handle revocation events through single stream and publisher. refactor code.

Author: dushaniw

components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/listeners/GatewayTokenRevocationMessageListener.java

@@ -21,14 +21,20 @@
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.apimgt.gateway.internal.ServiceReferenceHolder;
 import org.wso2.carbon.apimgt.gateway.jwt.RevokedJWTDataHolder;
 import org.wso2.carbon.apimgt.impl.APIConstants;
 
-import javax.jms.*;
+import javax.jms.JMSException;
+import javax.jms.Message;
+import javax.jms.MessageListener;
+import javax.jms.TextMessage;
+import javax.jms.Topic;
+import java.util.HashMap;
 
 public class GatewayTokenRevocationMessageListener implements MessageListener {
 
@@ -58,25 +64,6 @@ public void onMessage(Message message) {
                                     payloadData.get(APIConstants.REVOKED_TOKEN_EXPIRY_TIME).asLong(),
                                     payloadData.get(APIConstants.REVOKED_TOKEN_TYPE).asText());
                         }
-
-                        if (payloadData.get(APIConstants.INTERNAL_REVOCATION_EVENT_TYPE) != null
-                                && payloadData.get(APIConstants.INTERNAL_REVOCATION_EVENT_TYPE).asText()
-                                .equals(APIConstants.NotificationEvent.CONSUMER_APP_REVOCATION_EVENT)) {
-                            handleInternallyRevokedConsumerKeyMessage(
-                                    payloadData.get(APIConstants.INTERNAL_REVOCATION_CONSUMER_KEY).asText(),
-                                    payloadData.get(APIConstants.INTERNAL_REVOCATION_TIME).asLong(),
-                                    payloadData.get(APIConstants.INTERNAL_REVOCATION_EVENT_TYPE).asText());
-                        }
-
-                        if (payloadData.get(APIConstants.INTERNAL_REVOCATION_EVENT_TYPE) != null
-                                && payloadData.get(APIConstants.INTERNAL_REVOCATION_EVENT_TYPE).asText()
-                                .equals(APIConstants.NotificationEvent.SUBJECT_ENTITY_REVOCATION_EVENT)) {
-                            handleInternallyRevokedUserEventMessage(
-                                    payloadData.get(APIConstants.INTERNAL_REVOCATION_ENTITY_ID).asText(),
-                                    payloadData.get(APIConstants.INTERNAL_REVOCATION_ENTITY_TYPE).asText(),
-                                    payloadData.get(APIConstants.INTERNAL_REVOCATION_TIME).asLong(),
-                                    payloadData.get(APIConstants.INTERNAL_REVOCATION_EVENT_TYPE).asText());
-                        }
                     }
                 } else {
                     log.warn("Event dropped due to unsupported message type " + message.getClass());
@@ -89,45 +76,66 @@ public void onMessage(Message message) {
         }
     }
 
-    private void handleRevokedTokenMessage(String revokedToken, long expiryTime,String tokenType) {
+    private void handleRevokedTokenMessage(String revokedToken, long expiryTime, String tokenType) {
 
         boolean isJwtToken = false;
         if (StringUtils.isEmpty(revokedToken)) {
             return;
         }
 
