diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/.openapi-generator/admin-api.yaml.sha256 b/all-in-one-apim/modules/integration/tests-common/clients/admin/.openapi-generator/admin-api.yaml.sha256 index 13b9dfee86..cd41b106a4 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/.openapi-generator/admin-api.yaml.sha256 +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/.openapi-generator/admin-api.yaml.sha256 @@ -1 +1 @@ -78ed265fd35a27be7c0e48a4c961eb536f9115d2bf2485e049e0b9494b75fca9 \ No newline at end of file +7dbcb48cba3146d3d5a584c1de62429c0050ef7c247df95a07b587d292b26d0c \ No newline at end of file diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/api/openapi.yaml b/all-in-one-apim/modules/integration/tests-common/clients/admin/api/openapi.yaml index 531357baa9..f9c0dbf177 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/api/openapi.yaml +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/api/openapi.yaml @@ -3,20 +3,20 @@ info: contact: email: architecture@wso2.com name: WSO2 - url: http://wso2.com/products/api-manager/ + url: https://wso2.com/api-manager/ description: | This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. - Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. + Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication - Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking + The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { - "callbackUrl":"www.google.lk", + "callbackUrl":"www.example.com", "clientName":"rest_api_admin", "owner":"admin", "grantType":"client_credentials password refresh_token", @@ -40,15 +40,18 @@ info: { "clientId": "fOCi4vNJ59PpHucC2CAYfYuADdMa", "clientName": "rest_api_admin", - "callBackURL": "www.google.lk", + "callBackURL": "www.example.com", "clientSecret": "a4FwHlq0iCIKVs2MPIIDnepZnYMa", "isSaasApplication": true, "appOwner": "admin", - "jsonString": "{\"grant_types\":\"client_credentials password refresh_token\",\"redirect_uris\":\"www.google.lk\",\"client_name\":\"rest_api_admin\"}", + "jsonString": "{\"grant_types\":\"client_credentials password refresh_token\",\"redirect_uris\":\"www.example.com\",\"client_name\":\"rest_api_admin\"}", "jsonAppAttribute": "{}", "tokenType": null } ``` + Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. + The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. + Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section @@ -57,11 +60,11 @@ info: ``` curl -k -d "grant_type=password&username=&password=&scope=" \ -H "Authorization: Basic base64(cliet_id:client_secret)" - \ https://:/token + \ https://:/oauth2/token ``` **Sample request** ``` - curl https://localhost:8243/token -k \ + curl https://localhost:9443/oauth2/token -k \ -H "Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h" \ -d "grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view" ``` @@ -85,7 +88,7 @@ info: * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. - [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) license: name: Apache 2.0 url: http://www.apache.org/licenses/LICENSE-2.0.html @@ -102,7 +105,7 @@ paths: parameters: - description: | **Search**. - You can search by providing a keyword. Allowed to search by type only. + You can search by providing a keyword. Allowed to search by type and name only. explode: true in: query name: query @@ -130,10 +133,12 @@ paths: - OAuth2Security: - apim:admin - apim:tier_view + - apim:admin_tier_view + - apim:policies_import_export summary: | Retrieve/Search Throttling Policies tags: - - Throttling Policy Search + - Unified Search x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" @@ -154,26 +159,6 @@ paths: default: application/json type: string style: simple - - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - explode: false - in: header - name: If-None-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header of the - formerly retrieved variant of the resource (Will be supported in future). - explode: false - in: header - name: If-Modified-Since - required: false - schema: - type: string - style: simple responses: "200": content: @@ -184,21 +169,6 @@ paths: OK. Policies returned headers: - ETag: - description: | - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple Content-Type: description: | The content type of the body. @@ -206,11 +176,6 @@ paths: schema: type: string style: simple - "304": - content: {} - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). "406": content: application/json: @@ -227,11 +192,12 @@ paths: - OAuth2Security: - apim:admin - apim:tier_view + - apim:admin_tier_view summary: Get all Application Throttling Policies tags: - Application Policy (Collection) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/application"' x-accepts: application/json @@ -267,6 +233,7 @@ paths: displayName: 20PerMin description: Allows 20 request per minute isDeployed: true + type: ApplicationThrottlePolicy defaultLimit: type: REQUESTCOUNTLIMIT requestCount: @@ -280,14 +247,6 @@ paths: Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple Location: description: | Location of the newly created Policy object. @@ -331,11 +290,12 @@ paths: - OAuth2Security: - apim:admin - apim:tier_manage + - apim:admin_tier_manage summary: Add an Application Throttling Policy tags: - Application Policy (Collection) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/application"' x-contentType: application/json @@ -354,24 +314,6 @@ paths: schema: type: string style: simple - - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). - explode: false - in: header - name: If-Unmodified-Since - required: false - schema: - type: string - style: simple responses: "200": content: {} @@ -390,29 +332,17 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "412": - content: - application/json: - example: - code: 412 - message: Precondition Failed - description: The request has not been performed because one of the - preconditions is not met - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Precondition Failed. The request has not been performed because - one of the preconditions is not met. security: - OAuth2Security: - apim:admin - apim:tier_manage + - apim:admin_tier_manage + - apim:policies_import_export summary: Delete an Application Throttling policy tags: - Application Policy (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/application/4e098fff-7f94-459a-981f-d257332f69d0"' x-accepts: application/json @@ -429,26 +359,6 @@ paths: schema: type: string style: simple - - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - explode: false - in: header - name: If-None-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header of the - formerly retrieved variant of the resource (Will be supported in future). - explode: false - in: header - name: If-Modified-Since - required: false - schema: - type: string - style: simple responses: "200": content: @@ -459,6 +369,7 @@ paths: displayName: 20PerMin description: Allows 20 request per minute isDeployed: true + type: ApplicationThrottlePolicy defaultLimit: type: REQUESTCOUNTLIMIT requestCount: @@ -471,22 +382,6 @@ paths: OK. Policy returned headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple Content-Type: description: | The content type of the body. @@ -494,11 +389,6 @@ paths: schema: type: string style: simple - "304": - content: {} - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). "404": content: application/json: @@ -527,11 +417,12 @@ paths: - OAuth2Security: - apim:admin - apim:tier_view + - apim:admin_tier_view summary: Get an Application Throttling Policy tags: - Application Policy (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/application/4e098fff-7f94-459a-981f-d257332f69d0"' x-accepts: application/json @@ -558,24 +449,6 @@ paths: default: application/json type: string style: simple - - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). - explode: false - in: header - name: If-Unmodified-Since - required: false - schema: - type: string - style: simple requestBody: content: application/json: @@ -594,6 +467,7 @@ paths: displayName: 20PerMin description: Allows 20 request per minute isDeployed: true + type: ApplicationThrottlePolicy defaultLimit: type: REQUESTCOUNTLIMIT requestCount: @@ -606,22 +480,6 @@ paths: OK. Policy updated. headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional request. - explode: false - schema: - type: string - style: simple - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional reuquests. - explode: false - schema: - type: string - style: simple Location: description: | The URL of the newly created resource. @@ -660,66 +518,25 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "412": - content: - application/json: - example: - code: 412 - message: Precondition Failed - description: The request has not been performed because one of the - preconditions is not met - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Precondition Failed. The request has not been performed because - one of the preconditions is not met. security: - OAuth2Security: - apim:admin - apim:tier_manage + - apim:admin_tier_manage summary: Update an Application Throttling policy tags: - Application Policy (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/application/4e098fff-7f94-459a-981f-d257332f69d0"' x-contentType: application/json x-accepts: application/json - /policies/mediation: + /throttling/policies/subscription: get: description: | - This operation provides you a list of all available global mediation policies. + This operation can be used to retrieve all Subscription level throttling policies. parameters: - - description: | - Maximum size of resource array to return. - explode: true - in: query - name: limit - required: false - schema: - default: 25 - type: integer - style: form - - description: | - Starting point within the complete list of items qualified. - explode: true - in: query - name: offset - required: false - schema: - default: 0 - type: integer - style: form - - description: -Not supported yet- - explode: true - in: query - name: query - required: false - schema: - type: string - style: form - description: | Media types acceptable for the response. Default is application/json. explode: false @@ -730,44 +547,23 @@ paths: default: application/json type: string style: simple - - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - explode: false - in: header - name: If-None-Match - required: false - schema: - type: string - style: simple responses: "200": content: application/json: schema: - $ref: '#/components/schemas/mediationList' + $ref: '#/components/schemas/SubscriptionThrottlePolicyList' description: | OK. - List of mediation policies is returned. + Policies returned headers: - ETag: - description: | - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple Content-Type: - description: The content type of the body. + description: | + The content type of the body. explode: false schema: type: string style: simple - "304": - content: {} - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). "406": content: application/json: @@ -783,19 +579,19 @@ paths: security: - OAuth2Security: - apim:admin - - apim:mediation_policy_view - summary: | - Get all Global Mediation Policies + - apim:tier_view + - apim:admin_tier_view + summary: Get all Subscription Throttling Policies tags: - - Mediation Policy (Collection) + - Subscription Policy (Collection) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/policies/mediation"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription"' x-accepts: application/json post: description: | - This operation can be used to add a new global mediation policy. + This operation can be used to add a Subscription level throttling policy specifying the details of the policy in the payload. parameters: - description: | Media type of the entity in the body. Default is application/json. @@ -807,60 +603,46 @@ paths: default: application/json type: string style: simple - - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). - explode: false - in: header - name: If-Unmodified-Since - required: false - schema: - type: string - style: simple requestBody: content: application/json: schema: - $ref: '#/components/schemas/Mediation' - description: mediation policy to upload + $ref: '#/components/schemas/SubscriptionThrottlePolicy' + description: | + Subscripion level policy object that should to be added required: true responses: - "200": + "201": content: application/json: + example: + policyId: 78c3ebff-176d-40d8-9377-fb3276528291 + policyName: Gold + displayName: Gold + description: Allows 5000 requests per minute + isDeployed: true + graphQLMaxComplexity: 0 + graphQLMaxDepth: 0 + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 5000 + rateLimitCount: 0 + customAttributes: [] + stopOnQuotaReach: true + billingPlan: FREE schema: - $ref: '#/components/schemas/Mediation' + $ref: '#/components/schemas/SubscriptionThrottlePolicy' description: | - OK. - Mediation policy added successfully. + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple Location: description: | - The URL of the uploaded thumbnail image of the API. + Location of the newly created Policy object. explode: false schema: type: string @@ -884,97 +666,53 @@ paths: schema: $ref: '#/components/schemas/Error' description: Bad Request. Invalid request or validation error. - "404": - content: - application/json: - example: - code: 404 - message: Not Found - description: The specified resource does not exist - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. - "412": + "415": content: application/json: example: - code: 412 - message: Precondition Failed - description: The request has not been performed because one of the - preconditions is not met + code: 415 + message: Unsupported media type + description: The entity of the request was not in a supported format moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Precondition Failed. The request has not been performed because - one of the preconditions is not met. + description: Unsupported Media Type. The entity of the request was not in + a supported format. security: - OAuth2Security: - apim:admin - - apim:mediation_policy_create - summary: Add a Global Mediation Policy + - apim:tier_manage + - apim:admin_tier_manage + summary: Add a Subscription Throttling Policy tags: - - Mediation Policy (Collection) + - Subscription Policy (Collection) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/policies/mediation"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription"' x-contentType: application/json x-accepts: application/json - /policies/mediation/{mediationPolicyId}: + /throttling/policies/subscription/{policyId}: delete: description: | - This operation can be used to delete an existing global mediation policy providing the Id of the mediation policy. + This operation can be used to delete a subscription level throttling policy by specifying the Id of the policy as a path paramter. parameters: - description: | - Mediation policy Id + Thorttle policy UUID explode: false in: path - name: mediationPolicyId + name: policyId required: true schema: type: string style: simple - - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). - explode: false - in: header - name: If-Unmodified-Since - required: false - schema: - type: string - style: simple responses: "200": content: {} description: | OK. - Mediation policy successfully deleted. - "403": - content: - application/json: - example: - code: 403 - message: Forbidden - description: The request must be conditional but no condition has - been specified - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Forbidden. The request must be conditional but no condition - has been specified. + Resource successfully deleted. "404": content: application/json: @@ -987,101 +725,61 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "412": - content: - application/json: - example: - code: 412 - message: Precondition Failed - description: The request has not been performed because one of the - preconditions is not met - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Precondition Failed. The request has not been performed because - one of the preconditions is not met. security: - OAuth2Security: - apim:admin - - apim:mediation_policy_create - summary: Delete a Global Mediation Policy + - apim:tier_manage + - apim:admin_tier_manage + - apim:policies_import_export + summary: Delete a Subscription Policy tags: - - Mediation Policy (Individual) + - Subscription Policy (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/policies/mediation/2253cf01-0356-4cc1-9941-3034a8c29007"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' x-accepts: application/json get: description: | - This operation can be used to retrieve a particular global mediation policy. + This operation can be used to retrieves subscription level throttling policy by specifying the Id of the policy as a path paramter parameters: - description: | - Mediation policy Id + Thorttle policy UUID explode: false in: path - name: mediationPolicyId + name: policyId required: true schema: type: string style: simple - - description: | - Media types acceptable for the response. Default is application/json. - explode: false - in: header - name: Accept - required: false - schema: - default: application/json - type: string - style: simple - - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - explode: false - in: header - name: If-None-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header of the - formerly retrieved variant of the resource (Will be supported in future). - explode: false - in: header - name: If-Modified-Since - required: false - schema: - type: string - style: simple responses: "200": content: application/json: + example: + policyId: 78c3ebff-176d-40d8-9377-fb3276528291 + policyName: Gold + displayName: Gold + description: Allows 5000 requests per minute + isDeployed: true + graphQLMaxComplexity: 0 + graphQLMaxDepth: 0 + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 5000 + rateLimitCount: 0 + customAttributes: [] + stopOnQuotaReach: true + billingPlan: FREE schema: - $ref: '#/components/schemas/Mediation' + $ref: '#/components/schemas/SubscriptionThrottlePolicy' description: | OK. - Mediation Policy returned. + Policy returned headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple Content-Type: description: | The content type of the body. @@ -1089,11 +787,6 @@ paths: schema: type: string style: simple - "304": - content: {} - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). "404": content: application/json: @@ -1121,24 +814,25 @@ paths: security: - OAuth2Security: - apim:admin - - apim:mediation_policy_view - summary: Get a Global Mediation Policy + - apim:tier_view + - apim:admin_tier_view + summary: Get a Subscription Policy tags: - - Mediation Policy (Individual) + - Subscription Policy (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/policies/mediation/2253cf01-0356-4cc1-9941-3034a8c29007"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' x-accepts: application/json put: description: | - This operation can be used to update an existing global mediation policy. + Updates an existing subscription level throttling policy. parameters: - description: | - Mediation policy Id + Thorttle policy UUID explode: false in: path - name: mediationPolicyId + name: policyId required: true schema: type: string @@ -1153,57 +847,42 @@ paths: default: application/json type: string style: simple - - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). - explode: false - in: header - name: If-Unmodified-Since - required: false - schema: - type: string - style: simple requestBody: content: application/json: schema: - $ref: '#/components/schemas/Mediation' + $ref: '#/components/schemas/SubscriptionThrottlePolicy' description: | - Mediation policy object that needs to be updated + Policy object that needs to be modified required: true responses: "200": content: application/json: + example: + policyId: 78c3ebff-176d-40d8-9377-fb3276528291 + policyName: Gold + displayName: Gold + description: Allows 5000 requests per minute + isDeployed: true + graphQLMaxComplexity: 0 + graphQLMaxDepth: 0 + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 5000 + rateLimitCount: 0 + customAttributes: [] + stopOnQuotaReach: true + billingPlan: FREE schema: - $ref: '#/components/schemas/Mediation' + $ref: '#/components/schemas/SubscriptionThrottlePolicy' description: | OK. - Successful response with updated mediation policy object + Policy updated. headers: - ETag: - description: | - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple Location: description: | The URL of the newly created resource. @@ -1230,20 +909,6 @@ paths: schema: $ref: '#/components/schemas/Error' description: Bad Request. Invalid request or validation error. - "403": - content: - application/json: - example: - code: 403 - message: Forbidden - description: The request must be conditional but no condition has - been specified - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Forbidden. The request must be conditional but no condition - has been specified. "404": content: application/json: @@ -1256,37 +921,27 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "412": - content: - application/json: - example: - code: 412 - message: Precondition Failed - description: The request has not been performed because one of the - preconditions is not met - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Precondition Failed. The request has not been performed because - one of the preconditions is not met. security: - OAuth2Security: - apim:admin - - apim:mediation_policy_create - summary: Update a Global Mediation Policy + - apim:tier_manage + - apim:admin_tier_manage + summary: Update a Subscription Policy tags: - - Mediation Policy (Individual) + - Subscription Policy (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/policies/mediation/2253cf01-0356-4cc1-9941-3034a8c29007"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' x-contentType: application/json x-accepts: application/json - /throttling/policies/subscription: + /throttling/policies/custom: get: description: | - This operation can be used to retrieve all Subscription level throttling policies. + Retrieves all custom rules. + + **NOTE:** + * Only super tenant users are allowed for this operation. parameters: - description: | Media types acceptable for the response. Default is application/json. @@ -1298,52 +953,16 @@ paths: default: application/json type: string style: simple - - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - explode: false - in: header - name: If-None-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header of the - formerly retrieved variant of the resource (Will be supported in future). - explode: false - in: header - name: If-Modified-Since - required: false - schema: - type: string - style: simple responses: "200": content: application/json: schema: - $ref: '#/components/schemas/SubscriptionThrottlePolicyList' + $ref: '#/components/schemas/CustomRuleList' description: | OK. Policies returned headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple Content-Type: description: | The content type of the body. @@ -1351,11 +970,6 @@ paths: schema: type: string style: simple - "304": - content: {} - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). "406": content: application/json: @@ -1372,17 +986,21 @@ paths: - OAuth2Security: - apim:admin - apim:tier_view - summary: Get all Subscription Throttling Policies + - apim:admin_tier_view + summary: Get all Custom Rules tags: - - Subscription Policy (Collection) + - Custom Rules (Collection) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom"' x-accepts: application/json post: description: | - This operation can be used to add a Subscription level throttling policy specifying the details of the policy in the payload. + Adds a new custom rule. + + **NOTE:** + * Only super tenant users are allowed for this operation. parameters: - description: | Media type of the entity in the body. Default is application/json. @@ -1398,51 +1016,36 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SubscriptionThrottlePolicy' + $ref: '#/components/schemas/CustomRule' description: | - Subscripion level policy object that should to be added + Custom Rule object that should to be added required: true responses: "201": content: application/json: example: - policyId: 78c3ebff-176d-40d8-9377-fb3276528291 - policyName: Gold - displayName: Gold - description: Allows 5000 requests per minute + policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 + policyName: custom + description: Allow 10 requests per minute for admin user isDeployed: true - graphQLMaxComplexity: 0 - graphQLMaxDepth: 0 - subscriberCount: 0 - defaultLimit: - type: REQUESTCOUNTLIMIT - requestCount: - timeUnit: min - unitTime: 1 - requestCount: 5000 - rateLimitCount: 0 - customAttributes: [] - stopOnQuotaReach: true - billingPlan: FREE + siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ + \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ + INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ + \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ + \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ + \ ResultStream;" + keyTemplate: $userId schema: - $ref: '#/components/schemas/SubscriptionThrottlePolicy' + $ref: '#/components/schemas/CustomRule' description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple Location: description: | - Location of the newly created Policy object. + Location of the newly created resource. explode: false schema: type: string @@ -1483,47 +1086,33 @@ paths: - OAuth2Security: - apim:admin - apim:tier_manage - summary: Add a Subscription Throttling Policy + - apim:admin_tier_manage + summary: Add a Custom Rule tags: - - Subscription Policy (Collection) + - Custom Rules (Collection) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom"' x-contentType: application/json x-accepts: application/json - /throttling/policies/subscription/{policyId}: + /throttling/policies/custom/{ruleId}: delete: description: | - This operation can be used to delete a subscription level throttling policy by specifying the Id of the policy as a path paramter. + Delete a custom rule. We need to provide the Id of the policy as a path parameter. + + **NOTE:** + * Only super tenant users are allowed for this operation. parameters: - description: | - Thorttle policy UUID + Custom rule UUID explode: false in: path - name: policyId + name: ruleId required: true schema: type: string style: simple - - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). - explode: false - in: header - name: If-Unmodified-Since - required: false - schema: - type: string - style: simple responses: "200": content: {} @@ -1542,110 +1131,58 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "412": - content: - application/json: - example: - code: 412 - message: Precondition Failed - description: The request has not been performed because one of the - preconditions is not met - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Precondition Failed. The request has not been performed because - one of the preconditions is not met. security: - OAuth2Security: - apim:admin - apim:tier_manage - summary: Delete a Subscription Policy + - apim:admin_tier_manage + - apim:policies_import_export + summary: Delete a Custom Rule tags: - - Subscription Policy (Individual) + - Custom Rules (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' x-accepts: application/json get: description: | - This operation can be used to retrieves subscription level throttling policy by specifying the Id of the policy as a path paramter + Retrieves a custom rule. We need to provide the policy Id as a path parameter. + + **NOTE:** + * Only super tenant users are allowed for this operation. parameters: - description: | - Thorttle policy UUID + Custom rule UUID explode: false in: path - name: policyId + name: ruleId required: true schema: type: string style: simple - - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - explode: false - in: header - name: If-None-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header of the - formerly retrieved variant of the resource (Will be supported in future). - explode: false - in: header - name: If-Modified-Since - required: false - schema: - type: string - style: simple responses: "200": content: application/json: example: - policyId: 78c3ebff-176d-40d8-9377-fb3276528291 - policyName: Gold - displayName: Gold - description: Allows 5000 requests per minute + policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 + policyName: custom + description: Allow 10 requests per minute for admin user isDeployed: true - graphQLMaxComplexity: 0 - graphQLMaxDepth: 0 - subscriberCount: 0 - defaultLimit: - type: REQUESTCOUNTLIMIT - requestCount: - timeUnit: min - unitTime: 1 - requestCount: 5000 - rateLimitCount: 0 - customAttributes: [] - stopOnQuotaReach: true - billingPlan: FREE + siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ + \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ + INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ + \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ + \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ + \ ResultStream;" + keyTemplate: $userId schema: - $ref: '#/components/schemas/SubscriptionThrottlePolicy' + $ref: '#/components/schemas/CustomRule' description: | OK. Policy returned headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple Content-Type: description: | The content type of the body. @@ -1653,11 +1190,6 @@ paths: schema: type: string style: simple - "304": - content: {} - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). "404": content: application/json: @@ -1686,23 +1218,27 @@ paths: - OAuth2Security: - apim:admin - apim:tier_view - summary: Get a Subscription Policy + - apim:admin_tier_view + summary: Get a Custom Rule tags: - - Subscription Policy (Individual) + - Custom Rules (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' x-accepts: application/json put: description: | - Updates an existing subscription level throttling policy. + Updates an existing custom rule. + + **NOTE:** + * Only super tenant users are allowed for this operation. parameters: - description: | - Thorttle policy UUID + Custom rule UUID explode: false in: path - name: policyId + name: ruleId required: true schema: type: string @@ -1717,29 +1253,11 @@ paths: default: application/json type: string style: simple - - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). - explode: false - in: header - name: If-Unmodified-Since - required: false - schema: - type: string - style: simple requestBody: content: application/json: schema: - $ref: '#/components/schemas/SubscriptionThrottlePolicy' + $ref: '#/components/schemas/CustomRule' description: | Policy object that needs to be modified required: true @@ -1748,46 +1266,23 @@ paths: content: application/json: example: - policyId: 78c3ebff-176d-40d8-9377-fb3276528291 - policyName: Gold - displayName: Gold - description: Allows 5000 requests per minute + policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 + policyName: custom + description: Allow 10 requests per minute for admin user isDeployed: true - graphQLMaxComplexity: 0 - graphQLMaxDepth: 0 - subscriberCount: 0 - defaultLimit: - type: REQUESTCOUNTLIMIT - requestCount: - timeUnit: min - unitTime: 1 - requestCount: 5000 - rateLimitCount: 0 - customAttributes: [] - stopOnQuotaReach: true - billingPlan: FREE + siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ + \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ + INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ + \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ + \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ + \ ResultStream;" + keyTemplate: $userId schema: - $ref: '#/components/schemas/SubscriptionThrottlePolicy' + $ref: '#/components/schemas/CustomRule' description: | OK. Policy updated. headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple Location: description: | The URL of the newly created resource. @@ -1826,40 +1321,24 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "412": - content: - application/json: - example: - code: 412 - message: Precondition Failed - description: The request has not been performed because one of the - preconditions is not met - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Precondition Failed. The request has not been performed because - one of the preconditions is not met. security: - OAuth2Security: - apim:admin - apim:tier_manage - summary: Update a Subscription Policy + - apim:admin_tier_manage + summary: Update a Custom Rule tags: - - Subscription Policy (Individual) + - Custom Rules (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' x-contentType: application/json x-accepts: application/json - /throttling/policies/custom: + /throttling/policies/advanced: get: description: | - Retrieves all custom rules. - - **NOTE:** - * Only super tenant users are allowed for this operation. + Retrieves all existing advanced throttling policies. parameters: - description: | Media types acceptable for the response. Default is application/json. @@ -1871,52 +1350,16 @@ paths: default: application/json type: string style: simple - - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - explode: false - in: header - name: If-None-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header of the - formerly retrieved variant of the resource (Will be supported in future). - explode: false - in: header - name: If-Modified-Since - required: false - schema: - type: string - style: simple responses: "200": content: application/json: schema: - $ref: '#/components/schemas/CustomRuleList' + $ref: '#/components/schemas/AdvancedThrottlePolicyList' description: | OK. Policies returned headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple Content-Type: description: | The content type of the body. @@ -1924,11 +1367,6 @@ paths: schema: type: string style: simple - "304": - content: {} - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). "406": content: application/json: @@ -1945,20 +1383,18 @@ paths: - OAuth2Security: - apim:admin - apim:tier_view - summary: Get all Custom Rules + - apim:admin_tier_view + summary: Get all Advanced Throttling Policies tags: - - Custom Rules (Collection) + - Advanced Policy (Collection) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced"' x-accepts: application/json post: description: | - Adds a new custom rule. - - **NOTE:** - * Only super tenant users are allowed for this operation. + Add a new advanced throttling policy. parameters: - description: | Media type of the entity in the body. Default is application/json. @@ -1974,44 +1410,37 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CustomRule' + $ref: '#/components/schemas/AdvancedThrottlePolicy' description: | - Custom Rule object that should to be added + Advanced level policy object that should to be added required: true responses: "201": content: application/json: example: - policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 - policyName: custom - description: Allow 10 requests per minute for admin user + policyId: 4cf46441-a538-4f79-a499-ab81200c9bca + policyName: 10KPerMin + displayName: 10KPerMin + description: Allows 10000 requests per minute isDeployed: true - siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ - \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ - INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ - \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ - \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ - \ ResultStream;" - keyTemplate: $userId + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 10000 + conditionalGroups: [] schema: - $ref: '#/components/schemas/CustomRule' + $ref: '#/components/schemas/AdvancedThrottlePolicy' description: | Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple Location: description: | - Location of the newly created resource. + Location of the newly created Advanced Throttling Policy. explode: false schema: type: string @@ -2052,50 +1481,30 @@ paths: - OAuth2Security: - apim:admin - apim:tier_manage - summary: Add a Custom Rule + - apim:admin_tier_manage + summary: Add an Advanced Throttling Policy tags: - - Custom Rules (Collection) + - Advanced Policy (Collection) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced"' x-contentType: application/json x-accepts: application/json - /throttling/policies/custom/{ruleId}: + /throttling/policies/advanced/{policyId}: delete: description: | - Delete a custom rule. We need to provide the Id of the policy as a path parameter. - - **NOTE:** - * Only super tenant users are allowed for this operation. + Deletes an advanced throttling policy. parameters: - description: | - Custom rule UUID + Thorttle policy UUID explode: false in: path - name: ruleId + name: policyId required: true schema: type: string style: simple - - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). - explode: false - in: header - name: If-Unmodified-Since - required: false - schema: - type: string - style: simple responses: "200": content: {} @@ -2114,118 +1523,63 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "412": - content: - application/json: - example: - code: 412 - message: Precondition Failed - description: The request has not been performed because one of the - preconditions is not met - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Precondition Failed. The request has not been performed because - one of the preconditions is not met. security: - OAuth2Security: - apim:admin - apim:tier_manage - summary: Delete a Custom Rule + - apim:admin_tier_manage + - apim:policies_import_export + summary: Delete an Advanced Throttling Policy tags: - - Custom Rules (Individual) + - Advanced Policy (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' x-accepts: application/json get: description: | - Retrieves a custom rule. We need to provide the policy Id as a path parameter. - - **NOTE:** - * Only super tenant users are allowed for this operation. + Retrieves an advanced throttling policy. parameters: - description: | - Custom rule UUID + Thorttle policy UUID explode: false in: path - name: ruleId + name: policyId required: true schema: type: string style: simple - - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - explode: false - in: header - name: If-None-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header of the - formerly retrieved variant of the resource (Will be supported in future). - explode: false - in: header - name: If-Modified-Since - required: false - schema: - type: string - style: simple responses: "200": content: application/json: example: - policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 - policyName: custom - description: Allow 10 requests per minute for admin user + policyId: 4cf46441-a538-4f79-a499-ab81200c9bca + policyName: 10KPerMin + displayName: 10KPerMin + description: Allows 10000 requests per minute isDeployed: true - siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ - \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ - INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ - \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ - \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ - \ ResultStream;" - keyTemplate: $userId + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 10000 + conditionalGroups: [] schema: - $ref: '#/components/schemas/CustomRule' + $ref: '#/components/schemas/AdvancedThrottlePolicy' description: | OK. Policy returned headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Last-Modified: + Content-Type: description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). + The content type of the body. explode: false schema: type: string style: simple - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple - "304": - content: {} - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). "404": content: application/json: @@ -2254,26 +1608,24 @@ paths: - OAuth2Security: - apim:admin - apim:tier_view - summary: Get a Custom Rule + - apim:admin_tier_view + summary: Get an Advanced Throttling Policy tags: - - Custom Rules (Individual) + - Advanced Policy (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' x-accepts: application/json put: description: | - Updates an existing custom rule. - - **NOTE:** - * Only super tenant users are allowed for this operation. + Updates an existing Advanced throttling policy. parameters: - description: | - Custom rule UUID + Thorttle policy UUID explode: false in: path - name: ruleId + name: policyId required: true schema: type: string @@ -2288,29 +1640,11 @@ paths: default: application/json type: string style: simple - - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). - explode: false - in: header - name: If-Unmodified-Since - required: false - schema: - type: string - style: simple requestBody: content: application/json: schema: - $ref: '#/components/schemas/CustomRule' + $ref: '#/components/schemas/AdvancedThrottlePolicy' description: | Policy object that needs to be modified required: true @@ -2319,39 +1653,24 @@ paths: content: application/json: example: - policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 - policyName: custom - description: Allow 10 requests per minute for admin user + policyId: 4cf46441-a538-4f79-a499-ab81200c9bca + policyName: 10KPerMin + displayName: 10KPerMin + description: Allows 10000 requests per minute isDeployed: true - siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ - \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ - INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ - \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ - \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ - \ ResultStream;" - keyTemplate: $userId + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 10000 + conditionalGroups: [] schema: - $ref: '#/components/schemas/CustomRule' + $ref: '#/components/schemas/AdvancedThrottlePolicy' description: | OK. Policy updated. headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple Location: description: | The URL of the newly created resource. @@ -2390,94 +1709,93 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "412": - content: - application/json: - example: - code: 412 - message: Precondition Failed - description: The request has not been performed because one of the - preconditions is not met - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Precondition Failed. The request has not been performed because - one of the preconditions is not met. security: - OAuth2Security: - apim:admin - apim:tier_manage - summary: Update a Custom Rule + - apim:admin_tier_manage + summary: Update an Advanced Throttling Policy tags: - - Custom Rules (Individual) + - Advanced Policy (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' x-contentType: application/json x-accepts: application/json - /throttling/policies/advanced: + /throttling/policies/export: get: description: | - Retrieves all existing advanced throttling policies. + This operation can be used to export the details of a particular Throttling Policy. + operationId: exportThrottlingPolicy parameters: - - description: | - Media types acceptable for the response. Default is application/json. - explode: false - in: header - name: Accept + - description: UUID of the ThrottlingPolicy + explode: true + in: query + name: policyId required: false schema: - default: application/json type: string - style: simple + style: form - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - explode: false - in: header - name: If-None-Match + Throttling Policy Name + explode: true + in: query + name: name required: false schema: type: string - style: simple + style: form - description: | - Validator for conditional requests; based on Last Modified header of the - formerly retrieved variant of the resource (Will be supported in future). - explode: false - in: header - name: If-Modified-Since + Type of the Throttling Policy + explode: true + in: query + name: type required: false schema: + enum: + - sub + - app + - api + - global type: string - style: simple + style: form responses: "200": content: application/json: + example: + type: rate-limiting policy + subtype: application + version: v4.1.0 + data: + policyId: cd828243-a0db-430c-97e9-9e41fd865d48 + policyName: 50PerMin + displayName: 50PerMin + description: Allows 50 request per minute + isDeployed: true + type: ApplicationThrottlePolicy + defaultLimit: + type: BANDWIDTHLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 50 + bandwidth: + timeUnit: min + unitTime: 5 + dataAmount: 100 + dataUnit: MB + eventCount: + timeUnit: min + unitTime: 5 + eventCount: 16 schema: - $ref: '#/components/schemas/AdvancedThrottlePolicyList' + $ref: '#/components/schemas/ExportThrottlePolicy' description: | OK. - Policies returned + Export Successful. headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple Content-Type: description: | The content type of the body. @@ -2485,92 +1803,250 @@ paths: schema: type: string style: simple - "304": - content: {} - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - "406": + "404": content: application/json: example: - code: 406 - message: Not Acceptable - description: The requested media type is not supported + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Acceptable. The requested media type is not supported. + description: Not Found. The specified resource does not exist. + "500": + content: + application/json: + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:tier_view - summary: Get all Advanced Throttling Policies + - apim:tier_manage + - apim:admin_tier_manage + - apim:policies_import_export + summary: Export a Throttling Policy tags: - - Advanced Policy (Collection) + - Import Export x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/export?policyId=96077508-fd01-4fae-bc64-5de0e2baf43c&name=Bronze&type=sub&format=YAML"' x-accepts: application/json + /throttling/policies/import: post: description: | - Add a new advanced throttling policy. + This operation can be used to import a Throttling Policy + operationId: importThrottlingPolicy parameters: - description: | - Media type of the entity in the body. Default is application/json. - explode: false - in: header - name: Content-Type - required: true + Update an existing throttlingpolicy with the same name + explode: true + in: query + name: overwrite + required: false schema: - default: application/json - type: string - style: simple + type: boolean + style: form requestBody: content: - application/json: + multipart/form-data: schema: - $ref: '#/components/schemas/AdvancedThrottlePolicy' - description: | - Advanced level policy object that should to be added + properties: + file: + description: Json File + format: binary + type: string + required: + - file required: true responses: - "201": + "200": + description: | + Created. + Throttling Policy Imported Successfully. + "403": content: application/json: example: - policyId: 4cf46441-a538-4f79-a499-ab81200c9bca - policyName: 10KPerMin - displayName: 10KPerMin - description: Allows 10000 requests per minute - isDeployed: true - defaultLimit: - type: REQUESTCOUNTLIMIT - requestCount: - timeUnit: min - unitTime: 1 - requestCount: 10000 - conditionalGroups: [] + code: 403 + message: Forbidden + description: The request must be conditional but no condition has + been specified + moreInfo: "" + error: [] schema: - $ref: '#/components/schemas/AdvancedThrottlePolicy' + $ref: '#/components/schemas/Error' + description: Forbidden. The request must be conditional but no condition + has been specified. + "404": + content: + application/json: + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. + "409": + content: + application/json: + example: + code: 409 + message: Conflict + description: Specified resource already exists + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Conflict. Specified resource already exists. + "500": + content: + application/json: + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Internal Server Error. + security: + - OAuth2Security: + - apim:admin + - apim:tier_manage + - apim:admin_tier_manage + - apim:policies_import_export + summary: Import a Throttling Policy + tags: + - Import Export + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/import?overwrite=True"' + x-contentType: multipart/form-data + x-accepts: application/json + /throttling/deny-policies: + get: + description: | + Retrieves all existing deny policies. + parameters: + - description: | + Media types acceptable for the response. Default is application/json. + explode: false + in: header + name: Accept + required: false + schema: + default: application/json + type: string + style: simple + - description: | + **Search condition**. + You can search in attributes by using **"conditionType:"** modifier and **"conditionValue:"** modifier. + Eg. + The entry "conditionType:API" will result in a match with blocking conditions only if the conditionType is "API". Similarly, "conditionValue:test/1.0.0" will result in a match with blocking conditions only if the conditionValue is "test/1.0.0". + When you use "conditionType:API & conditionValue:test/1.0.0" as a combination, it will result in a match with blocking conditions only if both the conditionType is "API" and the conditionValue is "test/1.0.0". + If query attribute is provided, this returns the blocking conditions that match the specified attributes. + Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) + explode: true + in: query + name: query + required: false + schema: + type: string + style: form + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingConditionList' description: | - Created. - Successful response with the newly created object as entity in the body. - Location header contains URL of newly created entity. + OK. + Deny