added tests

components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/inbound/websocket/InboundWebSocketProcessor.java

@@ -96,7 +96,7 @@ public InboundWebSocketProcessor() {
      * @return InboundProcessorResponseDTO with handshake processing response
      */
     public InboundProcessorResponseDTO handleHandshake(FullHttpRequest req, ChannelHandlerContext ctx,
-                                                       InboundMessageContext inboundMessageContext) throws APIManagementException {
+                                                       InboundMessageContext inboundMessageContext) {
 
         InboundProcessorResponseDTO inboundProcessorResponseDTO;
         try {

components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/inbound/websocket/utils/ApiKeyAuthenticator.java

@@ -47,17 +47,16 @@
 import java.util.Map;
 import java.util.HashMap;
 
-public class ApiKeyAuthenticator implements Authenticator {
-
-    private static final Log log = LogFactory.getLog(org.wso2.carbon.apimgt.gateway.inbound.websocket.utils.ApiKeyAuthenticator.class);
+public class ApiKeyAuthenticator {
 
+    private static final Log log = LogFactory.getLog(ApiKeyAuthenticator.class);
     private Boolean jwtGenerationEnabled = null;
     private AbstractAPIMgtGatewayJWTGenerator apiMgtGatewayJWTGenerator = null;
     private ExtendedJWTConfigurationDto jwtConfigurationDto = null;
     private Boolean isGatewayTokenCacheEnabled = null;
     private static volatile long ttl = -1L;
 
-    public InboundProcessorResponseDTO authenticate(InboundMessageContext inboundMessageContext, String authenticationType) throws APISecurityException {
+    public InboundProcessorResponseDTO authenticate(InboundMessageContext inboundMessageContext) throws APISecurityException {
 
         InboundProcessorResponseDTO inboundProcessorResponseDTO = new InboundProcessorResponseDTO();
 
@@ -75,20 +74,20 @@ public InboundProcessorResponseDTO authenticate(InboundMessageContext inboundMes
                         ServiceReferenceHolder.getInstance().getAPIManagerConfiguration().getJwtConfigurationDto();
             }
 
-            if (jwtGenerationEnabled == null) {
+            if (jwtGenerationEnabled == null && jwtConfigurationDto != null) {
                 jwtGenerationEnabled = jwtConfigurationDto.isEnabled();
             }
 
 
-            if (apiMgtGatewayJWTGenerator == null) {
+            if (apiMgtGatewayJWTGenerator == null && jwtConfigurationDto != null) {
                 apiMgtGatewayJWTGenerator = ServiceReferenceHolder.getInstance().getApiMgtGatewayJWTGenerator()
                         .get(jwtConfigurationDto.getGatewayJWTGeneratorImpl());
             }
 
             String tenantDomain = GatewayUtils.getTenantDomain();
             int tenantId = APIUtil.getTenantIdFromTenantDomain(tenantDomain);
 
-            if (jwtGenerationEnabled) {
+            if (jwtGenerationEnabled != null && jwtGenerationEnabled) {
                 // Set certificate to jwtConfigurationDto
                 if (jwtConfigurationDto.isTenantBasedSigningEnabled()) {
                     this.jwtConfigurationDto.setPublicCert(SigningUtil.getPublicCertificate(tenantId));
@@ -516,7 +515,7 @@ private String removeApiKeyFromQueryParameters(String queryParam, String apiKey)
         return queryParam;
     }
 
-    public boolean validateAuthenticationContext(InboundMessageContext inboundMessageContext, AuthenticationContext authenticationContext, String contextHeader) {
+    private boolean validateAuthenticationContext(InboundMessageContext inboundMessageContext, AuthenticationContext authenticationContext, String contextHeader) {
 
         if (authenticationContext == null || !authenticationContext.isAuthenticated()) {
             return false;
@@ -561,7 +560,7 @@ public boolean validateAuthenticationContext(InboundMessageContext inboundMessag
      * @param payload The payload of the JWT token
      * @return returns true if the JWT token is expired
      */
-    private static boolean isJwtTokenExpired(JWTClaimsSet payload) {
+    private boolean isJwtTokenExpired(JWTClaimsSet payload) {
 
         int timestampSkew = (int) OAuthServerConfiguration.getInstance().getTimeStampSkewInSeconds();
 