-        //handle JWT tokens
-        if (APIConstants.API_KEY_AUTH_TYPE.equals(tokenType) || APIConstants.JWT.equals(tokenType)) {
-            ServiceReferenceHolder.getInstance().getRevokedTokenService()
-                    .addRevokedJWTIntoMap(revokedToken, expiryTime);
-            // Add revoked token to revoked JWT map
-            isJwtToken = true;
-        }
-        if (APIConstants.API_KEY_AUTH_TYPE.equals(tokenType)) {
-            ServiceReferenceHolder.getInstance().getRevokedTokenService()
-                    .removeApiKeyFromGatewayCache(revokedToken);
+        if (APIConstants.NotificationEvent.CONSUMER_APP_REVOCATION_EVENT.equals(tokenType)) {
+            HashMap<String, Object> revokedTokenMap = base64Decode(revokedToken);
+            if (revokedTokenMap.containsKey(APIConstants.NotificationEvent.CONSUMER_KEY) &&
+                    revokedTokenMap.get(APIConstants.NotificationEvent.CONSUMER_KEY) != null &&
+                    revokedTokenMap.containsKey(APIConstants.NotificationEvent.REVOCATION_TIME) &&
+                    revokedTokenMap.get(APIConstants.NotificationEvent.REVOCATION_TIME) != null) {
+                RevokedJWTDataHolder.getInstance().addRevokedConsumerKeyToMap(
+                        (String) revokedTokenMap.get(APIConstants.NotificationEvent.CONSUMER_KEY),
+                        (long) revokedTokenMap.get(APIConstants.NotificationEvent.REVOCATION_TIME));
+            }
+        } else if (APIConstants.NotificationEvent.SUBJECT_ENTITY_REVOCATION_EVENT.equals(tokenType)) {
+            HashMap<String, Object> revokedTokenMap = base64Decode(revokedToken);
+            if (revokedTokenMap.get(APIConstants.NotificationEvent.ENTITY_TYPE) != null &&
+                    revokedTokenMap.get(APIConstants.NotificationEvent.REVOCATION_TIME) != null &&
+                    revokedTokenMap.get(APIConstants.NotificationEvent.ENTITY_ID) != null) {
+                String entityType = (String) revokedTokenMap.get(APIConstants.NotificationEvent.ENTITY_TYPE);
+                long revocationTime = (long) revokedTokenMap.get(APIConstants.NotificationEvent.REVOCATION_TIME);
+                String entityId = (String) revokedTokenMap.get(APIConstants.NotificationEvent.ENTITY_ID);
+                if (APIConstants.NotificationEvent.ENTITY_TYPE_USER_ID.equals(entityType)) {
+                    RevokedJWTDataHolder.getInstance().addRevokedSubjectEntityUserToMap(entityId, revocationTime);
+                } else if (APIConstants.NotificationEvent.ENTITY_TYPE_CLIENT_ID.equals(entityType)) {
+                    RevokedJWTDataHolder.getInstance()
+                            .addRevokedSubjectEntityConsumerAppToMap(entityId, revocationTime);
+                }
+            }
         } else {
-            ServiceReferenceHolder.getInstance().getRevokedTokenService()
-                    .removeTokenFromGatewayCache(revokedToken, isJwtToken);
-        }
-    }
-
-    private void handleInternallyRevokedConsumerKeyMessage(String consumerKey, long revocationTime, String type) {
-        if (APIConstants.NotificationEvent.CONSUMER_APP_REVOCATION_EVENT.equals(type)) {
-            RevokedJWTDataHolder.getInstance().addRevokedConsumerKeyToMap(consumerKey, revocationTime);
+            //handle JWT tokens
+            if (APIConstants.API_KEY_AUTH_TYPE.equals(tokenType) || APIConstants.JWT.equals(tokenType)) {
+                ServiceReferenceHolder.getInstance().getRevokedTokenService()
+                        .addRevokedJWTIntoMap(revokedToken, expiryTime);
+                // Add revoked token to revoked JWT map
+                isJwtToken = true;
+            }
+            if (APIConstants.API_KEY_AUTH_TYPE.equals(tokenType)) {
+                ServiceReferenceHolder.getInstance().getRevokedTokenService()
+                        .removeApiKeyFromGatewayCache(revokedToken);
+            } else {
+                ServiceReferenceHolder.getInstance().getRevokedTokenService()
+                        .removeTokenFromGatewayCache(revokedToken, isJwtToken);
+            }
         }
     }
 
-    private void handleInternallyRevokedUserEventMessage(String subjectId, String subjectIdType,
-                                                         long revocationTime, String type) {
+    private HashMap<String, Object> base64Decode(String encodedRevokedToken) {
 
