Merge branch 'wso2:master' into master

components/apimgt/org.wso2.carbon.apimgt.api/pom.xml

@@ -11,7 +11,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.28.169-SNAPSHOT</version>
+        <version>9.28.172-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/apimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/model/API.java

@@ -152,6 +152,7 @@ public void setSoapToRestSequences(List<SOAPToRestSequence> soapToRestSequences)
 
     //Custom authorization header specific to the API
     private String authorizationHeader;
+    private String apiKeyHeader;
     private Set<Scope> scopes;
 
     private boolean isDefaultVersion = false;
@@ -1175,6 +1176,12 @@ public void setAuthorizationHeader(String authorizationHeader) {
         this.authorizationHeader = authorizationHeader;
     }
 
+    public String getApiKeyHeader() { return apiKeyHeader; }
+
+    public void setApiKeyHeader(String apiKeyHeader) {
+        this.apiKeyHeader = apiKeyHeader;
+    }
+
     /**
      * Check the status of the Json schema validation property.
      *

components/apimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/model/APIProduct.java

@@ -89,6 +89,7 @@ public class APIProduct {
      * Custom authorization header specific to the API
      */
     private String authorizationHeader;
+    private String apiKeyHeader;
 
     private CORSConfiguration corsConfiguration;
 
@@ -439,6 +440,14 @@ public void setAuthorizationHeader(String authorizationHeader) {
         this.authorizationHeader = authorizationHeader;
     }
 
+    public String getApiKeyHeader() {
+        return apiKeyHeader;
+    }
+
+    public void setApiKeyHeader(String apiKeyHeader) {
+        this.apiKeyHeader = apiKeyHeader;
+    }
+
     public CORSConfiguration getCorsConfiguration() {
         return corsConfiguration;
     }

components/apimgt/org.wso2.carbon.apimgt.broker.lifecycle/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <artifactId>apimgt</artifactId>
         <groupId>org.wso2.carbon.apimgt</groupId>
-        <version>9.28.169-SNAPSHOT</version>
+        <version>9.28.172-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/apimgt/org.wso2.carbon.apimgt.cache.invalidation/pom.xml

@@ -19,7 +19,7 @@
     <parent>
         <artifactId>apimgt</artifactId>
         <groupId>org.wso2.carbon.apimgt</groupId>
-        <version>9.28.169-SNAPSHOT</version>
+        <version>9.28.172-SNAPSHOT</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

components/apimgt/org.wso2.carbon.apimgt.cleanup.service/pom.xml

@@ -19,7 +19,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.28.169-SNAPSHOT</version>
+        <version>9.28.172-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/apimgt/org.wso2.carbon.apimgt.common.analytics/pom.xml

@@ -3,7 +3,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.28.169-SNAPSHOT</version>
+        <version>9.28.172-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>

components/apimgt/org.wso2.carbon.apimgt.common.gateway/pom.xml

@@ -3,7 +3,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.28.169-SNAPSHOT</version>
+        <version>9.28.172-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>

components/apimgt/org.wso2.carbon.apimgt.common.jms/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.28.169-SNAPSHOT</version>
+        <version>9.28.172-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>

components/apimgt/org.wso2.carbon.apimgt.core/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.28.169-SNAPSHOT</version>
+        <version>9.28.172-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/apimgt/org.wso2.carbon.apimgt.devops.impl/pom.xml

@@ -21,7 +21,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.28.169-SNAPSHOT</version>
+        <version>9.28.172-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/apimgt/org.wso2.carbon.apimgt.eventing.hub/pom.xml

@@ -20,7 +20,7 @@
     <parent>
         <artifactId>apimgt</artifactId>
         <groupId>org.wso2.carbon.apimgt</groupId>
-        <version>9.28.169-SNAPSHOT</version>
+        <version>9.28.172-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/apimgt/org.wso2.carbon.apimgt.eventing/pom.xml

@@ -20,7 +20,7 @@
     <parent>
         <artifactId>apimgt</artifactId>
         <groupId>org.wso2.carbon.apimgt</groupId>
-        <version>9.28.169-SNAPSHOT</version>
+        <version>9.28.172-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/apimgt/org.wso2.carbon.apimgt.gateway/pom.xml

@@ -19,7 +19,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.28.169-SNAPSHOT</version>
+        <version>9.28.172-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/APIMgtGatewayConstants.java