@@ -590,7 +589,7 @@ private JWTValidationInfo getJwtValidationInfo(SignedJWTInfo signedJWTInfo) {
         return jwtValidationInfo;
     }
 
-    public String getContextHeader() {
+    private String getContextHeader() {
         APIManagerConfiguration apimConf = ServiceReferenceHolder.getInstance().getAPIManagerConfiguration();
         JWTConfigurationDto jwtConfigDto = apimConf.getJwtConfigurationDto();
         return jwtConfigDto.getJwtHeader();

components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/inbound/websocket/utils/InboundWebsocketProcessorUtil.java

@@ -58,7 +58,6 @@
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
-import java.util.ArrayList;
 import java.util.TreeMap;
 
 /**
@@ -327,12 +326,14 @@ public static InboundProcessorResponseDTO authenticateToken(InboundMessageContex
         return authenticateToken(inboundMessageContext, APIConstants.WEBSOCKET_FRAME);
     }
 
-    public static InboundProcessorResponseDTO authenticateToken(InboundMessageContext inboundMessageContext, String authenticationType) throws APISecurityException {
+    public static InboundProcessorResponseDTO authenticateToken(InboundMessageContext inboundMessageContext,
+                                                                String authenticationType) throws APISecurityException {
 
         if (inboundMessageContext.getRequestHeaders().get(WebsocketUtil.authorizationHeader) != null) {
             return new OAuthAuthenticator().authenticate(inboundMessageContext, authenticationType);
-        } else if (inboundMessageContext.getRequestHeaders().get(APIConstants.API_KEY_HEADER_QUERY_PARAM) != null || inboundMessageContext.getApiKeyFromQueryParams() != null) {
-            return new ApiKeyAuthenticator().authenticate(inboundMessageContext, authenticationType);
+        } else if (inboundMessageContext.getRequestHeaders().get(APIConstants.API_KEY_HEADER_QUERY_PARAM) != null ||
+                inboundMessageContext.getApiKeyFromQueryParams() != null) {
+            return new ApiKeyAuthenticator().authenticate(inboundMessageContext);
         } else {
             throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR,
                     APISecurityConstants.API_AUTH_GENERAL_ERROR_MESSAGE);

components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/inbound/websocket/utils/OAuthAuthenticator.java

@@ -25,14 +25,13 @@
 import java.text.ParseException;
 import java.util.List;
 
-public class OAuthAuthenticator implements Authenticator {
+public class OAuthAuthenticator {
 
     private static final Log log = LogFactory.getLog(OAuthAuthenticator.class);
 
     public OAuthAuthenticator() {
     }
 
-    @Override
     public InboundProcessorResponseDTO authenticate(InboundMessageContext inboundMessageContext, String authenticationType) throws APISecurityException {
 
         InboundProcessorResponseDTO inboundProcessorResponseDTO = new InboundProcessorResponseDTO();
@@ -99,8 +98,9 @@ public InboundProcessorResponseDTO authenticate(InboundMessageContext inboundMes
                 }
                 validateScopes = !APIConstants.GRAPHQL_API.equals(inboundMessageContext.getElectedAPI().getApiType());
             } else {
-                inboundProcessorResponseDTO.setError(true);
-                return inboundProcessorResponseDTO;
+                return InboundWebsocketProcessorUtil.getFrameErrorDTO(
+                        WebSocketApiConstants.FrameErrorConstants.API_AUTH_INVALID_CREDENTIALS,
+                        APISecurityConstants.API_AUTH_INVALID_CREDENTIALS_MESSAGE, true);
             }
         }