-        if (APIConstants.NotificationEvent.SUBJECT_ENTITY_REVOCATION_EVENT.equals(type)) {
-            if ("USER_ID".equals(subjectIdType)) {
-                RevokedJWTDataHolder.getInstance().addRevokedSubjectEntityUserToMap(subjectId, revocationTime);
-            } else if ("CLIENT_ID".equals(subjectIdType)) {
-                RevokedJWTDataHolder.getInstance().addRevokedSubjectEntityConsumerAppToMap(subjectId,
-                        revocationTime);
-            }
+        byte[] eventDecoded = Base64.decodeBase64(encodedRevokedToken);
+        String eventJson = new String(eventDecoded);
+        ObjectMapper objectMapper = new ObjectMapper();
+        try {
+            return objectMapper.readValue(eventJson, HashMap.class);
+        } catch (JsonProcessingException e) {
+            log.error("Error while decoding revoked token event.");
         }
+        return new HashMap<>();
     }
 }

components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConstants.java

@@ -565,9 +565,6 @@ public final class APIConstants {
     public static final String IS_ENABLED = "is_enabled";
     public static final String BLOCKING_CONDITIONS_STREAM_ID = "org.wso2.blocking.request.stream:1.0.0";
     public static final String TOKEN_REVOCATION_STREAM_ID = "org.wso2.apimgt.token.revocation.stream:1.0.0";
-    public static final String SUBJECT_ENTITY_REVOCATION_STREAM_ID =
-            "org.wso2.apimgt.subjectEntity.revocation.stream:1.0.0";
-    public static final String APP_REVOCATION_EVENT_STREAM_ID = "org.wso2.apimgt.app.revocation.stream:1.0.0";
     public static final String CACHE_INVALIDATION_STREAM_ID = "org.wso2.apimgt.cache.invalidation.stream:1.0.0";
     public static final String NOTIFICATION_STREAM_ID = "org.wso2.apimgt.notification.stream:1.0.0";
     public static final String WEBHOOKS_SUBSCRIPTION_STREAM_ID = "org.wso2.apimgt.webhooks.request.stream:1.0.0";
@@ -593,11 +590,6 @@ public final class APIConstants {
     public static final String KEY_MANAGER_CONSUMER_KEY = "consumer_key";
     public static final String KEY_MANAGER_CONSUMER_SECRET = "consumer_secret";
     public static final String REVOKED_TOKEN_TYPE = "type";
-    public static final String INTERNAL_REVOCATION_EVENT_TYPE = "type";
-    public static final String INTERNAL_REVOCATION_TIME = "revocationTime";
-    public static final String INTERNAL_REVOCATION_CONSUMER_KEY = "consumerKey";
-    public static final String INTERNAL_REVOCATION_ENTITY_ID = "entityId";
-    public static final String INTERNAL_REVOCATION_ENTITY_TYPE = "entityType";
     public static final String IDENTITY_REVOKE_ENDPOINT = "/oauth2/revoke";
     public static final String IDENTITY_TOKEN_ENDPOINT_CONTEXT = "/oauth2/token";
     public static final String GATEWAY_SIGNED_JWT_CACHE = "SignedJWTParseCache";
@@ -2841,6 +2833,8 @@ public static class NotificationEvent {
         public static final String STREAM_ID = "streamId";
         public static final String ENTITY_ID = "entityId";
         public static final String ENTITY_TYPE = "entityType";
+        public static final String ENTITY_TYPE_CLIENT_ID = "CLIENT_ID";
+        public static final String ENTITY_TYPE_USER_ID = "USER_ID";
         public static final String EVENT_TYPE = "eventType";
     }
 

components/apimgt/org.wso2.carbon.apimgt.notification/src/main/java/org/wso2/carbon/apimgt/notification/AbstractKeyManagerEventHandler.java

@@ -27,6 +27,7 @@
 import org.wso2.carbon.apimgt.impl.keymgt.KeyManagerEventHandler;
 import org.wso2.carbon.apimgt.impl.publishers.RevocationRequestPublisher;
 import org.wso2.carbon.apimgt.notification.event.ConsumerAppRevocationEvent;
+import org.wso2.carbon.apimgt.notification.event.Event;
 import org.wso2.carbon.apimgt.notification.event.SubjectEntityRevocationEvent;
 import org.wso2.carbon.apimgt.notification.event.TokenRevocationEvent;
 
@@ -46,18 +47,14 @@ public AbstractKeyManagerEventHandler() {
 
     public boolean handleTokenRevocationEvent(TokenRevocationEvent tokenRevocationEvent) throws APIManagementException {
 