@@ -139,6 +139,7 @@ public class APIMgtGatewayConstants {
     public static final String CUSTOM_ANALYTICS_RESPONSE_PROPERTIES = "apim.analytics.response.properties";
     public static final String CUSTOM_ANALYTICS_PROPERTY_SEPARATOR = ",";
     public static final String API_UUID_PROPERTY = "API_UUID";
+    public static final String TENANT_DOMAIN = "tenant.info.domain";
 
     /**
      * Constants for swagger schema validator

components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/common/APIMgtLatencySynapseHandler.java

@@ -139,10 +139,11 @@ public boolean handleResponseOutFlow(MessageContext messageContext) {
             if (responseLatencySpan != null) {
                 GatewayUtils.setAPIRelatedTags(responseLatencySpan, messageContext);
                 API api = GatewayUtils.getAPI(messageContext);
+                String tenantDomain = (String) messageContext.getProperty(APIMgtGatewayConstants.TENANT_DOMAIN);
                 if (api != null) {
                     TelemetryUtil.updateOperation(responseLatencySpan,
                             api.getApiName().concat("--").concat(api.getApiVersion()).concat("--")
-                                    .concat(GatewayUtils.getTenantDomain()));
+                                    .concat(tenantDomain));
                 }
                 TelemetryUtil.finishSpan(responseLatencySpan);
             }
@@ -157,10 +158,11 @@ public boolean handleResponseOutFlow(MessageContext messageContext) {
             if (responseLatencySpan != null) {
                 GatewayUtils.setAPIRelatedTags(responseLatencySpan, messageContext);
                 API api = GatewayUtils.getAPI(messageContext);
+                String tenantDomain = (String) messageContext.getProperty(APIMgtGatewayConstants.TENANT_DOMAIN);
                 if (api != null) {
                     Util.updateOperation(responseLatencySpan,
                             api.getApiName().concat("--").concat(api.getApiVersion()).concat("--")
-                                    .concat(GatewayUtils.getTenantDomain()));
+                                    .concat(tenantDomain));
                 }
                 if (responseLatencySpan != null) {
                     Util.finishSpan(responseLatencySpan);

components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/APIAuthenticationHandler.java

@@ -94,6 +94,7 @@ public class APIAuthenticationHandler extends AbstractHandler implements Managed
     private SynapseEnvironment synapseEnvironment;
 
     private String authorizationHeader;
+    private String apiKeyHeader;
     private String apiSecurity;
     private String apiLevelPolicy;
     private String certificateInformation;
@@ -201,6 +202,24 @@ public void setAuthorizationHeader(String authorizationHeader) {
         this.authorizationHeader = authorizationHeader;
     }
 
+    /**
+     * To get the Api Key Header.
+     *
+     * @return Relevant the Api Key Header of the API request
+     */
+    public String getApiKeyHeader() {
+        return apiKeyHeader;
+    }
+
+    /**
+     * To set the Api Key Header.
+     *
+     * @param apiKeyHeader the Api Key Header of the API request.
+     */
+    public void setApiKeyHeader(String apiKeyHeader) {
+        this.apiKeyHeader = apiKeyHeader;
+    }
+
     /**
      * To get the API level security expected for the current API in gateway level.
      *
@@ -335,7 +354,7 @@ protected void initializeAuthenticators() {
             authenticators.add(authenticator);
         }
         if (isApiKeyProtected) {
-            Authenticator authenticator = new ApiKeyAuthenticator(APIConstants.API_KEY_HEADER_QUERY_PARAM, apiLevelPolicy, isOAuthBasicAuthMandatory);
+            Authenticator authenticator = new ApiKeyAuthenticator(apiKeyHeader, apiLevelPolicy, isOAuthBasicAuthMandatory);
             authenticator.init(synapseEnvironment);
             authenticators.add(authenticator);
         }
@@ -631,7 +650,7 @@ private void handleAuthFailure(MessageContext messageContext, APISecurityExcepti
             errorDetail =
                     APISecurityConstants.getFailureMessageDetailDescription(e.getErrorCode(), e.getMessage()) + "'"
                             + authorizationHeader + " : Bearer ACCESS_TOKEN' or '" + authorizationHeader +
-                            " : Basic ACCESS_TOKEN' or 'apikey: API_KEY'" ;
+                            " : Basic ACCESS_TOKEN' or '" + apiKeyHeader + " : API_KEY'";
         }
         messageContext.setProperty(SynapseConstants.ERROR_DETAIL, errorDetail);
 

components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/CORSRequestHandler.java