Policies returned headers: - ETag: + Content-Type: description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). + The content type of the body. explode: false schema: type: string style: simple + "406": + content: + application/json: + example: + code: 406 + message: Not Acceptable + description: The requested media type is not supported + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Acceptable. The requested media type is not supported. + security: + - OAuth2Security: + - apim:admin + - apim:bl_view + summary: Get all Deny Policies + tags: + - Deny Policies (Collection) + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/throttling/deny-policies"' + x-accepts: application/json + post: + description: | + Adds a new deny policy + parameters: + - description: | + Media type of the entity in the body. Default is application/json. + explode: false + in: header + name: Content-Type + required: true + schema: + default: application/json + type: string + style: simple + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingCondition' + description: | + Blocking condition object that should to be added + required: true + responses: + "201": + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingCondition' + description: | + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. + headers: Location: description: | - Location of the newly created Advanced Throttling Policy. + Location of the newly created resource. explode: false schema: type: string @@ -2610,48 +2086,30 @@ paths: security: - OAuth2Security: - apim:admin - - apim:tier_manage - summary: Add an Advanced Throttling Policy + - apim:bl_manage + summary: Add a deny policy tags: - - Advanced Policy (Collection) + - Deny Policies (Collection) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/deny-policies"' x-contentType: application/json x-accepts: application/json - /throttling/policies/advanced/{policyId}: + /throttling/deny-policy/{conditionId}: delete: description: | - Deletes an advanced throttling policy. + Deletes an existing deny policy parameters: - description: | - Thorttle policy UUID + Blocking condition identifier explode: false in: path - name: policyId + name: conditionId required: true schema: type: string style: simple - - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). - explode: false - in: header - name: If-Unmodified-Since - required: false - schema: - type: string - style: simple responses: "200": content: {} @@ -2670,104 +2128,41 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "412": - content: - application/json: - example: - code: 412 - message: Precondition Failed - description: The request has not been performed because one of the - preconditions is not met - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Precondition Failed. The request has not been performed because - one of the preconditions is not met. security: - OAuth2Security: - apim:admin - - apim:tier_manage - summary: Delete an Advanced Throttling Policy + - apim:bl_manage + summary: Delete a Deny Policy tags: - - Advanced Policy (Individual) + - Deny Policy (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' x-accepts: application/json get: description: | - Retrieves an advanced throttling policy. + Retrieves a Deny policy providing the condition Id parameters: - description: | - Thorttle policy UUID + Blocking condition identifier explode: false in: path - name: policyId + name: conditionId required: true schema: type: string style: simple - - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - explode: false - in: header - name: If-None-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header of the - formerly retrieved variant of the resource (Will be supported in future). - explode: false - in: header - name: If-Modified-Since - required: false - schema: - type: string - style: simple responses: "200": content: application/json: - example: - policyId: 4cf46441-a538-4f79-a499-ab81200c9bca - policyName: 10KPerMin - displayName: 10KPerMin - description: Allows 10000 requests per minute - isDeployed: true - defaultLimit: - type: REQUESTCOUNTLIMIT - requestCount: - timeUnit: min - unitTime: 1 - requestCount: 10000 - conditionalGroups: [] schema: - $ref: '#/components/schemas/AdvancedThrottlePolicy' + $ref: '#/components/schemas/BlockingCondition' description: | OK. - Policy returned + Condition returned headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple Content-Type: description: | The content type of the body. @@ -2775,11 +2170,6 @@ paths: schema: type: string style: simple - "304": - content: {} - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). "404": content: application/json: @@ -2807,24 +2197,24 @@ paths: security: - OAuth2Security: - apim:admin - - apim:tier_view - summary: Get an Advanced Throttling Policy + - apim:bl_view + summary: Get a Deny Policy tags: - - Advanced Policy (Individual) + - Deny Policy (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' x-accepts: application/json - put: + patch: description: | - Updates an existing Advanced throttling policy. + Update a deny policy by Id parameters: - description: | - Thorttle policy UUID + Blocking condition identifier explode: false in: path - name: policyId + name: conditionId required: true schema: type: string @@ -2839,85 +2229,23 @@ paths: default: application/json type: string style: simple - - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). - explode: false - in: header - name: If-Unmodified-Since - required: false - schema: - type: string - style: simple requestBody: content: application/json: schema: - $ref: '#/components/schemas/AdvancedThrottlePolicy' + $ref: '#/components/schemas/BlockingConditionStatus' description: | - Policy object that needs to be modified + Blocking condition with updated status required: true responses: "200": content: application/json: - example: - policyId: 4cf46441-a538-4f79-a499-ab81200c9bca - policyName: 10KPerMin - displayName: 10KPerMin - description: Allows 10000 requests per minute - isDeployed: true - defaultLimit: - type: REQUESTCOUNTLIMIT - requestCount: - timeUnit: min - unitTime: 1 - requestCount: 10000 - conditionalGroups: [] schema: - $ref: '#/components/schemas/AdvancedThrottlePolicy' + $ref: '#/components/schemas/BlockingCondition' description: | OK. - Policy updated. - headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Location: - description: | - The URL of the newly created resource. - explode: false - schema: - type: string - style: simple - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple + Resource successfully updated. "400": content: application/json: @@ -2942,49 +2270,66 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "412": - content: - application/json: - example: - code: 412 - message: Precondition Failed - description: The request has not been performed because one of the - preconditions is not met - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Precondition Failed. The request has not been performed because - one of the preconditions is not met. security: - OAuth2Security: - apim:admin - - apim:tier_manage - summary: Update an Advanced Throttling Policy + - apim:bl_manage + summary: Update a Deny Policy tags: - - Advanced Policy (Individual) + - Deny Policy (Individual) x-code-samples: - - lang: Shell - source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' + - lang: Curl + source: 'curl -k -X PATCH -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' x-contentType: application/json x-accepts: application/json - /throttling/policies/export: + /applications: get: description: | - This operation can be used to export the details of a particular Throttling Policy. - operationId: exportThrottlingPolicy + This operation can be used to retrieve list of applications owned by the given user, If no user + is provided, the applications owned by the user associated with the provided access token will be returned. parameters: - - description: UUID of the ThrottlingPolicy + - description: | + username of the application creator explode: true in: query - name: policyId + name: user required: false schema: type: string style: form - description: | - Throttling Policy Name + Maximum size of resource array to return. + explode: true + in: query + name: limit + required: false + schema: + default: 25 + type: integer + style: form + - description: | + Starting point within the complete list of items qualified. + explode: true + in: query + name: offset + required: false + schema: + default: 0 + type: integer + style: form + - description: | + Media types acceptable for the response. Default is application/json. + explode: false + in: header + name: Accept + required: false + schema: + default: application/json + type: string + style: simple + - description: | + Application Name explode: true in: query name: name @@ -2993,54 +2338,48 @@ paths: type: string style: form - description: | - Type of the Throttling Policy + Tenant domain of the applications to get. This has to be specified only if it is required to get applications of + a tenant other than the requester's tenant. So, if not specified, the default will be set as the + requester's tenant domain. This cross tenant Application access is allowed only for super tenant admin + users **only at a migration process**. explode: true in: query - name: type + name: tenantDomain + required: false + schema: + type: string + style: form + - explode: true + in: query + name: sortBy required: false schema: + default: name enum: - - sub - - app - - api - - global + - name + - owner + type: string + style: form + - explode: true + in: query + name: sortOrder + required: false + schema: + default: asc + enum: + - asc + - desc type: string style: form responses: "200": content: application/json: - example: - type: rate-limiting policy - subtype: application - version: v4.1.0 - data: - policyId: cd828243-a0db-430c-97e9-9e41fd865d48 - policyName: 50PerMin - displayName: 50PerMin - description: Allows 50 request per minute - isDeployed: true - type: ApplicationThrottlePolicy - defaultLimit: - type: BANDWIDTHLIMIT - requestCount: - timeUnit: min - unitTime: 1 - requestCount: 50 - bandwidth: - timeUnit: min - unitTime: 5 - dataAmount: 100 - dataUnit: MB - eventCount: - timeUnit: min - unitTime: 5 - eventCount: 16 schema: - $ref: '#/components/schemas/ExportThrottlePolicy' + $ref: '#/components/schemas/ApplicationList' description: | OK. - Export Successful. + Application list returned. headers: Content-Type: description: | @@ -3049,90 +2388,82 @@ paths: schema: type: string style: simple - "404": + "400": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 400 + message: Bad Request + description: Invalid request or validation error moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. - "500": + description: Bad Request. Invalid request or validation error. + "406": content: application/json: example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. + code: 406 + message: Not Acceptable + description: The requested media type is not supported moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Internal Server Error. + description: Not Acceptable. The requested media type is not supported. security: - OAuth2Security: - apim:admin - - apim:tier_manage - - apim:policies_import_export - summary: Export a Throttling Policy + - apim:app_settings_change + - apim:app_owner_change + - apim:app_import_export + - apim:admin_application_view + summary: | + Retrieve/Search Applications tags: - - Import Export Throttling Policy + - Application (Collection) x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/export?policyId=96077508-fd01-4fae-bc64-5de0e2baf43c&name=Bronze&type=subscription&format=YAML"' + "https://127.0.0.1:9443/api/am/admin/v4/applications"' x-accepts: application/json - /throttling/policies/import: - post: + /applications/{applicationId}: + delete: description: | - This operation can be used to import a Throttling Policy - operationId: importThrottlingPolicy + This operation can be used to delete an application by specifying its id. parameters: - description: | - Update an existing throttlingpolicy with the same name - explode: true - in: query - name: overwrite - required: false - schema: - type: boolean - style: form - requestBody: - content: - multipart/form-data: - schema: - properties: - file: - description: Json File - format: binary - type: string - required: - - file + Application UUID + explode: false + in: path + name: applicationId required: true + schema: + type: string + style: simple responses: "200": + content: {} description: | - Created. - Throttling Policy Imported Successfully. - "403": + OK. + Resource successfully deleted. + "202": content: application/json: - example: - code: 403 - message: Forbidden - description: The request must be conditional but no condition has - been specified - moreInfo: "" - error: [] schema: - $ref: '#/components/schemas/Error' - description: Forbidden. The request must be conditional but no condition - has been specified. + $ref: '#/components/schemas/WorkflowResponse' + description: | + Accepted. + The request has been accepted. + headers: + Location: + description: | + Location of the existing Application. + explode: false + schema: + type: string + style: simple "404": content: application/json: @@ -3145,133 +2476,65 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "409": - content: - application/json: - example: - code: 409 - message: Conflict - description: Specified resource already exists - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Conflict. Specified resource already exists. - "500": - content: - application/json: - example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:tier_manage - - apim:policies_import_export - summary: Import a Throttling Policy + - apim:app_import_export + summary: | + Delete an Application tags: - - Import Export Throttling Policy + - Applications x-code-samples: - lang: Curl - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/import?overwrite=True"' - x-contentType: multipart/form-data + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b"' x-accepts: application/json - /throttling/deny-policies: get: description: | - Retrieves all existing deny policies. + This operation can be used to get the details of an application by specifying its id. parameters: - description: | - Media types acceptable for the response. Default is application/json. - explode: false - in: header - name: Accept - required: false - schema: - default: application/json - type: string - style: simple - - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - explode: false - in: header - name: If-None-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header of the - formerly retrieved variant of the resource (Will be supported in future). + Application UUID explode: false - in: header - name: If-Modified-Since - required: false + in: path + name: applicationId + required: true schema: type: string style: simple - - description: | - **Search condition**. - You can search in attributes by using **"conditionType:"** modifier and **"conditionValue:"** modifier. - Eg. - The entry "conditionType:API" will result in a match with blocking conditions only if the conditionType is "API". Similarly, "conditionValue:test/1.0.0" will result in a match with blocking conditions only if the conditionValue is "test/1.0.0". - When you use "conditionType:API & conditionValue:test/1.0.0" as a combination, it will result in a match with blocking conditions only if both the conditionType is "API" and the conditionValue is "test/1.0.0". - If query attribute is provided, this returns the blocking conditions that match the specified attributes. - Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) - explode: true - in: query - name: query - required: false - schema: - type: string - style: form responses: "200": content: application/json: schema: - $ref: '#/components/schemas/BlockingConditionList' + $ref: '#/components/schemas/Application' description: | OK. - Deny Policies returned - headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - explode: false + Application details returned. + "400": + content: + application/json: + example: + code: 400 + message: Bad Request + description: Invalid request or validation error + moreInfo: "" + error: [] schema: - type: string - style: simple - Content-Type: - description: | - The content type of the body. - explode: false + $ref: '#/components/schemas/Error' + description: Bad Request. Invalid request or validation error. + "404": + content: + application/json: + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] schema: - type: string - style: simple - "304": - content: {} - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. "406": content: application/json: @@ -3287,70 +2550,45 @@ paths: security: - OAuth2Security: - apim:admin - - apim:bl_view - summary: Get all Deny Policies + - apim:app_import_export + - apim:admin_application_view + summary: | + Get the details of an Application tags: - - Deny Policies (Collection) + - Applications x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/deny-policies"' + - lang: Curl + source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b"' x-accepts: application/json + /applications/{applicationId}/change-settings: post: description: | - Adds a new deny policy + This operation allows updating one or more settings of an application. + operationId: updateApplicationSettings parameters: - description: | - Media type of the entity in the body. Default is application/json. + Application UUID explode: false - in: header - name: Content-Type + in: path + name: applicationId required: true schema: - default: application/json type: string style: simple requestBody: content: application/json: schema: - $ref: '#/components/schemas/BlockingCondition' - description: | - Blocking condition object that should to be added + $ref: '#/components/schemas/ApplicationUpdateRequest' required: true responses: - "201": + "200": content: application/json: schema: - $ref: '#/components/schemas/BlockingCondition' - description: | - Created. - Successful response with the newly created object as entity in the body. - Location header contains URL of newly created entity. - headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Location: - description: | - Location of the newly created resource. - explode: false - schema: - type: string - style: simple - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple + $ref: '#/components/schemas/Application' + description: Application updated successfully "400": content: application/json: @@ -3363,61 +2601,62 @@ paths: schema: $ref: '#/components/schemas/Error' description: Bad Request. Invalid request or validation error. - "415": + "404": content: application/json: example: - code: 415 - message: Unsupported media type - description: The entity of the request was not in a supported format + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Unsupported Media Type. The entity of the request was not in - a supported format. + description: Not Found. The specified resource does not exist. security: - OAuth2Security: - apim:admin - - apim:bl_manage - summary: Add a deny policy + - apim:app_settings_change + summary: Update Application Settings tags: - - Deny Policies (Collection) + - Application x-code-samples: - - lang: Shell - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/deny-policies"' + - lang: Curl + source: | + curl -k -X POST \ + -H "Authorization: Bearer " \ + -H "Content-Type: application/json" \ + -d '{ + "owner": "newOwner", + "tokenType": "JWT" + }' \ + "https://127.0.0.1:9443/api/am/admin/v4/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b" x-contentType: application/json x-accepts: application/json - /throttling/deny-policy/{conditionId}: - delete: + /applications/{applicationId}/change-owner: + post: + deprecated: true description: | - Deletes an existing deny policy + **Deprecated.** + This API will be removed in a future release. + Use `/applications/{applicationId}/change-settings` instead. + + This operation is used to change the owner of an Application. + In order to change the owner of an application, we need to pass the new application owner as a query parameter parameters: - - description: | - Blocking condition identifier - explode: false - in: path - name: conditionId + - explode: true + in: query + name: owner required: true schema: type: string - style: simple - - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple + style: form - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). + Application UUID explode: false - in: header - name: If-Unmodified-Since - required: false + in: path + name: applicationId + required: true schema: type: string style: simple @@ -3426,210 +2665,89 @@ paths: content: {} description: | OK. - Resource successfully deleted. - "404": + Application owner changed successfully. + "400": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 400 + message: Bad Request + description: Invalid request or validation error moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. - "412": + description: Bad Request. Invalid request or validation error. + "404": content: application/json: example: - code: 412 - message: Precondition Failed - description: The request has not been performed because one of the - preconditions is not met + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Precondition Failed. The request has not been performed because - one of the preconditions is not met. + description: Not Found. The specified resource does not exist. security: - OAuth2Security: - apim:admin - - apim:bl_manage - summary: Delete a Deny Policy + - apim:app_owner_change + summary: Change Application Owner tags: - - Deny Policy (Individual) + - Application x-code-samples: - - lang: Shell - source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b/change-owner?owner=admin"' x-accepts: application/json + /ai-service-providers: get: description: | - Retrieves a Deny policy providing the condition Id - parameters: - - description: | - Blocking condition identifier - explode: false - in: path - name: conditionId - required: true - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - explode: false - in: header - name: If-None-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header of the - formerly retrieved variant of the resource (Will be supported in future). - explode: false - in: header - name: If-Modified-Since - required: false - schema: - type: string - style: simple + Get all AI Service providers + operationId: getAIServiceProviders responses: "200": content: application/json: schema: - $ref: '#/components/schemas/BlockingCondition' + $ref: '#/components/schemas/AIServiceProviderSummaryResponseList' description: | OK. - Condition returned - headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - explode: false - schema: - type: string - style: simple - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple - "304": - content: {} - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - "404": - content: - application/json: - example: - code: 404 - message: Not Found - description: The specified resource does not exist - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. - "406": - content: - application/json: - example: - code: 406 - message: Not Acceptable - description: The requested media type is not supported - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Not Acceptable. The requested media type is not supported. + AI Service providers returned security: - OAuth2Security: - apim:admin - - apim:bl_view - summary: Get a Deny Policy + summary: Get all AI Service providers tags: - - Deny Policy (Individual) + - AIServiceProviders x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' + "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers"' x-accepts: application/json - patch: + post: description: | - Update a deny policy by Id - parameters: - - description: | - Blocking condition identifier - explode: false - in: path - name: conditionId - required: true - schema: - type: string - style: simple - - description: | - Media type of the entity in the body. Default is application/json. - explode: false - in: header - name: Content-Type - required: true - schema: - default: application/json - type: string - style: simple - - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). - explode: false - in: header - name: If-Unmodified-Since - required: false - schema: - type: string - style: simple + Add a new AI Service provider + operationId: addAIServiceProvider requestBody: content: - application/json: + multipart/form-data: schema: - $ref: '#/components/schemas/BlockingConditionStatus' + $ref: '#/components/schemas/AIServiceProviderRequest' description: | - Blocking condition with updated status + AI Service provider object that should to be added required: true responses: - "200": + "201": content: application/json: schema: - $ref: '#/components/schemas/BlockingCondition' + $ref: '#/components/schemas/AIServiceProviderResponse' description: | - OK. - Resource successfully updated. + Created. + Successful response with the newly created AI Service provider as entity in the body. "400": content: application/json: @@ -3642,6 +2760,42 @@ paths: schema: $ref: '#/components/schemas/Error' description: Bad Request. Invalid request or validation error. + security: + - OAuth2Security: + - apim:admin + - apim:llm_provider_manage + summary: Add a AI Service provider + tags: + - AIServiceProviders + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer " -H "Content-Type: + multipart/form-data" -F "name=AIServiceProviderName" -F "apiVersion=v1" + -F "configurations={\"key\":\"value\"}" -F "apiDefinition=@api_definition_file.json" + "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers"' + x-contentType: multipart/form-data + x-accepts: application/json + /ai-service-providers/{aiServiceProviderId}: + delete: + description: | + Delete a AI Service Provider by aiServiceProviderId + operationId: deleteAIServiceProvider + parameters: + - description: | + AI Service Provider UUID + explode: false + in: path + name: aiServiceProviderId + required: true + schema: + type: string + style: simple + responses: + "200": + content: {} + description: | + OK. + AI Service provider successfully deleted. "404": content: application/json: @@ -3657,101 +2811,614 @@ paths: security: - OAuth2Security: - apim:admin - - apim:bl_manage - summary: Update a Deny Policy + - apim:llm_provider_manage + summary: Delete a AI Service Provider tags: - - Deny Policy (Individual) + - AIServiceProvider x-code-samples: - - lang: Shell - source: 'curl -k -X PATCH -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' - x-contentType: application/json + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' x-accepts: application/json - /applications: get: description: | - This operation can be used to retrieve list of applications owned by the given user, If no user - is provided, the applications owned by the user associated with the provided access token will be returned. + Get a AI Service Provider + operationId: getAIServiceProvider parameters: - description: | - username of the application creator - explode: true - in: query - name: user - required: false + AI Service Provider UUID + explode: false + in: path + name: aiServiceProviderId + required: true schema: type: string - style: form + style: simple + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/AIServiceProviderResponse' + description: | + OK. + OpenAPI specification + security: + - OAuth2Security: + - apim:admin + summary: Get AI Service Provider + tags: + - AIServiceProvider + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' + x-accepts: application/json + put: + description: | + Update a AI Service provider by AIServiceProviderId + operationId: updateAIServiceProvider + parameters: - description: | - Maximum size of resource array to return. - explode: true - in: query - name: limit - required: false + AI Service Provider UUID + explode: false + in: path + name: aiServiceProviderId + required: true schema: - default: 25 - type: integer - style: form + type: string + style: simple + requestBody: + content: + multipart/form-data: + schema: + $ref: '#/components/schemas/AIServiceProviderRequest' + description: | + AI Service Provider object with updated information + required: true + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/AIServiceProviderResponse' + description: | + OK. + AI Service Provider updated. + "400": + content: + application/json: + example: + code: 400 + message: Bad Request + description: Invalid request or validation error + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Bad Request. Invalid request or validation error. + "404": + content: + application/json: + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. + security: + - OAuth2Security: + - apim:admin + - apim:llm_provider_manage + summary: Update an AI Service provider + tags: + - AIServiceProvider + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + \ -F "name=UpdatedProviderName" \ -F "apiVersion=v2" \ -F "configurations={\"key\":\"value\"}" + \ -F "apiDefinition=@api_definition.json" \ "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers/{aiServiceProviderId}"' + x-contentType: multipart/form-data + x-accepts: application/json + /llm-providers: + get: + deprecated: true + description: | + Get all LLM providers + operationId: getLLMProviders + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/LLMProviderSummaryResponseList' + description: | + OK. + LLM providers returned + security: + - OAuth2Security: + - apim:admin + summary: Get all LLM providers + tags: + - LLMProviders + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/llm-providers"' + x-accepts: application/json + post: + deprecated: true + description: | + Add a new LLM provider + operationId: addLLMProvider + requestBody: + content: + multipart/form-data: + schema: + $ref: '#/components/schemas/LLMProviderRequest' + description: | + LLM provider object that should to be added + required: true + responses: + "201": + content: + application/json: + schema: + $ref: '#/components/schemas/LLMProviderResponse' + description: | + Created. + Successful response with the newly created LLM provider as entity in the body. + "400": + content: + application/json: + example: + code: 400 + message: Bad Request + description: Invalid request or validation error + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Bad Request. Invalid request or validation error. + security: + - OAuth2Security: + - apim:admin + - apim:llm_provider_manage + summary: Add a LLM provider + tags: + - LLMProviders + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/llm-providers"' + x-contentType: multipart/form-data + x-accepts: application/json + /llm-providers/{llmProviderId}: + delete: + deprecated: true + description: | + Delete a LLM Provider by llmProviderId + operationId: deleteLLMProvider + parameters: - description: | - Starting point within the complete list of items qualified. - explode: true - in: query - name: offset - required: false + LLM Provider UUID + explode: false + in: path + name: llmProviderId + required: true schema: - default: 0 - type: integer - style: form + type: string + style: simple + responses: + "200": + content: {} + description: | + OK. + LLM provider successfully deleted. + "404": + content: + application/json: + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. + security: + - OAuth2Security: + - apim:admin + - apim:llm_provider_manage + summary: Delete a LLM Provider + tags: + - LLMProvider + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' + x-accepts: application/json + get: + description: | + Get a LLM Provider + operationId: getLLMProvider + parameters: + - description: | + LLM Provider UUID + explode: false + in: path + name: llmProviderId + required: true + schema: + type: string + style: simple + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/LLMProviderResponse' + description: | + OK. + OpenAPI specification + security: + - OAuth2Security: + - apim:admin + summary: Get LLM Provider + tags: + - LLMProvider + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' + x-accepts: application/json + put: + deprecated: true + description: | + Update a LLM provider by LLMProviderId + operationId: updateLLMProvider + parameters: + - description: | + LLM Provider UUID + explode: false + in: path + name: llmProviderId + required: true + schema: + type: string + style: simple + requestBody: + content: + multipart/form-data: + schema: + $ref: '#/components/schemas/LLMProviderRequest' + description: | + LLM Provider object with updated information + required: true + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/LLMProviderResponse' + description: | + OK. + LLM Provider updated. + "400": + content: + application/json: + example: + code: 400 + message: Bad Request + description: Invalid request or validation error + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Bad Request. Invalid request or validation error. + "404": + content: + application/json: + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. + security: + - OAuth2Security: + - apim:admin + - apim:llm_provider_manage + summary: Update an LLM provider + tags: + - LLMProvider + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' + x-contentType: multipart/form-data + x-accepts: application/json + /environments: + get: + description: | + Get all Registered Environments + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/EnvironmentList' + description: | + OK. + Environments returned + security: + - OAuth2Security: + - apim:admin + - apim:environment_read + summary: Get all registered Environments + tags: + - Environments + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/environments"' + x-accepts: application/json + post: + description: | + Add a new gateway environment + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' + description: | + Environment object that should to be added + required: true + responses: + "201": + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' + description: | + Created. + Successful response with the newly created environment as entity in the body. + "400": + content: + application/json: + example: + code: 400 + message: Bad Request + description: Invalid request or validation error + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Bad Request. Invalid request or validation error. + security: + - OAuth2Security: + - apim:admin + - apim:environment_manage + summary: Add an Environment + tags: + - Environments + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/environments"' + x-contentType: application/json + x-accepts: application/json + /environments/{environmentId}: + delete: + description: | + Delete a Environment by Environment Id + parameters: - description: | - Media types acceptable for the response. Default is application/json. + Environment UUID (or Environment name defined in config), in case the ID contains special characters it should + be base64 encoded explode: false - in: header - name: Accept - required: false + in: path + name: environmentId + required: true schema: - default: application/json type: string style: simple + responses: + "200": + content: {} + description: | + OK. + Environment successfully deleted. + "404": + content: + application/json: + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. + security: + - OAuth2Security: + - apim:admin + - apim:environment_manage + summary: Delete an Environment + tags: + - Environments + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/environments/d7cf8523-9180-4255-84fa-6cb171c1f779"' + x-accepts: application/json + get: + description: | + Retrieve a single Gateway Environment Configuration. We should provide the Id of the Environment as a path parameter. + parameters: - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). + Environment UUID (or Environment name defined in config), in case the ID contains special characters it should + be base64 encoded explode: false - in: header - name: If-None-Match - required: false + in: path + name: environmentId + required: true schema: type: string style: simple + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' + description: | + OK. + Gateway Environment Configuration returned + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple + "404": + content: + application/json: + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. + "406": + content: + application/json: + example: + code: 406 + message: Not Acceptable + description: The requested media type is not supported + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Acceptable. The requested media type is not supported. + security: + - OAuth2Security: + - apim:admin + - apim:environment_manage + summary: Get a Gateway Environment Configuration + tags: + - Environments + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/environments/8d263942-a6df-4cc2-a804-7a2525501450"' + x-accepts: application/json + put: + description: | + Update a gateway Environment by environment Id + parameters: - description: | - Application Name - explode: true - in: query - name: name - required: false + Environment UUID (or Environment name defined in config), in case the ID contains special characters it should + be base64 encoded + explode: false + in: path + name: environmentId + required: true schema: type: string - style: form + style: simple + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' + description: | + Environment object with updated information + required: true + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' + description: | + OK. + Environment updated. + "400": + content: + application/json: + example: + code: 400 + message: Bad Request + description: Invalid request or validation error + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Bad Request. Invalid request or validation error. + "404": + content: + application/json: + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. + security: + - OAuth2Security: + - apim:admin + - apim:environment_manage + summary: Update an Environment + tags: + - Environments + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/environments/d7cf8523-9180-4255-84fa-6cb171c1f779"' + x-contentType: application/json + x-accepts: application/json + /environments/{environmentId}/gateways: + get: + description: | + Retrieve list of gateway Instances in the gateway environment. + parameters: - description: | - Tenant domain of the applications to get. This has to be specified only if it is required to get applications of - a tenant other than the requester's tenant. So, if not specified, the default will be set as the - requester's tenant domain. This cross tenant Application access is allowed only for super tenant admin - users **only at a migration process**. - explode: true - in: query - name: tenantDomain - required: false + Environment UUID (or Environment name defined in config), in case the ID contains special characters it should + be base64 encoded + explode: false + in: path + name: environmentId + required: true schema: type: string - style: form + style: simple responses: "200": content: application/json: schema: - $ref: '#/components/schemas/ApplicationList' + $ref: '#/components/schemas/GatewayInstanceList' description: | OK. - Application list returned. + List of gateway Instances in the gateway environment returned headers: Content-Type: description: | @@ -3760,94 +3427,124 @@ paths: schema: type: string style: simple - "304": - content: {} - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). "400": content: application/json: - example: - code: 400 - message: Bad Request - description: Invalid request or validation error - moreInfo: "" - error: [] + example: + code: 400 + message: Bad Request + description: Invalid request or validation error + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Bad Request. Invalid request or validation error. + "404": + content: + application/json: + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. + "406": + content: + application/json: + example: + code: 406 + message: Not Acceptable + description: The requested media type is not supported + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Acceptable. The requested media type is not supported. + security: + - OAuth2Security: + - apim:admin + - apim:environment_read + summary: Get Gateway Instances in a Gateway Environment + tags: + - Environments + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/environments/8d263942-a6df-4cc2-a804-7a2525501450/gateways"' + x-accepts: application/json + /gateways: + get: + description: | + Get all registered platform gateways for the organization. + operationId: getPlatformGateways + responses: + "200": + content: + application/json: schema: - $ref: '#/components/schemas/Error' - description: Bad Request. Invalid request or validation error. - "406": + $ref: '#/components/schemas/GatewayList' + description: | + OK. + List of platform gateways returned (without registration tokens). + "404": content: application/json: example: - code: 406 - message: Not Acceptable - description: The requested media type is not supported + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Acceptable. The requested media type is not supported. + description: Not Found. The specified resource does not exist. security: - OAuth2Security: - apim:admin - - apim:app_owner_change - - apim:app_import_export - summary: | - Retrieve/Search Applications + summary: Get all platform gateways tags: - - Application (Collection) + - Platform Gateways x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/applications"' + "https://127.0.0.1:9443/api/am/admin/v4/gateways"' x-accepts: application/json - /applications/{applicationId}: - delete: + post: description: | - This operation can be used to delete an application by specifying its id. - parameters: - - description: | - Application UUID - explode: false - in: path - name: applicationId + Register a new platform gateway. A registration token is generated and returned + once in the response; store it (e.g. as GATEWAY_CONTROL_PLANE_TOKEN in Docker Compose) for the + gateway to connect to the control plane WebSocket. The token is stored hashed and cannot be retrieved later. + operationId: createPlatformGateway + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/CreatePlatformGatewayRequest' required: true - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple responses: - "200": - content: {} - description: | - OK. - Resource successfully deleted. - "202": + "201": content: application/json: schema: - $ref: '#/components/schemas/WorkflowResponse' + $ref: '#/components/schemas/GatewayResponseWithToken' description: | - Accepted. - The request has been accepted. - headers: - Location: - description: | - Location of the existing Application. - explode: false + Created. + Gateway and registration token (returned once) in the response body. + "400": + content: + application/json: + example: + code: 400 + message: Bad Request + description: Invalid request or validation error + moreInfo: "" + error: [] schema: - type: string - style: simple + $ref: '#/components/schemas/Error' + description: Bad Request. Invalid request or validation error. "404": content: application/json: @@ -3860,61 +3557,55 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "412": + "409": content: application/json: example: - code: 412 - message: Precondition Failed - description: The request has not been performed because one of the - preconditions is not met + code: 409 + message: Conflict + description: Specified resource already exists moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Precondition Failed. The request has not been performed because - one of the preconditions is not met. + description: Conflict. Specified resource already exists. security: - OAuth2Security: - apim:admin - - apim:app_import_export - summary: | - Delete an Application + summary: Register a platform gateway tags: - - Applications + - Platform Gateways x-code-samples: - - lang: Shell - source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b"' + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/gateways"' + x-contentType: application/json x-accepts: application/json - /applications/{applicationId}/change-owner: + /gateways/{gatewayId}/regenerate-token: post: description: | - This operation is used to change the owner of an Application. - In order to change the owner of an application, we need to pass the new application owner as a query parameter + Regenerate the registration token for an existing platform gateway. The old token is revoked + and a new one is generated. Store the new token (e.g. as GATEWAY_CONTROL_PLANE_TOKEN in Docker Compose) + for the gateway to reconnect to the control plane WebSocket. The token is returned only once. + operationId: regeneratePlatformGatewayToken parameters: - - explode: true - in: query - name: owner - required: true - schema: - type: string - style: form - - description: | - Application UUID + - description: Gateway UUID explode: false in: path - name: applicationId + name: gatewayId required: true schema: type: string style: simple responses: "200": - content: {} + content: + application/json: + schema: + $ref: '#/components/schemas/GatewayResponseWithToken' description: | OK. - Application owner changed successfully. + Gateway and new registration token (returned once) in the response body. "400": content: application/json: @@ -3939,86 +3630,90 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "412": + security: + - OAuth2Security: + - apim:admin + summary: Regenerate registration token for a platform gateway + tags: + - Platform Gateways + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/gateways/{gatewayId}/regenerate-token"' + x-accepts: application/json + /gateways/{gatewayId}: + delete: + description: | + Delete a platform gateway and all its references (tokens, instance mappings, revision deployment + records, gateway environment, permissions). Fails with 409 if any API revisions are currently + deployed to this gateway; undeploy all APIs from the gateway first. + operationId: deletePlatformGateway + parameters: + - description: Gateway UUID + explode: false + in: path + name: gatewayId + required: true + schema: + type: string + style: simple + responses: + "200": + description: OK. Gateway and all references removed. + "404": content: application/json: example: - code: 412 - message: Precondition Failed - description: The request has not been performed because one of the - preconditions is not met + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Precondition Failed. The request has not been performed because - one of the preconditions is not met. + description: Not Found. The specified resource does not exist. + "409": + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + description: Conflict. Cannot delete gateway while API revisions are deployed + to it. security: - OAuth2Security: - apim:admin - - apim:app_owner_change - summary: Change Application Owner + summary: Delete a platform gateway tags: - - Application - x-code-samples: - - lang: Shell - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b/change-owner?owner=admin"' + - Platform Gateways x-accepts: application/json - /export/applications: - get: + put: description: | - This operation can be used to export the details of a particular application as a zip file. + Update platform gateway metadata. Request body must include all updatable fields (displayName, + description, properties, permissions). Name and vhost cannot be changed. UI should send + the full resource representation to align with PUT semantics. + operationId: updatePlatformGateway parameters: - - description: | - Application Name - explode: true - in: query - name: appName + - description: Gateway UUID + explode: false + in: path + name: gatewayId required: true schema: type: string - style: form - - description: | - Owner of the Application - explode: true - in: query - name: appOwner + style: simple + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/UpdatePlatformGatewayRequest' required: true - schema: - type: string - style: form - - description: | - Export application keys - explode: true - in: query - name: withKeys - required: false - schema: - type: boolean - style: form responses: "200": content: application/json: schema: - format: binary - type: string - application/zip: - schema: - format: binary - type: string - description: | - OK. - Export Successful. - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple + $ref: '#/components/schemas/PlatformGatewayResponse' + description: OK. Updated platform gateway in the response body. "400": content: application/json: @@ -4041,104 +3736,106 @@ paths: moreInfo: "" error: [] schema: - $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. - "406": + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. + security: + - OAuth2Security: + - apim:admin + summary: Update a platform gateway + tags: + - Platform Gateways + x-contentType: application/json + x-accepts: application/json + /organizations: + get: + description: | + Get all Registered Organizations + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/OrganizationList' + description: | + OK. + Organizations returned + security: + - OAuth2Security: + - apim:admin + - apim:organization_read + summary: Get all registered Organizations + tags: + - Organizations + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/organizations"' + x-accepts: application/json + post: + description: | + Add a new organization + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/Organization' + description: | + Organization object that should to be added + required: true + responses: + "201": + content: + application/json: + schema: + $ref: '#/components/schemas/Organization' + description: | + Created. + Successful response with the newly created organization as entity in the body. + "400": content: application/json: example: - code: 406 - message: Not Acceptable - description: The requested media type is not supported + code: 400 + message: Bad Request + description: Invalid request or validation error moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Acceptable. The requested media type is not supported. + description: Bad Request. Invalid request or validation error. security: - OAuth2Security: - apim:admin - - apim:app_import_export - summary: Export an Application + - apim:organization_manage + summary: Add an Organizations tags: - - Application (Individual) + - Organizations x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/export/applications?appName=sampleApp&appOwner=admin&withKeys=true" - > exported-application.zip' + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/organizations"' + x-contentType: application/json x-accepts: application/json - /export/api: - get: + /organizations/{organizationId}: + delete: description: | - This operation can be used to export the details of a particular API as a zip file. + Delete an organization by organization Id parameters: - description: | - API Name - explode: true - in: query - name: name - required: true - schema: - type: string - style: form - - description: | - Version of the API - explode: true - in: query - name: version + Organization UUID + explode: false + in: path + name: organizationId required: true schema: type: string - style: form - - description: | - Provider name of the API - explode: true - in: query - name: providerName - required: false - schema: - type: string - style: form - - description: | - Format of output documents. Can be YAML or JSON. - explode: true - in: query - name: format - required: false - schema: - enum: - - JSON - - YAML - type: string - style: form - - description: | - Preserve API Status on export - explode: true - in: query - name: preserveStatus - required: false - schema: - type: boolean - style: form + style: simple responses: "200": - content: - application/zip: - schema: - format: binary - type: string + content: {} description: | OK. - Export Successful. - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple + Organization successfully deleted. "404": content: application/json: @@ -4151,229 +3848,106 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "500": - content: - application/json: - example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:api_import_export - summary: Export an API + - apim:organization_manage + summary: Delete an Organization tags: - - API (Individual) + - Organizations x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/export/api?name=PizzaShackAPI&version=1.0.0&providerName=admin&format=YAML&preserveStatus=true" - > exportAPI.zip' + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' x-accepts: application/json - /export/api-product: get: description: | - This operation can be used to export the details of a particular API Product as a zip file. + Get an organization by organization Id parameters: - description: | - API Product Name - explode: true - in: query - name: name - required: true - schema: - type: string - style: form - - description: | - Version of the API Product - explode: true - in: query - name: version + Organization UUID + explode: false + in: path + name: organizationId required: true schema: type: string - style: form - - description: | - Provider name of the API Product - explode: true - in: query - name: providerName - required: false - schema: - type: string - style: form - - description: | - Format of output documents. Can be YAML or JSON. - explode: true - in: query - name: format - required: false - schema: - enum: - - JSON - - YAML - type: string - style: form - - description: | - Preserve API Product Status on export - explode: true - in: query - name: preserveStatus - required: false - schema: - type: boolean - style: form + style: simple responses: "200": content: - application/zip: + application/json: schema: - format: binary - type: string + $ref: '#/components/schemas/Organization' description: | OK. - Export Successful. - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple - "404": + Organization. + "400": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 400 + message: Bad Request + description: Invalid request or validation error moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. - "500": + description: Bad Request. Invalid request or validation error. + "404": content: application/json: example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Internal Server Error. + description: Not Found. The specified resource does not exist. security: - OAuth2Security: - apim:admin - - apim:api_product_import_export - summary: Export an API Product + - apim:organization_read + summary: Get an Organization tags: - - API Product (Individual) + - Organizations x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/export/api-product?name=PizzaShackAPIProduct&version=1.0.0&providerName=admin&format=YAML&preserveStatus=true" - > exportAPIProduct.zip' + - lang: Curl + source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' x-accepts: application/json - /import/applications: - post: + put: description: | - This operation can be used to import an application. + Update an organization by organization Id parameters: - description: | - Preserve Original Creator of the Application - explode: true - in: query - name: preserveOwner - required: false - schema: - type: boolean - style: form - - description: | - Skip importing Subscriptions of the Application - explode: true - in: query - name: skipSubscriptions - required: false - schema: - type: boolean - style: form - - description: | - Expected Owner of the Application in the Import Environment - explode: true - in: query - name: appOwner - required: false + Organization UUID + explode: false + in: path + name: organizationId + required: true schema: type: string - style: form - - description: | - Skip importing Keys of the Application - explode: true - in: query - name: skipApplicationKeys - required: false - schema: - type: boolean - style: form - - description: | - Update if application exists - explode: true - in: query - name: update - required: false - schema: - type: boolean - style: form + style: simple requestBody: content: - multipart/form-data: + application/json: schema: - properties: - file: - description: | - Zip archive consisting of exported Application Configuration. - format: binary - type: string - required: - - file + $ref: '#/components/schemas/Organization' + description: | + Organization object with updated information required: true responses: "200": content: application/json: schema: - $ref: '#/components/schemas/ApplicationInfo' - description: | - OK. - Successful response with the updated object information as entity in the body. - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple - "207": - content: - application/json: - schema: - $ref: '#/components/schemas/APIInfoList' + $ref: '#/components/schemas/Organization' description: | - Multi Status. - Partially successful response with skipped APIs information object as entity in the body. + OK. + Organization updated. "400": content: application/json: @@ -4386,87 +3960,91 @@ paths: schema: $ref: '#/components/schemas/Error' description: Bad Request. Invalid request or validation error. - "406": + "404": content: application/json: example: - code: 406 - message: Not Acceptable - description: The requested media type is not supported + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Acceptable. The requested media type is not supported. + description: Not Found. The specified resource does not exist. security: - OAuth2Security: - apim:admin - - apim:app_import_export - summary: Import an Application + - apim:organization_manage + summary: Update an Organization tags: - - Application (Individual) + - Organizations x-code-samples: - - lang: Shell - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -F file=@exported-application.zip "https://127.0.0.1:9443/api/am/admin/v4/import/applications?preserveOwner=true&skipSubscriptions=false&appOwner=admin&skipApplicationKeys=false&update=true"' - x-contentType: multipart/form-data + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' + x-contentType: application/json x-accepts: application/json - /import/api: - post: + /me/organization-information: + get: description: | - This operation can be used to import an API. - parameters: - - description: | - Preserve Original Provider of the API. This is the user choice to keep or replace the API provider. - explode: true - in: query - name: preserveProvider - required: false - schema: - type: boolean - style: form - - description: | - Whether to update the API or not. This is used when updating already existing APIs. - explode: true - in: query - name: overwrite - required: false - schema: - type: boolean - style: form - requestBody: - content: - multipart/form-data: - schema: - properties: - file: - description: | - Zip archive consisting on exported api configuration - format: binary - type: string - required: - - file - required: true + Using this operation, logged-in user can get their organization information. + operationId: organizationInformation responses: "200": - content: {} + content: + application/json: + schema: + $ref: '#/components/schemas/OrganizationInfo' description: | - Created. - API Imported Successfully. - "403": + OK. + Key Manager list returned + "400": content: application/json: example: - code: 403 - message: Forbidden - description: The request must be conditional but no condition has - been specified + code: 400 + message: Bad Request + description: Invalid request or validation error moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Forbidden. The request must be conditional but no condition - has been specified. + description: Bad Request. Invalid request or validation error. + security: + - OAuth2Security: + - apim:admin + - apim:admin_settings + summary: Get the Organization information of the user + tags: + - Users + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/publisher/v4/me/organization"' + x-accepts: application/json + /bot-detection-data: + get: + description: | + Get all bot detected data + operationId: getBotDetectionData + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/BotDetectionDataList' + description: | + OK. + Bot detected data returned. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple "404": content: application/json: @@ -4479,18 +4057,48 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "409": + security: + - OAuth2Security: + - apim:admin + - apim:bot_data + summary: | + Get all Bot Detected Data + tags: + - Bot Detection Data + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/bot-detection-data"' + x-accepts: application/json + /monetization/publish-usage: + post: + description: | + Publish usage records of monetized APIs + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/PublishStatus' + description: Usage records successfully published. + "202": + content: + application/json: + schema: + $ref: '#/components/schemas/PublishStatus' + description: Request is sucessfully accepted for processing. + "404": content: application/json: example: - code: 409 - message: Conflict - description: Specified resource already exists + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Conflict. Specified resource already exists. + description: Not Found. The specified resource does not exist. "500": content: application/json: @@ -4507,90 +4115,125 @@ paths: security: - OAuth2Security: - apim:admin - - apim:api_import_export - summary: Import an API + - apim:monetization_usage_publish + summary: Publish Usage Records tags: - - API (Individual) + - Monetization (Collection) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -F file=@admin-PizzaShackAPI-1.0.0.zip "https://127.0.0.1:9443/api/am/admin/v4/import/api?preserveProvider=false&overwrite=false"' - x-contentType: multipart/form-data + "https://127.0.0.1:9443/api/am/admin/v4/monetization/publish-usage"' x-accepts: application/json - /import/api-product: - post: + /monetization/publish-usage/status: + get: description: | - This operation can be used to import an API Product. + Get the status of monetization usage publisher + responses: + "200": + content: + application/json: + schema: + $ref: '#/components/schemas/MonetizationUsagePublishInfo' + description: | + OK. + Status returned + security: + - OAuth2Security: + - apim:admin + - apim:monetization_usage_publish + summary: Get the Status of Monetization Usage Publisher + tags: + - Monetization (Collection) + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/monetization/publish-usage/status"' + x-accepts: application/json + /workflows: + get: + description: | + This operation can be used to retrieve list of workflow pending processes. parameters: - description: | - Preserve Original Provider of the API Product. This is the user choice to keep or replace the API Product provider. + Maximum size of resource array to return. explode: true in: query - name: preserveProvider + name: limit required: false schema: - type: boolean + default: 25 + type: integer style: form - description: | - Whether to import the dependent APIs or not. + Starting point within the complete list of items qualified. explode: true in: query - name: importAPIs + name: offset required: false schema: - type: boolean + default: 0 + type: integer style: form - description: | - Whether to update the API Product or not. This is used when updating already existing API Products. - explode: true - in: query - name: overwriteAPIProduct + Media types acceptable for the response. Default is application/json. + explode: false + in: header + name: Accept required: false schema: - type: boolean - style: form + default: application/json + type: string + style: simple - description: | - Whether to update the dependent APIs or not. This is used when updating already existing dependent APIs of an API Product. + We need to show the values of each workflow process separately .for that we use workflow type. + Workflow type can be AM_APPLICATION_CREATION, AM_SUBSCRIPTION_CREATION, AM_USER_SIGNUP, AM_APPLICATION_REGISTRATION_PRODUCTION, AM_APPLICATION_REGISTRATION_SANDBOX. explode: true in: query - name: overwriteAPIs + name: workflowType required: false schema: - type: boolean + enum: + - AM_APPLICATION_CREATION + - AM_SUBSCRIPTION_CREATION + - AM_USER_SIGNUP + - AM_APPLICATION_REGISTRATION_PRODUCTION + - AM_APPLICATION_REGISTRATION_SANDBOX + - AM_SUBSCRIPTION_DELETION + - AM_APPLICATION_DELETION + - AM_API_STATE + - AM_API_PRODUCT_STATE + - AM_REVISION_DEPLOYMENT + type: string style: form - requestBody: - content: - multipart/form-data: - schema: - properties: - file: - description: | - Zip archive consisting on exported API Product configuration - format: binary - type: string - required: - - file - required: true responses: "200": - content: {} + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowList' description: | - Created. - API Product Imported Successfully. - "403": + OK. + Workflow pendding process list returned. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple + "400": content: application/json: example: - code: 403 - message: Forbidden - description: The request must be conditional but no condition has - been specified + code: 400 + message: Bad Request + description: Invalid request or validation error moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Forbidden. The request must be conditional but no condition - has been specified. + description: Bad Request. Invalid request or validation error. "404": content: application/json: @@ -4603,89 +4246,135 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "409": - content: - application/json: - example: - code: 409 - message: Conflict - description: Specified resource already exists - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Conflict. Specified resource already exists. - "500": + "406": content: application/json: example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. + code: 406 + message: Not Acceptable + description: The requested media type is not supported moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Internal Server Error. + description: Not Acceptable. The requested media type is not supported. security: - OAuth2Security: - apim:admin - - apim:api_product_import_export - summary: Import an API Product + - apim:api_workflow_view + summary: | + Retrieve All Pending Workflow Processes tags: - - API Product (Individual) + - Workflow (Collection) x-code-samples: - - lang: Shell - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -F file=@exportAPIProduct.zip "https://127.0.0.1:9443/api/am/admin/v4/import/api-product?preserveProvider=false&overwriteAPIProduct=false&overwriteAPIs=false&importAPIs=false"' - x-contentType: multipart/form-data + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/workflows"' x-accepts: application/json - /labels: + /workflows/{externalWorkflowRef}: get: description: | - Get all Registered Labels + Using this operation, you can retrieve complete details of a pending workflow request that either belongs to application creation, application subscription, application registration, api state change, user self sign up.. You need to provide the External_Workflow_Reference of the workflow Request to retrive it. + parameters: + - description: | + from the externel workflow reference we decide what is the the pending request that the are requesting. + explode: false + in: path + name: externalWorkflowRef + required: true + schema: + type: string + style: simple responses: "200": content: application/json: schema: - $ref: '#/components/schemas/LabelList' + $ref: '#/components/schemas/WorkflowInfo' description: | OK. - Labels returned + Requested Workflow Pending is returned + "304": + content: {} + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + "404": + content: + application/json: + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. + "406": + content: + application/json: + example: + code: 406 + message: Not Acceptable + description: The requested media type is not supported + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Acceptable. The requested media type is not supported. security: - OAuth2Security: - apim:admin - - apim:label_read - summary: Get all registered Labels + - apim:api_workflow_view + summary: | + Get Pending Workflow Details by External Workflow Reference tags: - - Label Collection + - Workflows (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/labels"' + "https://127.0.0.1:9443/api/am/admin/v4/workflows/c43a325c-260b-4302-81cb-768eafaa3aed"' x-accepts: application/json + /workflows/update-workflow-status: post: description: | - Add a new gateway label + This operation can be used to approve or reject a workflow task. + parameters: + - description: | + Workflow reference id + explode: true + in: query + name: workflowReferenceId + required: true + schema: + type: string + style: form requestBody: content: application/json: schema: - $ref: '#/components/schemas/Label' + $ref: '#/components/schemas/Workflow' description: | - Label object that should to be added + Workflow event that need to be updated required: true responses: - "201": + "200": content: application/json: schema: - $ref: '#/components/schemas/Label' + $ref: '#/components/schemas/Workflow' description: | - Created. - Successful response with the newly created object as entity in the body. + OK. + Workflow request information is returned. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple "400": content: application/json: @@ -4698,57 +4387,64 @@ paths: schema: $ref: '#/components/schemas/Error' description: Bad Request. Invalid request or validation error. + "404": + content: + application/json: + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. security: - OAuth2Security: - apim:admin - - apim:label_manage - summary: Add a Label + - apim:api_workflow_approve + summary: Update Workflow Status tags: - - Label + - Workflows (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/labels"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/workflows/update-workflow-status?workflowReferenceId=56e3a170-a7a7-45f8-b051-7e43a58a67e1"' x-contentType: application/json x-accepts: application/json - /labels/{labelId}: - delete: + /tenant-info/{username}: + get: description: | - Delete a Label by label Id + This operation is to get tenant id of the provided user + operationId: getTenantInfoByUsername parameters: - description: | - Label UUID + The state represents the current state of the tenant. Supported states are [ active, inactive] explode: false in: path - name: labelId + name: username required: true schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). - explode: false - in: header - name: If-Unmodified-Since - required: false - schema: + default: john type: string style: simple responses: "200": - content: {} + content: + application/json: + schema: + $ref: '#/components/schemas/TenantInfo' description: | OK. - Label successfully deleted. + Tenant id of the user retrieved. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple "404": content: application/json: @@ -4761,131 +4457,146 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. + "406": + content: + application/json: + example: + code: 406 + message: Not Acceptable + description: The requested media type is not supported + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Acceptable. The requested media type is not supported. security: - OAuth2Security: - apim:admin - - apim:label_manage - summary: Delete a Label + - apim:tenantInfo + summary: | + Get Tenant Id of User tags: - - Label + - Tenants x-code-samples: - - lang: Shell - source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/labels/d7cf8523-9180-4255-84fa-6cb171c1f779"' + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/tenant-info/john"' x-accepts: application/json - put: + /custom-urls/{tenantDomain}: + get: description: | - Update a Label by label Id + This operation is to get custom-url information of the provided tenant-domain + operationId: getCustomUrlInfoByTenantDomain parameters: - description: | - Label UUID + The tenant domain name. explode: false in: path - name: labelId + name: tenantDomain required: true schema: type: string style: simple - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Label' - description: | - Label object with updated information - required: true responses: "200": content: application/json: schema: - $ref: '#/components/schemas/Label' + $ref: '#/components/schemas/CustomUrlInfo' description: | OK. - Label updated. - "400": + Custom url info of the tenant is retrieved. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple + "404": content: application/json: example: - code: 400 - message: Bad Request - description: Invalid request or validation error + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Bad Request. Invalid request or validation error. - "404": + description: Not Found. The specified resource does not exist. + "406": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 406 + message: Not Acceptable + description: The requested media type is not supported moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. + description: Not Acceptable. The requested media type is not supported. security: - OAuth2Security: - apim:admin - - apim:label_manage - summary: Update a Label + - apim:tenantInfo + summary: | + Get Custom URL Info of a Tenant Domain tags: - - Label + - Tenants x-code-samples: - - lang: Shell - source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/labels/d7cf8523-9180-4255-84fa-6cb171c1f779"' - x-contentType: application/json + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/custom-urls/wso2.com"' x-accepts: application/json - /ai-service-providers: + /api-categories: get: description: | - Get all AI Service providers - operationId: getAIServiceProviders + Get all API categories responses: "200": content: application/json: schema: - $ref: '#/components/schemas/AIServiceProviderSummaryResponseList' + $ref: '#/components/schemas/APICategoryList' description: | OK. - AI Service providers returned + Categories returned security: - OAuth2Security: - apim:admin - summary: Get all AI Service providers + - apim:admin_operations + - apim:api_category + summary: Get all API Categories tags: - - AIServiceProviders + - API Category (Collection) x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers"' + "https://127.0.0.1:9443/api/am/admin/v4/api-categories"' x-accepts: application/json post: description: | - Add a new AI Service provider - operationId: addAIServiceProvider + Add a new API category requestBody: content: - multipart/form-data: + application/json: schema: - $ref: '#/components/schemas/AIServiceProviderRequest' + $ref: '#/components/schemas/APICategory' description: | - AI Service provider object that should to be added + API Category object that should to be added required: true responses: "201": content: application/json: schema: - $ref: '#/components/schemas/AIServiceProviderResponse' + $ref: '#/components/schemas/APICategory' description: | Created. - Successful response with the newly created AI Service provider as entity in the body. + Successful response with the newly created object as entity in the body. "400": content: application/json: @@ -4901,29 +4612,27 @@ paths: security: - OAuth2Security: - apim:admin - - apim:llm_provider_manage - summary: Add a AI Service provider + - apim:admin_operations + - apim:api_category + summary: Add API Category tags: - - AIServiceProviders + - API Category (Individual) x-code-samples: - lang: Curl - source: 'curl -k -X POST -H "Authorization: Bearer " -H "Content-Type: - multipart/form-data" -F "name=AIServiceProviderName" -F "apiVersion=v1" - -F "configurations={\"key\":\"value\"}" -F "apiDefinition=@api_definition_file.json" - "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers"' - x-contentType: multipart/form-data + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/api-categories"' + x-contentType: application/json x-accepts: application/json - /ai-service-providers/{aiServiceProviderId}: + /api-categories/{apiCategoryId}: delete: description: | - Delete a AI Service Provider by aiServiceProviderId - operationId: deleteAIServiceProvider + Delete an API Category by API Category Id parameters: - description: | - AI Service Provider UUID + API Category UUID explode: false in: path - name: aiServiceProviderId + name: apiCategoryId required: true schema: type: string @@ -4933,7 +4642,7 @@ paths: content: {} description: | OK. - AI Service provider successfully deleted. + API Category successfully deleted. "404": content: application/json: @@ -4949,80 +4658,46 @@ paths: security: - OAuth2Security: - apim:admin - - apim:llm_provider_manage - summary: Delete a AI Service Provider + - apim:admin_operations + - apim:api_category + summary: Delete an API Category tags: - - AIServiceProvider + - API Category (Individual) x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' - x-accepts: application/json - get: - description: | - Get a AI Service Provider - operationId: getAIServiceProvider - parameters: - - description: | - AI Service Provider UUID - explode: false - in: path - name: aiServiceProviderId - required: true - schema: - type: string - style: simple - responses: - "200": - content: - application/json: - schema: - $ref: '#/components/schemas/AIServiceProviderResponse' - description: | - OK. - OpenAPI specification - security: - - OAuth2Security: - - apim:admin - summary: Get AI Service Provider - tags: - - AIServiceProvider - x-code-samples: - - lang: Curl - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' + "https://127.0.0.1:9443/api/am/admin/v4/api-categories/d7cf8523-9180-4255-84fa-6cb171c1f779"' x-accepts: application/json put: description: | - Update a AI Service provider by AIServiceProviderId - operationId: updateAIServiceProvider + Update an API Category by category Id parameters: - description: | - AI Service Provider UUID + API Category UUID explode: false in: path - name: aiServiceProviderId + name: apiCategoryId required: true schema: type: string style: simple requestBody: content: - multipart/form-data: + application/json: schema: - $ref: '#/components/schemas/AIServiceProviderRequest' + $ref: '#/components/schemas/APICategory' description: | - AI Service Provider object with updated information + API Category object with updated information required: true responses: "200": content: application/json: schema: - $ref: '#/components/schemas/AIServiceProviderResponse' + $ref: '#/components/schemas/APICategory' description: | OK. - AI Service Provider updated. + Label updated. "400": content: application/json: @@ -5050,193 +4725,222 @@ paths: security: - OAuth2Security: - apim:admin - - apim:llm_provider_manage - summary: Update an AI Service provider + - apim:admin_operations + - apim:api_category + summary: Update an API Category tags: - - AIServiceProvider + - API Category (Individual) x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - \ -F "name=UpdatedProviderName" \ -F "apiVersion=v2" \ -F "configurations={\"key\":\"value\"}" - \ -F "apiDefinition=@api_definition.json" \ "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers/{aiServiceProviderId}"' - x-contentType: multipart/form-data + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/api-categories/d7cf8523-9180-4255-84fa-6cb171c1f779"' + x-contentType: application/json x-accepts: application/json - /llm-providers: + /settings: get: description: | - Get all LLM providers + Retreive admin settings responses: "200": content: application/json: schema: - $ref: '#/components/schemas/LLMProviderSummaryResponseList' + $ref: '#/components/schemas/Settings' description: | OK. - LLM providers returned + Settings returned + "404": + content: + application/json: + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. security: - OAuth2Security: - apim:admin - summary: Get all LLM providers + - apim:admin_settings + summary: Retreive Admin Settings tags: - - LLMProviders + - Settings x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/llm-providers"' + "https://127.0.0.1:9443/api/am/admin/v4/settings"' x-accepts: application/json - post: + /alert-types: + get: description: | - Add a new LLM provider - requestBody: - content: - multipart/form-data: - schema: - $ref: '#/components/schemas/LLMProviderRequest' - description: | - LLM provider object that should to be added - required: true + This operation is used to get the list of supportd alert types for the apim admin dashboard + operationId: getAdminAlertTypes responses: - "201": + "200": content: application/json: schema: - $ref: '#/components/schemas/LLMProviderResponse' + $ref: '#/components/schemas/AlertTypesList' description: | - Created. - Successful response with the newly created LLM provider as entity in the body. - "400": + OK. + The list of admin alert types are returned. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple + "500": content: application/json: example: - code: 400 - message: Bad Request - description: Invalid request or validation error + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Bad Request. Invalid request or validation error. + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:llm_provider_manage - summary: Add a LLM provider + - apim:admin_alert_manage + summary: | + Get all Admin Alert Types tags: - - LLMProviders + - Alerts x-code-samples: - lang: Curl - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/llm-providers"' - x-contentType: multipart/form-data + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/alert-types"' x-accepts: application/json - /llm-providers/{llmProviderId}: + /alert-subscriptions: delete: description: | - Delete a LLM Provider by llmProviderId - parameters: - - description: | - LLM Provider UUID - explode: false - in: path - name: llmProviderId - required: true - schema: - type: string - style: simple + This operation is used to unsubscribe the respective user from all the admin alert types. + operationId: unsubscribeAllAlerts responses: "200": content: {} description: | OK. - LLM provider successfully deleted. - "404": + The user is unsubscribed from the alerts successfully. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple + "500": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:llm_provider_manage - summary: Delete a LLM Provider + - apim:admin_alert_manage + summary: | + Unsubscribe User from all Admin Alerts tags: - - LLMProvider + - Alert Subscriptions x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' + "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions"' x-accepts: application/json get: description: | - Get a LLM Provider - parameters: - - description: | - LLM Provider UUID - explode: false - in: path - name: llmProviderId - required: true - schema: - type: string - style: simple + This operation is used to get the list of subscribed alert types by the user. + operationId: getSubscribedAlertTypes responses: "200": content: application/json: schema: - $ref: '#/components/schemas/LLMProviderResponse' + $ref: '#/components/schemas/AlertsSubscription' description: | OK. - OpenAPI specification + The list of subscribed alert types are returned. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple + "500": + content: + application/json: + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Internal Server Error. security: - OAuth2Security: - apim:admin - summary: Get LLM Provider + - apim:admin_alert_manage + summary: | + Get Subscribed Alert Types tags: - - LLMProvider + - Alert Subscriptions x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' + "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions"' x-accepts: application/json put: description: | - Update a LLM provider by LLMProviderId - parameters: - - description: | - LLM Provider UUID - explode: false - in: path - name: llmProviderId - required: true - schema: - type: string - style: simple + This operation is used to subscribe to admin alerts + operationId: subscribeToAlerts requestBody: content: - multipart/form-data: + application/json: schema: - $ref: '#/components/schemas/LLMProviderRequest' - description: | - LLM Provider object with updated information + $ref: '#/components/schemas/AlertsSubscription' + description: The alerts list and the email list to subscribe. required: true responses: "200": content: application/json: schema: - $ref: '#/components/schemas/LLMProviderResponse' + $ref: '#/components/schemas/AlertsSubscription' description: | OK. - LLM Provider updated. + Successful response with the newly subscribed alerts. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple "400": content: application/json: @@ -5249,76 +4953,110 @@ paths: schema: $ref: '#/components/schemas/Error' description: Bad Request. Invalid request or validation error. - "404": + "500": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:llm_provider_manage - summary: Update an LLM provider + - apim:admin_alert_manage + summary: | + Subscribe to an Admin Alert tags: - - LLMProvider + - Alert Subscriptions x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' - x-contentType: multipart/form-data + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions"' + x-contentType: application/json x-accepts: application/json - /environments: + /alert-subscriptions/bot-detection: get: description: | - Get all Registered Environments + Get the list of subscriptions which are subscribed to receive email alerts for bot detection + operationId: getBotDetectionAlertSubscriptions responses: "200": content: application/json: schema: - $ref: '#/components/schemas/EnvironmentList' + $ref: '#/components/schemas/BotDetectionAlertSubscriptionList' description: | OK. - Environments returned + The list of bot detection alert subscriptions are returned. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple + "500": + content: + application/json: + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:environment_read - summary: Get all registered Environments + - apim:admin_alert_manage + summary: | + Get Subscriptions for Bot Detection tags: - - Environment Collection + - Bot Detection Alert Subscriptions x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/environments"' + "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions/bot-detection"' x-accepts: application/json post: description: | - Add a new geteway environment + Register a subscription for bot detection alerts + operationId: subscribeForBotDetectionAlerts requestBody: content: application/json: schema: - $ref: '#/components/schemas/Environment' + $ref: '#/components/schemas/BotDetectionAlertSubscription' description: | - Environment object that should to be added + The email to register to receive bot detection alerts required: true responses: - "201": + "200": content: application/json: schema: - $ref: '#/components/schemas/Environment' + $ref: '#/components/schemas/BotDetectionAlertSubscription' description: | - Created. - Successful response with the newly created object as entity in the body. + OK. + Bot detection alert subscription is registered successfully. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple "400": content: application/json: @@ -5331,140 +5069,116 @@ paths: schema: $ref: '#/components/schemas/Error' description: Bad Request. Invalid request or validation error. - security: - - OAuth2Security: - - apim:admin - - apim:environment_manage - summary: Add an Environment - tags: - - Environment - x-code-samples: - - lang: Shell - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/environments"' - x-contentType: application/json - x-accepts: application/json - /environments/{environmentId}: - delete: - description: | - Delete a Environment by Environment Id - parameters: - - description: | - Environment UUID (or Environment name defined in config) - explode: false - in: path - name: environmentId - required: true - schema: - type: string - style: simple - responses: - "200": - content: {} - description: | - OK. - Environment successfully deleted. - "404": + "500": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:environment_manage - summary: Delete an Environment + - apim:admin_alert_manage + summary: Subscribe for Bot Detection Alerts tags: - - Environment + - Bot Detection Alert Subscriptions x-code-samples: - - lang: Shell - source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/environments/d7cf8523-9180-4255-84fa-6cb171c1f779"' + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions/bot-detection"' + x-contentType: application/json x-accepts: application/json - put: + /alert-subscriptions/bot-detection/{uuid}: + delete: description: | - Update a gateway Environment by environment Id + Delete a Bot Detection Alert Subscription + operationId: unsubscribeFromBotDetectionAlerts parameters: - - description: | - Environment UUID (or Environment name defined in config) + - description: uuid of the subscription explode: false in: path - name: environmentId + name: uuid required: true schema: type: string style: simple - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/Environment' - description: | - Environment object with updated information - required: true responses: "200": - content: - application/json: - schema: - $ref: '#/components/schemas/Environment' + content: {} description: | OK. - Environment updated. - "400": + Bot detection alert subscription is deleted successfully. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple + "404": content: application/json: example: - code: 400 - message: Bad Request - description: Invalid request or validation error + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Bad Request. Invalid request or validation error. - "404": + description: Not Found. The specified resource does not exist. + "500": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:environment_manage - summary: Update an Environment + - apim:admin_alert_manage + summary: Unsubscribe from bot detection alerts. tags: - - Environment + - Bot Detection Alert Subscriptions x-code-samples: - - lang: Shell - source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/environments/d7cf8523-9180-4255-84fa-6cb171c1f779"' - x-contentType: application/json + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions/bot-detection/7c9ee02d-37f5-4694-b99c-6d5641b28645"' x-accepts: application/json - /environments/{environmentId}/gateways: + /system-scopes/{scopeName}: get: description: | - Retrieve list of gateway Instances in the gateway environment. + This operation will return the scope list of particular user + In order to get it, we need to pass the userId as a query parameter + operationId: systemScopesScopeNameGet parameters: + - explode: true + in: query + name: username + required: false + schema: + type: string + style: form - description: | - Environment UUID (or Environment name defined in config) + Base64 URL encoded value of the scope name to be validated explode: false in: path - name: environmentId + name: scopeName required: true schema: type: string @@ -5474,18 +5188,10 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/GatewayInstanceList' + $ref: '#/components/schemas/ScopeSettings' description: | OK. - List of gateway Instances in the gateway environment returned - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple + Particular scope exists for the given user. "400": content: application/json: @@ -5510,75 +5216,95 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "406": - content: - application/json: - example: - code: 406 - message: Not Acceptable - description: The requested media type is not supported - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Not Acceptable. The requested media type is not supported. security: - OAuth2Security: - apim:admin - - apim:environment_read - summary: Get Gateway Instances in a Gateway Environment + - apim:scope_manage + summary: Retrieve Scopes for a Particular User tags: - - Environments + - System Scopes x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/environments/8d263942-a6df-4cc2-a804-7a2525501450/gateways"' + "https://127.0.0.1:9443/api/am/admin/v4/system-scopes/YXBpbTpzdWJzY3JpYmU?username=john"' x-accepts: application/json - /organizations: + /system-scopes: get: description: | - Get all Registered Organizations + This operation is used to get the list of role scope mapping from tenant-conf for the apim admin dashboard + operationId: systemScopesGet responses: "200": content: application/json: schema: - $ref: '#/components/schemas/OrganizationList' + $ref: '#/components/schemas/ScopeList' description: | OK. - Organizations returned + The list of role scope mappings are returned. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple + "500": + content: + application/json: + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Internal Server Error. security: - OAuth2Security: + - apim:scope_manage - apim:admin - - apim:organization_read - summary: Get all registered Organizations + summary: | + Get Role Scope Mappings tags: - - Organizations + - System Scopes x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/organizations"' + "https://127.0.0.1:9443/api/am/admin/v4/system-scopes"' x-accepts: application/json - post: + put: description: | - Add a new organization + This operation is used to update the roles for all scopes + operationId: updateRolesForScope requestBody: content: application/json: schema: - $ref: '#/components/schemas/Organization' + $ref: '#/components/schemas/ScopeList' description: | - Organization object that should to be added + Scope list object with updated scope to role mappings required: true responses: - "201": + "200": content: application/json: schema: - $ref: '#/components/schemas/Organization' + $ref: '#/components/schemas/ScopeList' description: | - Created. - Successful response with the newly created organization as entity in the body. + OK. + Successful response with the newly added roles. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple "400": content: application/json: @@ -5591,97 +5317,54 @@ paths: schema: $ref: '#/components/schemas/Error' description: Bad Request. Invalid request or validation error. - security: - - OAuth2Security: - - apim:admin - - apim:organization_manage - summary: Add an Organizations - tags: - - Organizations - x-code-samples: - - lang: Curl - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/organizations"' - x-contentType: application/json - x-accepts: application/json - /organizations/{organizationId}: - delete: - description: | - Delete an organization by organization Id - parameters: - - description: | - Organization UUID - explode: false - in: path - name: organizationId - required: true - schema: - type: string - style: simple - responses: - "200": - content: {} - description: | - OK. - Organization successfully deleted. - "404": + "500": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:organization_manage - summary: Delete an Organization + - apim:scope_manage + summary: | + Update Roles For Scope tags: - - Organizations + - System Scopes x-code-samples: - lang: Curl - source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/system-scopes"' + x-contentType: application/json x-accepts: application/json + /system-scopes/role-aliases: get: description: | - Get an organization by organization Id - parameters: - - description: | - Organization UUID - explode: false - in: path - name: organizationId - required: true - schema: - type: string - style: simple + This operation can be used to retreive role alias mapping responses: "200": content: application/json: schema: - $ref: '#/components/schemas/Organization' + $ref: '#/components/schemas/RoleAliasList' description: | OK. - Organization. - "400": - content: - application/json: - example: - code: 400 - message: Bad Request - description: Invalid request or validation error - moreInfo: "" - error: [] + The list of role mappings are returned. + headers: + Content-Type: + description: | + The content type of the body. + explode: false schema: - $ref: '#/components/schemas/Error' - description: Bad Request. Invalid request or validation error. + type: string + style: simple "404": content: application/json: @@ -5697,45 +5380,34 @@ paths: security: - OAuth2Security: - apim:admin - - apim:organization_read - summary: Get an Organization - tags: - - Organizations - x-code-samples: - - lang: Curl - source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' - x-accepts: application/json - put: - description: | - Update an organization by organization Id - parameters: - - description: | - Organization UUID - explode: false - in: path - name: organizationId - required: true - schema: - type: string - style: simple + - apim:scope_manage + summary: Retrieve Role Alias Mappings + tags: + - System Scopes + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/system-scopes/role-aliases"' + x-accepts: application/json + put: + description: | + This operation can be used to add a new role alias mapping for system scope roles requestBody: content: application/json: schema: - $ref: '#/components/schemas/Organization' - description: | - Organization object with updated information + $ref: '#/components/schemas/RoleAliasList' + description: role-alias mapping required: true responses: "200": content: application/json: schema: - $ref: '#/components/schemas/Organization' + $ref: '#/components/schemas/RoleAliasList' description: | OK. - Organization updated. + Role mapping alias returned "400": content: application/json: @@ -5748,83 +5420,105 @@ paths: schema: $ref: '#/components/schemas/Error' description: Bad Request. Invalid request or validation error. - "404": + "500": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. + description: Internal Server Error. security: - OAuth2Security: + - apim:scope_manage - apim:admin - - apim:organization_manage - summary: Update an Organization + summary: Add a New Role Alias tags: - - Organizations + - System Scopes x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/system-scopes/role-aliases"' x-contentType: application/json x-accepts: application/json - /me/organization-information: - get: + /roles/{roleId}: + head: description: | - Using this operation, logged-in user can get their organization information. - operationId: organizationInformation + Using this operation, user can check a given role name exists or not. + operationId: validateSystemRole + parameters: + - description: | + The Base 64 URL encoded role name with domain. If the given role is in PRIMARY user-store, role ID should be + derived as Base64URLEncode(role-name). If the given role is in secondary user-store, role ID should be + derived as Base64URLEncode({user-store-name}/{role-name}). + explode: false + in: path + name: roleId + required: true + schema: + type: string + style: simple responses: "200": + content: {} + description: OK. Requested role name exists. + "404": content: application/json: + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] schema: - $ref: '#/components/schemas/OrganizationInfo' - description: | - OK. - Key Manager list returned - "400": + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. + "500": content: application/json: example: - code: 400 - message: Bad Request - description: Invalid request or validation error + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Bad Request. Invalid request or validation error. + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:admin_settings - summary: Get the Organization information of