-        Properties properties = new Properties();
-        properties.setProperty(APIConstants.NotificationEvent.EVENT_ID, tokenRevocationEvent.getEventId());
+        Properties properties = getRevocationEventProperties(tokenRevocationEvent);
+        properties.setProperty(APIConstants.NotificationEvent.EXPIRY_TIME,
+                Long.toString(tokenRevocationEvent.getExpiryTime()));
         properties.put(APIConstants.NotificationEvent.CONSUMER_KEY, tokenRevocationEvent.getConsumerKey());
         if (StringUtils.isBlank(tokenRevocationEvent.getTokenType())) {
             tokenRevocationEvent.setTokenType(APIConstants.NotificationEvent.APPLICATION_TOKEN_TYPE_OAUTH2);
         }
         properties.put(APIConstants.NotificationEvent.TOKEN_TYPE, tokenRevocationEvent.getTokenType());
-        properties.put(APIConstants.NotificationEvent.TENANT_ID, tokenRevocationEvent.getTenantId());
-        properties.put(APIConstants.NotificationEvent.TENANT_DOMAIN, tokenRevocationEvent.getTenantDomain());
-        properties.put(APIConstants.NotificationEvent.STREAM_ID, APIConstants.TOKEN_REVOCATION_STREAM_ID);
-        properties.setProperty(APIConstants.NotificationEvent.EXPIRY_TIME,
-                Long.toString(tokenRevocationEvent.getExpiryTime()));
         ApiMgtDAO.getInstance().addRevokedJWTSignature(tokenRevocationEvent.getEventId(),
                 tokenRevocationEvent.getAccessToken(), tokenRevocationEvent.getTokenType(),
                 tokenRevocationEvent.getExpiryTime(), tokenRevocationEvent.getTenantId());
@@ -67,9 +64,7 @@ public boolean handleTokenRevocationEvent(TokenRevocationEvent tokenRevocationEv
             String orgId = application.getOrganization();
             properties.put(APIConstants.NotificationEvent.ORG_ID, orgId);
         }
-
         revocationRequestPublisher.publishRevocationEvents(tokenRevocationEvent.getAccessToken(), properties);
-
         // Cleanup expired revoked tokens from db.
         Runnable expiredJWTCleaner = new ExpiredJWTCleaner();
         Thread cleanupThread = new Thread(expiredJWTCleaner);
@@ -80,20 +75,13 @@ public boolean handleTokenRevocationEvent(TokenRevocationEvent tokenRevocationEv
     public boolean handleConsumerAppRevocationEvent(ConsumerAppRevocationEvent consumerKeyEvent)
             throws APIManagementException {
 
-        // rule persistence
         ApiMgtDAO.getInstance().addRevokedConsumerKey(consumerKeyEvent.getConsumerKey(),
                 consumerKeyEvent.getRevocationTime(), consumerKeyEvent.getTenantDomain());
-
         // set properties
-        Properties properties = new Properties();
-        properties.setProperty(APIConstants.NotificationEvent.EVENT_ID, consumerKeyEvent.getEventId());
+        Properties properties = getRevocationEventProperties(consumerKeyEvent);
         properties.setProperty(APIConstants.NotificationEvent.CONSUMER_KEY, consumerKeyEvent.getConsumerKey());
         properties.setProperty(APIConstants.NotificationEvent.REVOCATION_TIME,
                 Long.toString(consumerKeyEvent.getRevocationTime()));
-        properties.setProperty(APIConstants.NotificationEvent.ORGANIZATION, consumerKeyEvent.getTenantDomain());
-        properties.setProperty(APIConstants.NotificationEvent.EVENT_TYPE, consumerKeyEvent.getType());
-        properties.setProperty(APIConstants.NotificationEvent.STREAM_ID,
-                APIConstants.APP_REVOCATION_EVENT_STREAM_ID);
 
         // publish event
         revocationRequestPublisher.publishRevocationEvents(consumerKeyEvent.getConsumerKey(), properties);
@@ -102,24 +90,29 @@ public boolean handleConsumerAppRevocationEvent(ConsumerAppRevocationEvent consu
 
     public void handleSubjectEntityRevocationEvent(SubjectEntityRevocationEvent userEvent)
             throws APIManagementException {
-        // persistence
-        ApiMgtDAO.getInstance().addRevokedSubjectEntity(userEvent.getEntityId(),
-                userEvent.getEntityType(), userEvent.getRevocationTime(),
-                userEvent.getTenantDomain());
 