@@ -69,6 +69,7 @@ public class CORSRequestHandler extends AbstractHandler implements ManagedLifecy
     private List<String> allowedMethodList;
     private boolean allowCredentialsEnabled;
     private String authorizationHeader;
+    private String apiKeyHeader;
 
     public void init(SynapseEnvironment synapseEnvironment) {
         if (log.isDebugEnabled()) {
@@ -95,6 +96,9 @@ void initializeHeaders() {
         if (authorizationHeader != null) {
             allowHeaders += APIConstants.MULTI_ATTRIBUTE_SEPARATOR_DEFAULT + authorizationHeader;
         }
+        if (apiKeyHeader != null) {
+            allowHeaders += APIConstants.MULTI_ATTRIBUTE_SEPARATOR_DEFAULT + apiKeyHeader;
+        }
         if (allowedOrigins == null) {
             String allowedOriginsList = APIUtil.getAllowedOrigins();
             if (!allowedOriginsList.isEmpty()) {
@@ -447,4 +451,12 @@ public String getAuthorizationHeader() {
     public void setAuthorizationHeader(String authorizationHeader) {
         this.authorizationHeader = authorizationHeader;
     }
+
+    public String getApiKeyHeader() {
+        return apiKeyHeader;
+    }
+
+    public void setApiKeyHeader(String apiKeyHeader) {
+        this.apiKeyHeader = apiKeyHeader;
+    }
 }

components/apimgt/org.wso2.carbon.apimgt.impl/pom.xml

@@ -12,7 +12,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.28.169-SNAPSHOT</version>
+        <version>9.28.172-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/APIConstants.java

@@ -335,6 +335,7 @@ public final class APIConstants {
     public static final String API_OVERVIEW_OUTSEQUENCE = "overview_outSequence";
     public static final String API_OVERVIEW_FAULTSEQUENCE = "overview_faultSequence";
     public static final String API_OVERVIEW_AUTHORIZATION_HEADER = "overview_authorizationHeader";
+    public static final String API_OVERVIEW_API_KEY_HEADER = "overview_apiKeyHeader";
     public static final String API_OVERVIEW_API_SECURITY = "overview_apiSecurity";
     public static final String API_OVERVIEW_WS_URI_MAPPING = "overview_wsUriMapping";
     public static final String AUTHORIZATION_HEADER_BASIC = "Basic";
@@ -459,10 +460,12 @@ public final class APIConstants {
     public static final String MEDIATOR_CONFIG = "MediatorConfigs.";
     public static final String OAUTH_CONFIGS = "OAuthConfigurations.";
     public static final String AUTHORIZATION_HEADER = "AuthorizationHeader";
+    public static final String API_KEY_HEADER = "ApiKeyHeader";
     public static final String API_SECURITY = "APISecurity";
     public static final String API_LEVEL_POLICY = "APILevelPolicy";
     public static final String CERTIFICATE_INFORMATION = "CertificateInformation";
     public static final String AUTHORIZATION_HEADER_DEFAULT = "Authorization";
+    public static final String API_KEY_HEADER_DEFAULT = "ApiKey";
     public static final String HEADER_TENANT = "xWSO2Tenant";
     public static final String X_WSO2_TENANT_HEADER = "X-WSO2-Tenant";
     public static final String AUTHORIZATION_QUERY_PARAM_DEFAULT = "access_token";
@@ -1596,6 +1599,7 @@ private ConfigParameters() {
 
     //swagger MG related constants
     public static final String X_WSO2_AUTH_HEADER = "x-wso2-auth-header";
+    public static final String X_WSO2_API_KEY_HEADER = "x-wso2-api-key-header";
     public static final String X_THROTTLING_TIER = "x-throttling-tier";
     public static final String X_WSO2_CORS = "x-wso2-cors";
     public static final String X_WSO2_PRODUCTION_ENDPOINTS = "x-wso2-production-endpoints";
@@ -2937,6 +2941,7 @@ public enum ConfigType {
     public static final String OPERATION_SEQUENCE_TYPE_RESPONSE = "response";
     public static final String OPERATION_SEQUENCE_TYPE_FAULT = "fault";
     public static final String SYNAPSE_POLICY_DEFINITION_EXTENSION = ".j2";
+    public static final String SYNAPSE_POLICY_DEFINITION_EXTENSION_XML = ".xml";
     public static final String CC_POLICY_DEFINITION_EXTENSION = ".gotmpl";
     public static final String YAML_CONTENT_TYPE = "text/yaml";
     public static final String COMMON_OPERATION_POLICY_SPECIFICATIONS_LOCATION = "repository" + File.separator

components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/definitions/OAS2Parser.java

