResponseMediator"/>
                     #end
     </else>

pom.xml

@@ -1354,7 +1354,7 @@
         <opencsv.version>1.8</opencsv.version>
         <poi.version>3.0-FINAL</poi.version>
         <woden.version>1.0.0.M8-wso2v1</woden.version>
-        <synapse.version>4.0.0-wso2v105</synapse.version>
+        <synapse.version>4.0.0-wso2v127</synapse.version>
         <passthru.transport.patch.version>1.0.2</passthru.transport.patch.version>
         <axis2.wso2.version>1.6.1-wso2v99</axis2.wso2.version>
         <axiom.wso2.version>1.2.11-wso2v29</axiom.wso2.version>