+        ApiMgtDAO.getInstance().addRevokedSubjectEntity(userEvent.getEntityId(), userEvent.getEntityType(),
+                userEvent.getRevocationTime(), userEvent.getTenantDomain());
         // set properties
-        Properties properties = new Properties();
-        properties.setProperty(APIConstants.NotificationEvent.EVENT_ID, userEvent.getEventId());
+        Properties properties = getRevocationEventProperties(userEvent);
         properties.setProperty(APIConstants.NotificationEvent.ENTITY_ID, userEvent.getEntityId());
         properties.setProperty(APIConstants.NotificationEvent.ENTITY_TYPE, userEvent.getEntityType());
         properties.setProperty(APIConstants.NotificationEvent.REVOCATION_TIME,
                 Long.toString(userEvent.getRevocationTime()));
-        properties.setProperty(APIConstants.NotificationEvent.ORGANIZATION, userEvent.getTenantDomain());
-        properties.setProperty(APIConstants.NotificationEvent.EVENT_TYPE, userEvent.getType());
-        properties.setProperty(APIConstants.NotificationEvent.STREAM_ID,
-                APIConstants.SUBJECT_ENTITY_REVOCATION_STREAM_ID);
 
         // publish event
         revocationRequestPublisher.publishRevocationEvents(userEvent.getEntityId(), properties);
     }
+
+    private Properties getRevocationEventProperties(Event event) {
+
+        Properties properties = new Properties();
+        properties.setProperty(APIConstants.NotificationEvent.EVENT_ID, event.getEventId());
+        properties.put(APIConstants.NotificationEvent.TENANT_ID, event.getTenantId());
+        properties.setProperty(APIConstants.NotificationEvent.TENANT_DOMAIN, event.getTenantDomain());
+        properties.setProperty(APIConstants.NotificationEvent.EVENT_TYPE, event.getType());
+        properties.setProperty(APIConstants.NotificationEvent.STREAM_ID,
+                APIConstants.TOKEN_REVOCATION_STREAM_ID);
+        return properties;
+    }
 }

components/apimgt/org.wso2.carbon.apimgt.notification/src/main/java/org/wso2/carbon/apimgt/notification/DefaultKeyManagerEventHandlerImpl.java

@@ -39,10 +39,10 @@ public boolean handleEvent(String event, Map<String, List<String>> headers) thro
 
         if (StringUtils.isNotEmpty(event)
                 && event.contains(APIConstants.NotificationEvent.CONSUMER_APP_REVOCATION_EVENT)) {
-            handleInternalTokenRevocationByConsumerAppEvent(event);
+            handleConsumerAppRevocationEvent(event);
         } else if (StringUtils.isNotEmpty(event)
                 && event.contains(APIConstants.NotificationEvent.SUBJECT_ENTITY_REVOCATION_EVENT)) {
-            handleInternalTokenRevocationBySubjectEntityEvent(event);
+            handleSubjectEntityRevocationEvent(event);
         } else if (StringUtils.isNotEmpty(event)
                 && event.contains(APIConstants.NotificationEvent.TOKEN_REVOCATION_EVENT)) {
             handleTokenRevocationEvent(event);
@@ -63,14 +63,14 @@ private boolean handleTokenRevocationEvent(String event) throws APIManagementExc
         return true;
     }
 
-    private boolean handleInternalTokenRevocationByConsumerAppEvent(String event) throws APIManagementException {
+    private boolean handleConsumerAppRevocationEvent(String event) throws APIManagementException {
 
         ConsumerAppRevocationEvent tokenRevocationEvent = new Gson().fromJson(event, ConsumerAppRevocationEvent.class);
         handleConsumerAppRevocationEvent(tokenRevocationEvent);
         return true;
     }
 
-    private boolean handleInternalTokenRevocationBySubjectEntityEvent(String event) throws APIManagementException {
+    private boolean handleSubjectEntityRevocationEvent(String event) throws APIManagementException {
 
         SubjectEntityRevocationEvent tokenRevocationEvent =
                 new Gson().fromJson(event, SubjectEntityRevocationEvent.class);