@@ -836,6 +836,9 @@ public String getOASDefinitionForPublisher(API api, String oasDefinition) throws
         if (api.getAuthorizationHeader() != null) {
             swagger.setVendorExtension(APIConstants.X_WSO2_AUTH_HEADER, api.getAuthorizationHeader());
         }
+        if (api.getApiKeyHeader() != null) {
+            swagger.setVendorExtension(APIConstants.X_WSO2_API_KEY_HEADER, api.getApiKeyHeader());
+        }
         if (api.getApiLevelPolicy() != null) {
             swagger.setVendorExtension(APIConstants.X_THROTTLING_TIER, api.getApiLevelPolicy());
         }
@@ -1678,6 +1681,12 @@ public API setExtensionsToAPI(String apiDefinition, API api) throws APIManagemen
         if (StringUtils.isNotBlank(authHeader)) {
             api.setAuthorizationHeader(authHeader);
         }
+        //Setup custom api key header for API
+        String apiKeyHeader = OASParserUtil.getApiKeyHeaderFromSwagger(extensions);
+        if (StringUtils.isNotBlank(apiKeyHeader)) {
+            api.setApiKeyHeader(apiKeyHeader);
+        }
+
         //Setup application Security
         List<String> applicationSecurity = OASParserUtil.getApplicationSecurityTypes(extensions);
         Boolean isOptional = OASParserUtil.getAppSecurityStateFromSwagger(extensions);

components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/definitions/OAS3Parser.java

@@ -951,6 +951,9 @@ public String getOASDefinitionForPublisher(API api, String oasDefinition) throws
         if (api.getAuthorizationHeader() != null) {
             openAPI.addExtension(APIConstants.X_WSO2_AUTH_HEADER, api.getAuthorizationHeader());
         }
+        if (api.getApiKeyHeader() != null) {
+            openAPI.addExtension(APIConstants.X_WSO2_API_KEY_HEADER, api.getApiKeyHeader());
+        }
         if (api.getApiLevelPolicy() != null) {
             openAPI.addExtension(APIConstants.X_THROTTLING_TIER, api.getApiLevelPolicy());
         }
@@ -1928,6 +1931,12 @@ public API setExtensionsToAPI(String apiDefinition, API api) throws APIManagemen
         if (StringUtils.isNotBlank(authHeader)) {
             api.setAuthorizationHeader(authHeader);
         }
+        //Setup custom api key header for API
+        String apiKeyHeader = OASParserUtil.getApiKeyHeaderFromSwagger(extensions);
+        if (StringUtils.isNotBlank(apiKeyHeader)) {
+            api.setApiKeyHeader(apiKeyHeader);
+        }
+
         //Setup application Security
         List<String> applicationSecurity = OASParserUtil.getApplicationSecurityTypes(extensions);
         Boolean isOptional = OASParserUtil.getAppSecurityStateFromSwagger(extensions);

components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/definitions/OASParserUtil.java

@@ -1649,6 +1649,18 @@ public static String getAuthorizationHeaderFromSwagger(Map<String, Object> exten
         return authorizationHeader == null ? null : authorizationHeader.toString();
     }
 
+    /**
+     * This method returns extension of custom API key Header related to micro-gw
+     *
+     * @param extensions Map<String, Object>
+     * @return API key header header value as String
+     * @throws APIManagementException throws if an error occurred
+     */
+    public static String getApiKeyHeaderFromSwagger(Map<String, Object> extensions) throws APIManagementException {
+        Object apiKeyHeader = extensions.get(APIConstants.X_WSO2_API_KEY_HEADER);
+        return apiKeyHeader == null ? null : apiKeyHeader.toString();
+    }
+
     /**
      * This method returns extension of custom authorization Header related to micro-gw
      *