the user + - apim:role_manage + summary: Check Whether Given Role Name already Exist tags: - - Users + - Roles x-code-samples: - lang: Curl - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/publisher/v4/me/organization"' + source: 'curl -k -I -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/roles/SW50ZXJuYWwvcHVibGlzaGVyCQ"' x-accepts: application/json - /bot-detection-data: + /tenant-theme: get: description: | - Get all bot detected data - operationId: getBotDetectionData + This operation can be used to export a DevPortal tenant theme as a zip file. + operationId: exportTenantTheme responses: "200": content: - application/json: + application/zip: schema: - $ref: '#/components/schemas/BotDetectionDataList' + format: binary + type: string description: | OK. - Bot detected data returned. + Tenant Theme Exported Successfully. headers: Content-Type: description: | @@ -5833,48 +5527,20 @@ paths: schema: type: string style: simple - "404": + "403": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 403 + message: Forbidden + description: The request must be conditional but no condition has + been specified moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. - security: - - OAuth2Security: - - apim:admin - - apim:bot_data - summary: | - Get all Bot Detected Data - tags: - - Bot Detection Data - x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/bot-detection-data"' - x-accepts: application/json - /monetization/publish-usage: - post: - description: | - Publish usage records of monetized APIs - responses: - "200": - content: - application/json: - schema: - $ref: '#/components/schemas/PublishStatus' - description: Usage records successfully published. - "202": - content: - application/json: - schema: - $ref: '#/components/schemas/PublishStatus' - description: Request is sucessfully accepted for processing. + description: Forbidden. The request must be conditional but no condition + has been specified. "404": content: application/json: @@ -5903,216 +5569,113 @@ paths: security: - OAuth2Security: - apim:admin - - apim:monetization_usage_publish - summary: Publish Usage Records - tags: - - Monetization (Collection) - x-code-samples: - - lang: Shell - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/monetization/publish-usage"' - x-accepts: application/json - /monetization/publish-usage/status: - get: - description: | - Get the status of monetization usage publisher - responses: - "200": - content: - application/json: - schema: - $ref: '#/components/schemas/MonetizationUsagePublishInfo' - description: | - OK. - Status returned - security: - - OAuth2Security: - - apim:admin - - apim:monetization_usage_publish - summary: Get the Status of Monetization Usage Publisher + - apim:tenant_theme_manage + summary: Export a DevPortal Tenant Theme tags: - - Monetization (Collection) + - Tenant Theme x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/monetization/publish-usage/status"' + "https://127.0.0.1:9443/api/am/admin/v4/tenant-theme" > theme.zip' x-accepts: application/json - /workflows: - get: + put: description: | - This operation can be used to retrieve list of workflow pending processes. - parameters: - - description: | - Maximum size of resource array to return. - explode: true - in: query - name: limit - required: false - schema: - default: 25 - type: integer - style: form - - description: | - Starting point within the complete list of items qualified. - explode: true - in: query - name: offset - required: false - schema: - default: 0 - type: integer - style: form - - description: | - Media types acceptable for the response. Default is application/json. - explode: false - in: header - name: Accept - required: false - schema: - default: application/json - type: string - style: simple - - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - explode: false - in: header - name: If-None-Match - required: false - schema: - type: string - style: simple - - description: | - We need to show the values of each workflow process separately .for that we use workflow type. - Workflow type can be AM_APPLICATION_CREATION, AM_SUBSCRIPTION_CREATION, AM_USER_SIGNUP, AM_APPLICATION_REGISTRATION_PRODUCTION, AM_APPLICATION_REGISTRATION_SANDBOX, AM_APPLICATION_UPDATE. - explode: true - in: query - name: workflowType - required: false - schema: - enum: - - AM_APPLICATION_CREATION - - AM_SUBSCRIPTION_CREATION - - AM_APPLICATION_UPDATE - - AM_USER_SIGNUP - - AM_APPLICATION_REGISTRATION_PRODUCTION - - AM_APPLICATION_REGISTRATION_SANDBOX - - AM_SUBSCRIPTION_DELETION - - AM_APPLICATION_DELETION - - AM_API_STATE - - AM_API_PRODUCT_STATE - - AM_REVISION_DEPLOYMENT - type: string - style: form - responses: - "200": - content: - application/json: - schema: - $ref: '#/components/schemas/WorkflowList' - description: | - OK. - Workflow pendding process list returned. - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple - "304": + This operation can be used to import a DevPortal tenant theme. + operationId: importTenantTheme + requestBody: + content: + multipart/form-data: + schema: + properties: + file: + description: | + Zip archive consisting of tenant theme configuration + format: binary + type: string + required: + - file + required: true + responses: + "200": content: {} description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - "400": + Ok. + Tenant Theme Imported Successfully. + "403": content: application/json: example: - code: 400 - message: Bad Request - description: Invalid request or validation error + code: 403 + message: Forbidden + description: The request must be conditional but no condition has + been specified moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Bad Request. Invalid request or validation error. - "404": + description: Forbidden. The request must be conditional but no condition + has been specified. + "413": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 413 + message: Payload Too Large + description: Request entity is larger than limits defined by server moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. - "406": + description: Payload Too Large. Request entity is larger than limits defined + by server. + "500": content: application/json: example: - code: 406 - message: Not Acceptable - description: The requested media type is not supported + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Acceptable. The requested media type is not supported. + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:api_workflow_view - summary: | - Retrieve All Pending Workflow Processes + - apim:tenant_theme_manage + summary: Import a DevPortal Tenant Theme tags: - - Workflow (Collection) + - Tenant Theme x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/workflows"' + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=@theme.zip "https://127.0.0.1:9443/api/am/admin/v4/tenant-theme"' + x-contentType: multipart/form-data x-accepts: application/json - /workflows/{externalWorkflowRef}: + /org-themes: get: - description: | - Using this operation, you can retrieve complete details of a pending workflow request that either belongs to application creation, application subscription, application registration, api state change, user self sign up.. You need to provide the External_Workflow_Reference of the workflow Request to retrive it. + description: Returns the UUIDs of org-theme contents and their publish status. + operationId: getOrgThemes parameters: - - description: | - from the externel workflow reference we decide what is the the pending request that the are requesting. - explode: false - in: path - name: externalWorkflowRef - required: true - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - explode: false - in: header - name: If-None-Match + - description: Filter themes based on published status + explode: true + in: query + name: publish required: false schema: - type: string - style: simple + type: boolean + style: form responses: "200": content: application/json: schema: - $ref: '#/components/schemas/WorkflowInfo' - description: | - OK. - Requested Workflow Pending is returned - "304": - content: {} - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource. + items: + $ref: '#/components/schemas/ContentPublishStatusResponse' + type: array + description: List of org themes "404": content: application/json: @@ -6125,70 +5688,74 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "406": + "400": content: application/json: example: - code: 406 - message: Not Acceptable - description: The requested media type is not supported + code: 400 + message: Bad Request + description: Invalid request or validation error moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Acceptable. The requested media type is not supported. + description: Bad Request. Invalid request or validation error. + "403": + content: + application/json: + example: + code: 403 + message: Forbidden + description: The request must be conditional but no condition has + been specified + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Forbidden. The request must be conditional but no condition + has been specified. + "500": + content: + application/json: + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:api_workflow_view - summary: | - Get Pending Workflow Details by External Workflow Reference - tags: - - Workflows (Individual) + - apim:tenant_theme_manage + summary: Retrieve UUIDs of org-theme contents x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/workflows/c43a325c-260b-4302-81cb-768eafaa3aed"' + - lang: Curl + source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/org-themes?publish=true"' x-accepts: application/json - /workflows/update-workflow-status: post: - description: | - This operation can be used to approve or reject a workflow task. - parameters: - - description: | - Workflow reference id - explode: true - in: query - name: workflowReferenceId - required: true - schema: - type: string - style: form + description: Imports a drafted zip of an org theme to APIM. + operationId: importOrgTheme requestBody: content: - application/json: + multipart/form-data: schema: - $ref: '#/components/schemas/Workflow' - description: | - Workflow event that need to be updated + properties: + file: + description: | + The org-content.zip file + format: binary + type: string + required: + - file required: true responses: "200": - content: - application/json: - schema: - $ref: '#/components/schemas/Workflow' - description: | - OK. - Workflow request information is returned. - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple + description: Successfully imported "400": content: application/json: @@ -6213,52 +5780,77 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. + "403": + content: + application/json: + example: + code: 403 + message: Forbidden + description: The request must be conditional but no condition has + been specified + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Forbidden. The request must be conditional but no condition + has been specified. + "413": + content: + application/json: + example: + code: 413 + message: Payload Too Large + description: Request entity is larger than limits defined by server + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Payload Too Large. Request entity is larger than limits defined + by server. + "500": + content: + application/json: + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:api_workflow_approve - summary: Update Workflow Status - tags: - - Workflows (Individual) + - apim:tenant_theme_manage + summary: Import org theme x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/workflows/update-workflow-status?workflowReferenceId=56e3a170-a7a7-45f8-b051-7e43a58a67e1"' - x-contentType: application/json + -F "file=@org-content.zip" "https://127.0.0.1:9443/api/am/admin/v4/org-themes"' + x-contentType: multipart/form-data x-accepts: application/json - /tenant-info/{username}: + /org-themes/{id}/content: get: - description: | - This operation is to get tenant id of the provided user - operationId: getTenantInfoByUsername + description: Returns the org theme as a zip file for the given ID. + operationId: getOrgThemeContent parameters: - - description: | - The state represents the current state of the tenant. Supported states are [ active, inactive] - explode: false + - explode: false in: path - name: username + name: id required: true schema: - default: john type: string style: simple responses: "200": - content: - application/json: - schema: - $ref: '#/components/schemas/TenantInfo' - description: | - OK. - Tenant id of the user retrieved. - headers: - Content-Type: - description: | - The content type of the body. - explode: false + content: + application/zip: schema: + format: binary type: string - style: simple + description: Returns the org theme zip "404": content: application/json: @@ -6271,63 +5863,70 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "406": + "400": content: application/json: example: - code: 406 - message: Not Acceptable - description: The requested media type is not supported + code: 400 + message: Bad Request + description: Invalid request or validation error moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Acceptable. The requested media type is not supported. + description: Bad Request. Invalid request or validation error. + "403": + content: + application/json: + example: + code: 403 + message: Forbidden + description: The request must be conditional but no condition has + been specified + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Forbidden. The request must be conditional but no condition + has been specified. + "500": + content: + application/json: + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:tenantInfo - summary: | - Get Tenant Id of User - tags: - - Tenants + - apim:tenant_theme_manage + summary: Retrieve org theme as zip x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/tenant-info/john"' + - lang: Curl + source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/org-themes/{id}/content" -o org-content.zip' x-accepts: application/json - /custom-urls/{tenantDomain}: - get: - description: | - This operation is to get custom-url information of the provided tenant-domain - operationId: getCustomUrlInfoByTenantDomain + /org-themes/{id}: + delete: + description: Deletes the org theme for the given ID. + operationId: deleteOrgTheme parameters: - - description: | - The tenant domain name. - explode: false + - explode: false in: path - name: tenantDomain + name: id required: true schema: type: string style: simple responses: "200": - content: - application/json: - schema: - $ref: '#/components/schemas/CustomUrlInfo' - description: | - OK. - Custom url info of the tenant is retrieved. - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple + description: Successfully deleted "404": content: application/json: @@ -6340,76 +5939,76 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "406": + "400": content: application/json: example: - code: 406 - message: Not Acceptable - description: The requested media type is not supported + code: 400 + message: Bad Request + description: Invalid request or validation error moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Acceptable. The requested media type is not supported. - security: - - OAuth2Security: - - apim:admin - - apim:tenantInfo - summary: | - Get Custom URL Info of a Tenant Domain - tags: - - Tenants - x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/custom-urls/wso2.com"' - x-accepts: application/json - /api-categories: - get: - description: | - Get all API categories - responses: - "200": + description: Bad Request. Invalid request or validation error. + "403": content: application/json: + example: + code: 403 + message: Forbidden + description: The request must be conditional but no condition has + been specified + moreInfo: "" + error: [] schema: - $ref: '#/components/schemas/APICategoryList' - description: | - OK. - Categories returned + $ref: '#/components/schemas/Error' + description: Forbidden. The request must be conditional but no condition + has been specified. + "500": + content: + application/json: + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:admin_operations - summary: Get all API Categories - tags: - - API Category (Collection) + - apim:tenant_theme_manage + summary: Delete an org theme x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/api-categories"' + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/org-themes/{id}"' x-accepts: application/json + /org-themes/{id}/status: post: - description: | - Add a new API category + description: Publishes or unpublishes an org theme to the dev portal. + operationId: updateOrgThemeStatus + parameters: + - explode: false + in: path + name: id + required: true + schema: + type: string + style: simple requestBody: content: application/json: schema: - $ref: '#/components/schemas/APICategory' - description: | - API Category object that should to be added + $ref: '#/components/schemas/ContentPublishStatus' required: true responses: - "201": - content: - application/json: - schema: - $ref: '#/components/schemas/APICategory' - description: | - Created. - Successful response with the newly created object as entity in the body. + "200": + description: Successfully updated status "400": content: application/json: @@ -6422,57 +6021,92 @@ paths: schema: $ref: '#/components/schemas/Error' description: Bad Request. Invalid request or validation error. + "403": + content: + application/json: + example: + code: 403 + message: Forbidden + description: The request must be conditional but no condition has + been specified + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Forbidden. The request must be conditional but no condition + has been specified. + "404": + content: + application/json: + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. + "500": + content: + application/json: + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:admin_operations - summary: Add API Category - tags: - - API Category (Individual) + - apim:tenant_theme_manage + summary: Update publish status of an org theme x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/api-categories"' + -H "Content-Type: application/json" -d ''{"ACTION": "PUBLISH"}'' "https://127.0.0.1:9443/api/am/admin/v4/org-themes/{id}/status"' x-contentType: application/json x-accepts: application/json - /api-categories/{apiCategoryId}: - delete: + /tenant-config: + get: description: | - Delete an API Category by API Category Id - parameters: - - description: | - API Category UUID - explode: false - in: path - name: apiCategoryId - required: true - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple - - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). - explode: false - in: header - name: If-Unmodified-Since - required: false - schema: - type: string - style: simple + This operation can be used to export a tenant-config.json used in deployment. + operationId: exportTenantConfig responses: "200": - content: {} + content: + application/json: + schema: + type: string description: | OK. - API Category successfully deleted. + Tenant config Exported Successfully. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple + "403": + content: + application/json: + example: + code: 403 + message: Forbidden + description: The request must be conditional but no condition has + been specified + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Forbidden. The request must be conditional but no condition + has been specified. "404": content: application/json: @@ -6485,98 +6119,138 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. + "500": + content: + application/json: + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:admin_operations - summary: Delete an API Category + summary: Export a tenant-Config. tags: - - API Category (Individual) + - Tenant Config x-code-samples: - - lang: Shell - source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/api-categories/d7cf8523-9180-4255-84fa-6cb171c1f779"' + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/tenant-config" > tenant-config.json' x-accepts: application/json put: description: | - Update an API Category by category Id - parameters: - - description: | - API Category UUID - explode: false - in: path - name: apiCategoryId - required: true - schema: - type: string - style: simple + This operation can be used to update tenant-config. + operationId: updateTenantConfig requestBody: content: application/json: schema: - $ref: '#/components/schemas/APICategory' - description: | - API Category object with updated information + type: string + description: tenant-config required: true responses: "200": content: application/json: schema: - $ref: '#/components/schemas/APICategory' + type: object description: | OK. - Label updated. - "400": + Role mapping alias returned + "403": content: application/json: example: - code: 400 - message: Bad Request - description: Invalid request or validation error + code: 403 + message: Forbidden + description: The request must be conditional but no condition has + been specified moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Bad Request. Invalid request or validation error. - "404": + description: Forbidden. The request must be conditional but no condition + has been specified. + "413": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 413 + message: Payload Too Large + description: Request entity is larger than limits defined by server moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. + description: Payload Too Large. Request entity is larger than limits defined + by server. + "500": + content: + application/json: + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:admin_operations - summary: Update an API Category + summary: Update a tenant-config. tags: - - API Category (Individual) + - Tenant Config x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/api-categories/d7cf8523-9180-4255-84fa-6cb171c1f779"' + "https://127.0.0.1:9443/api/am/admin/v4/tenant-config"' x-contentType: application/json x-accepts: application/json - /settings: + /tenant-config-schema: get: description: | - Retreive admin settings + This operation can be used to export a tenant-config-schema.json used in deployment. + operationId: exportTenantConfigSchema responses: "200": content: application/json: schema: - $ref: '#/components/schemas/Settings' + type: string description: | OK. - Settings returned + Tenant config schema exported successfully. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple + "403": + content: + application/json: + example: + code: 403 + message: Forbidden + description: The request must be conditional but no condition has + been specified + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Forbidden. The request must be conditional but no condition + has been specified. "404": content: application/json: @@ -6589,124 +6263,168 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. + "500": + content: + application/json: + example: + code: 500 + message: Internal Server Error + description: The server encountered an internal error. Please contact + administrator. + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Internal Server Error. security: - OAuth2Security: - apim:admin - - apim:admin_settings - summary: Retreive Admin Settings + summary: Export a tenant-Config-Schema. tags: - - Settings + - Tenant Config Schema x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/settings"' + "https://127.0.0.1:9443/api/am/admin/v4/tenant-config-schema" > tenant-config-schema.json' x-accepts: application/json - /alert-types: + /key-managers: get: description: | - This operation is used to get the list of supportd alert types for the apim admin dashboard - operationId: getAdminAlertTypes + Get all Key managers responses: "200": content: application/json: schema: - $ref: '#/components/schemas/AlertTypesList' + $ref: '#/components/schemas/KeyManagerList' description: | OK. - The list of admin alert types are returned. - headers: - Content-Type: - description: | - The content type of the body. - explode: false + KeyManagers returned + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + - apim:keymanagers_manage + summary: Get all Key managers + tags: + - Key Manager (Collection) + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/key-managers"' + x-accepts: application/json + post: + description: | + Add a new API Key Manager + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + description: | + Key Manager object that should to be added + required: true + responses: + "201": + content: + application/json: schema: - type: string - style: simple - "500": + $ref: '#/components/schemas/KeyManager' + description: | + Created. + Successful response with the newly created object as entity in the body. + "400": content: application/json: example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. + code: 400 + message: Bad Request + description: Invalid request or validation error moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Internal Server Error. + description: Bad Request. Invalid request or validation error. security: - OAuth2Security: - apim:admin - - apim:admin_alert_manage - summary: | - Get all Admin Alert Types + - apim:admin_operations + - apim:keymanagers_manage + summary: Add a new API Key Manager tags: - - Alerts + - Key Manager (Collection) x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/alert-types"' + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/key-managers"' + x-contentType: application/json x-accepts: application/json - /alert-subscriptions: + /key-managers/{keyManagerId}: delete: description: | - This operation is used to unsubscribe the respective user from all the admin alert types. - operationId: unsubscribeAllAlerts + Delete a Key Manager by keyManager id + parameters: + - description: | + Key Manager UUID + explode: false + in: path + name: keyManagerId + required: true + schema: + type: string + style: simple responses: "200": content: {} description: | OK. - The user is unsubscribed from the alerts successfully. - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple - "500": + Key Manager successfully deleted. + "404": content: application/json: example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Internal Server Error. + description: Not Found. The specified resource does not exist. security: - OAuth2Security: - apim:admin - - apim:admin_alert_manage - summary: | - Unsubscribe User from all Admin Alerts + - apim:admin_operations + summary: Delete a Key Manager tags: - - Alert Subscriptions + - Key Manager (Individual) x-code-samples: - lang: Shell source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions"' + "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' x-accepts: application/json get: description: | - This operation is used to get the list of subscribed alert types by the user. - operationId: getSubscribedAlertTypes + Retrieve a single Key Manager Configuration. We should provide the Id of the KeyManager as a path parameter. + parameters: + - description: | + Key Manager UUID + explode: false + in: path + name: keyManagerId + required: true + schema: + type: string + style: simple responses: "200": content: application/json: schema: - $ref: '#/components/schemas/AlertsSubscription' + $ref: '#/components/schemas/KeyManager' description: | OK. - The list of subscribed alert types are returned. + KeyManager Configuration returned headers: Content-Type: description: | @@ -6715,60 +6433,73 @@ paths: schema: type: string style: simple - "500": + "404": content: application/json: example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Internal Server Error. + description: Not Found. The specified resource does not exist. + "406": + content: + application/json: + example: + code: 406 + message: Not Acceptable + description: The requested media type is not supported + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Acceptable. The requested media type is not supported. security: - OAuth2Security: - apim:admin - - apim:admin_alert_manage - summary: | - Get Subscribed Alert Types + - apim:admin_operations + - apim:keymanagers_manage + summary: Get a Key Manager Configuration tags: - - Alert Subscriptions + - Key Manager (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions"' + "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' x-accepts: application/json put: description: | - This operation is used to subscribe to admin alerts - operationId: subscribeToAlerts + Update a Key Manager by keyManager id + parameters: + - description: | + Key Manager UUID + explode: false + in: path + name: keyManagerId + required: true + schema: + type: string + style: simple requestBody: content: application/json: schema: - $ref: '#/components/schemas/AlertsSubscription' - description: The alerts list and the email list to subscribe. + $ref: '#/components/schemas/KeyManager' + description: | + Key Manager object with updated information required: true responses: "200": content: application/json: schema: - $ref: '#/components/schemas/AlertsSubscription' + $ref: '#/components/schemas/KeyManager' description: | OK. - Successful response with the newly subscribed alerts. - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple + Label updated. "400": content: application/json: @@ -6781,110 +6512,78 @@ paths: schema: $ref: '#/components/schemas/Error' description: Bad Request. Invalid request or validation error. - "500": + "404": content: application/json: example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Internal Server Error. + description: Not Found. The specified resource does not exist. security: - OAuth2Security: - apim:admin - - apim:admin_alert_manage - summary: | - Subscribe to an Admin Alert + - apim:admin_operations + - apim:keymanagers_manage + summary: Update a Key Manager tags: - - Alert Subscriptions + - Key Manager (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' x-contentType: application/json x-accepts: application/json - /alert-subscriptions/bot-detection: + /global-key-managers: get: description: | - Get the list of subscriptions which are subscribed to receive email alerts for bot detection - operationId: getBotDetectionAlertSubscriptions + Get all Global Key managers responses: "200": content: application/json: schema: - $ref: '#/components/schemas/BotDetectionAlertSubscriptionList' + $ref: '#/components/schemas/KeyManagerList' description: | OK. - The list of bot detection alert subscriptions are returned. - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple - "500": - content: - application/json: - example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Internal Server Error. + KeyManagers returned security: - OAuth2Security: - apim:admin - - apim:admin_alert_manage - summary: | - Get Subscriptions for Bot Detection + - apim:admin_operations + - apim:keymanagers_manage + summary: Get all Global Key managers tags: - - Bot Detection Alert Subscriptions + - Global Key Manager (Collection) x-code-samples: - lang: Shell source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions/bot-detection"' + "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers"' x-accepts: application/json post: description: | - Register a subscription for bot detection alerts - operationId: subscribeForBotDetectionAlerts + Add a new Global Key Manager requestBody: content: application/json: schema: - $ref: '#/components/schemas/BotDetectionAlertSubscription' + $ref: '#/components/schemas/KeyManager' description: | - The email to register to receive bot detection alerts + Key Manager object that should to be added required: true responses: - "200": + "201": content: application/json: schema: - $ref: '#/components/schemas/BotDetectionAlertSubscription' + $ref: '#/components/schemas/KeyManager' description: | - OK. - Bot detection alert subscription is registered successfully. - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple + Created. + Successful response with the newly created object as entity in the body. "400": content: application/json: @@ -6896,142 +6595,41 @@ paths: error: [] schema: $ref: '#/components/schemas/Error' - description: Bad Request. Invalid request or validation error. - "500": - content: - application/json: - example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Internal Server Error. - security: - - OAuth2Security: - - apim:admin - - apim:admin_alert_manage - summary: Subscribe for Bot Detection Alerts - tags: - - Bot Detection Alert Subscriptions - x-code-samples: - - lang: Shell - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions/bot-detection"' - x-contentType: application/json - x-accepts: application/json - /alert-subscriptions/bot-detection/{uuid}: - delete: - description: | - Delete a Bot Detection Alert Subscription - operationId: unsubscribeFromBotDetectionAlerts - parameters: - - description: uuid of the subscription - explode: false - in: path - name: uuid - required: true - schema: - type: string - style: simple - responses: - "200": - content: {} - description: | - OK. - Bot detection alert subscription is deleted successfully. - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple - "404": - content: - application/json: - example: - code: 404 - message: Not Found - description: The specified resource does not exist - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. - "500": - content: - application/json: - example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Internal Server Error. + description: Bad Request. Invalid request or validation error. security: - OAuth2Security: - apim:admin - - apim:admin_alert_manage - summary: Unsubscribe from bot detection alerts. + - apim:admin_operations + - apim:keymanagers_manage + summary: Add a new Global Key Manager tags: - - Bot Detection Alert Subscriptions + - Global Key Manager (Collection) x-code-samples: - lang: Shell - source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions/bot-detection"' + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers"' + x-contentType: application/json x-accepts: application/json - /system-scopes/{scopeName}: - get: + /global-key-managers/{keyManagerId}: + delete: description: | - This operation will return the scope list of particular user - In order to get it, we need to pass the userId as a query parameter - operationId: systemScopesScopeNameGet + Delete a Global Key Manager by keyManager id parameters: - - explode: true - in: query - name: username - required: false - schema: - type: string - style: form - description: | - scope name to be validated + Key Manager UUID explode: false in: path - name: scopeName + name: keyManagerId required: true schema: type: string style: simple responses: "200": - content: - application/json: - schema: - $ref: '#/components/schemas/ScopeSettings' + content: {} description: | OK. - Particular scope exists for the given user. - "400": - content: - application/json: - example: - code: 400 - message: Bad Request - description: Invalid request or validation error - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Bad Request. Invalid request or validation error. + Key Manager successfully deleted. "404": content: application/json: @@ -7047,29 +6645,38 @@ paths: security: - OAuth2Security: - apim:admin - - apim:scope_manage - summary: Retrieve Scopes for a Particular User + - apim:admin_operations + - apim:keymanagers_manage + summary: Delete a Global Key Manager tags: - - System Scopes + - Global Key Manager (Individual) x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/system-scopes/YXBpbTpzdWJzY3JpYmU?username=john"' + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' x-accepts: application/json - /system-scopes: get: - description: | - This operation is used to get the list of role scope mapping from tenant-conf for the apim admin dashboard - operationId: systemScopesGet + description: "Retrieve a single Global Key Manager Configuration. We should\ + \ provide the Id of the KeyManager as a path \nparameter.\n" + parameters: + - description: | + Key Manager UUID + explode: false + in: path + name: keyManagerId + required: true + schema: + type: string + style: simple responses: "200": content: application/json: schema: - $ref: '#/components/schemas/ScopeList' + $ref: '#/components/schemas/KeyManager' description: | OK. - The list of role scope mappings are returned. + KeyManager Configuration returned headers: Content-Type: description: | @@ -7078,61 +6685,73 @@ paths: schema: type: string style: simple - "500": + "404": content: application/json: example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Internal Server Error. + description: Not Found. The specified resource does not exist. + "406": + content: + application/json: + example: + code: 406 + message: Not Acceptable + description: The requested media type is not supported + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Acceptable. The requested media type is not supported. security: - OAuth2Security: - - apim:scope_manage - apim:admin - summary: | - Get Role Scope Mappings + - apim:admin_operations + - apim:keymanagers_manage + summary: Get a Global Key Manager Configuration tags: - - System Scopes + - Global Key Manager (Individual) x-code-samples: - lang: Shell source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/system-scopes"' + "https://127.0.0.1:9443/api/am/admin/v3/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' x-accepts: application/json put: description: | - This operation is used to update the roles for all scopes - operationId: updateRolesForScope + Update a Global Key Manager by keyManager id + parameters: + - description: | + Key Manager UUID + explode: false + in: path + name: keyManagerId + required: true + schema: + type: string + style: simple requestBody: content: application/json: schema: - $ref: '#/components/schemas/ScopeList' + $ref: '#/components/schemas/KeyManager' description: | - Scope list object with updated scope to role mappings + Key Manager object with updated information required: true responses: "200": content: application/json: schema: - $ref: '#/components/schemas/ScopeList' + $ref: '#/components/schemas/KeyManager' description: | OK. - Successful response with the newly added roles. - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple + Label updated. "400": content: application/json: @@ -7145,150 +6764,204 @@ paths: schema: $ref: '#/components/schemas/Error' description: Bad Request. Invalid request or validation error. - "500": + "404": content: application/json: example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Internal Server Error. + description: Not Found. The specified resource does not exist. security: - OAuth2Security: - apim:admin - - apim:scope_manage - summary: | - Update Roles For Scope + - apim:admin_operations + - apim:keymanagers_manage + summary: Update a Global Key Manager tags: - - System Scopes + - Global Key Manager (Individual) x-code-samples: - lang: Shell source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/system-scopes"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' x-contentType: application/json x-accepts: application/json - /system-scopes/role-aliases: - get: + /key-managers/discover: + post: description: | - This operation can be used to retreive role alias mapping + Retrieve well-known information from key manager's well-known endpoint + requestBody: + content: + multipart/form-data: + schema: + properties: + url: + description: Well-Known Endpoint + type: string + type: + default: "false" + description: | + Key Manager Type + type: string responses: "200": content: application/json: schema: - $ref: '#/components/schemas/RoleAliasList' + $ref: '#/components/schemas/KeyManagerWellKnownResponse' description: | OK. - The list of role mappings are returned. - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple - "404": - content: - application/json: - example: - code: 404 - message: Not Found - description: The specified resource does not exist - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. + KeyManagers returned security: - OAuth2Security: - apim:admin - - apim:scope_manage - summary: Retrieve Role Alias Mappings + - apim:admin_operations + - apim:keymanagers_manage + summary: Retrieve Well-known information from Key Manager Well-known Endpoint tags: - - System Scopes + - Key Manager (Collection) x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/system-scopes/role-aliases"' + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F "type=WSO2-IS" "https://127.0.0.1:9443/api/am/admin/v4/key-managers/discover"' + x-contentType: multipart/form-data x-accepts: application/json - put: + /key-managers/{keyManagerId}/api-usages: + get: description: | - This operation can be used to add a new role alias mapping for system scope roles - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/RoleAliasList' - description: role-alias mapping + Retrieves a list of APIs that are specifically utilizing the Key Manager identified by the provided ID. + The Key Manager ID should be provided as a path parameter. + parameters: + - description: | + Starting point within the complete list of items qualified. + explode: true + in: query + name: offset + required: false + schema: + default: 0 + type: integer + style: form + - description: | + Maximum size of resource array to return. + explode: true + in: query + name: limit + required: false + schema: + default: 25 + type: integer + style: form + - description: | + Key Manager UUID + explode: false + in: path + name: keyManagerId required: true + schema: + type: string + style: simple responses: "200": content: application/json: schema: - $ref: '#/components/schemas/RoleAliasList' + $ref: '#/components/schemas/KeyManagerAPIUsages' description: | OK. - Role mapping alias returned - "400": + KeyManager API usages returned. + headers: + Content-Type: + description: | + The content type of the body. + explode: false + schema: + type: string + style: simple + "404": content: application/json: example: - code: 400 - message: Bad Request - description: Invalid request or validation error + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Bad Request. Invalid request or validation error. - "500": + description: Not Found. The specified resource does not exist. + "406": content: application/json: example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. + code: 406 + message: Not Acceptable + description: The requested media type is not supported moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Internal Server Error. + description: Not Acceptable. The requested media type is not supported. security: - OAuth2Security: - - apim:scope_manage - apim:admin - summary: Add a New Role Alias + - apim:admin_operations + summary: Retrieve Key Manager Usages (APIs) tags: - - System Scopes + - Key Manager (Individual) x-code-samples: - - lang: Shell - source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/system-scopes/role-aliases"' - x-contentType: application/json + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450/api-usages"' x-accepts: application/json - /tenant-theme: + /key-managers/{keyManagerId}/app-usages: get: description: | - This operation can be used to export a DevPortal tenant theme as a zip file. - operationId: exportTenantTheme + Retrieves a list of Applications that are specifically utilizing the Key Manager identified by the provided ID. + The Key Manager ID should be provided as a path parameter. + parameters: + - description: | + Starting point within the complete list of items qualified. + explode: true + in: query + name: offset + required: false + schema: + default: 0 + type: integer + style: form + - description: | + Maximum size of resource array to return. + explode: true + in: query + name: limit + required: false + schema: + default: 25 + type: integer + style: form + - description: | + Key Manager UUID + explode: false + in: path + name: keyManagerId + required: true + schema: + type: string + style: simple responses: "200": content: - application/zip: + application/json: schema: - format: binary - type: string + $ref: '#/components/schemas/KeyManagerAppUsages' description: | OK. - Tenant Theme Exported Successfully. + KeyManager application usages returned. headers: Content-Type: description: | @@ -7297,20 +6970,6 @@ paths: schema: type: string style: simple - "403": - content: - application/json: - example: - code: 403 - message: Forbidden - description: The request must be conditional but no condition has - been specified - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Forbidden. The request must be conditional but no condition - has been specified. "404": content: application/json: @@ -7323,121 +6982,158 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "500": + "406": content: application/json: example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. + code: 406 + message: Not Acceptable + description: The requested media type is not supported moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Internal Server Error. + description: Not Acceptable. The requested media type is not supported. security: - OAuth2Security: - apim:admin - - apim:tenant_theme_manage - summary: Export a DevPortal Tenant Theme + - apim:admin_operations + summary: Retrieve Key Manager Usages (Appilcations) tags: - - Tenant Theme + - Key Manager (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/tenant-theme" > theme.zip' + "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450/app-usages"' x-accepts: application/json - put: + /apis: + get: description: | - This operation can be used to import a DevPortal tenant theme. - operationId: importTenantTheme - requestBody: - content: - multipart/form-data: - schema: - properties: - file: - description: | - Zip archive consisting of tenant theme configuration - format: binary - type: string - required: - - file - required: true + This operation provides you a list of available APIs qualifying under a given search condition. + Each retrieved API is represented with a minimal amount of attributes. If you want to get complete details of an API, you need to use **Get details of an API** operation. + operationId: getAllAPIs + parameters: + - description: | + Maximum size of resource array to return. + explode: true + in: query + name: limit + required: false + schema: + default: 25 + type: integer + style: form + - description: | + Starting point within the complete list of items qualified. + explode: true + in: query + name: offset + required: false + schema: + default: 0 + type: integer + style: form + - description: | + **Search and get all apis in admin portal**. + + You can search by proving a keyword. + explode: true + in: query + name: query + required: false + schema: + type: string + style: form + - description: | + Validator for conditional requests; based on the ETag of the formerly retrieved + variant of the resource. + explode: false + in: header + name: If-None-Match + required: false + schema: + type: string + style: simple responses: "200": - content: {} - description: | - Ok. - Tenant Theme Imported Successfully. - "403": content: application/json: - example: - code: 403 - message: Forbidden - description: The request must be conditional but no condition has - been specified - moreInfo: "" - error: [] schema: - $ref: '#/components/schemas/Error' - description: Forbidden. The request must be conditional but no condition - has been specified. - "413": - content: - application/json: - example: - code: 413 - message: Payload Too Large - description: Request entity is larger than limits defined by server - moreInfo: "" - error: [] + $ref: '#/components/schemas/SearchResultList' + description: | + OK. + List of qualifying APIs is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + explode: false schema: - $ref: '#/components/schemas/Error' - description: Payload Too Large. Request entity is larger than limits defined - by server. - "500": + type: string + style: simple + Content-Type: + description: The content type of the body. + explode: false + schema: + type: string + style: simple + "304": + content: {} + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + "406": content: application/json: example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. + code: 406 + message: Not Acceptable + description: The requested media type is not supported moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Internal Server Error. + description: Not Acceptable. The requested media type is not supported. security: - OAuth2Security: - apim:admin - - apim:tenant_theme_manage - summary: Import a DevPortal Tenant Theme + - apim:api_provider_change + summary: | + Retrieve/Search APIs tags: - - Tenant Theme + - APIs x-code-samples: - - lang: Shell - source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -F file=@theme.zip "https://127.0.0.1:9443/api/am/admin/v4/tenant-theme"' - x-contentType: multipart/form-data + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v4/apis"' x-accepts: application/json - /tenant-config: - get: + /apis/{apiId}/change-provider: + post: description: | - This operation can be used to export a tenant-config.json used in deployment. - operationId: exportTenantConfig + Update the api provider + operationId: providerNamePost + parameters: + - explode: true + in: query + name: provider + required: true + schema: + type: string + style: form + - description: | + **API ID** consisting of the **UUID** of the API. + explode: false + in: path + name: apiId + required: true + schema: + type: string + style: simple responses: "200": - content: - application/json: - schema: - type: string description: | OK. - Tenant config Exported Successfully. + Api Provider updated. headers: Content-Type: description: | @@ -7446,20 +7142,18 @@ paths: schema: type: string style: simple - "403": + "400": content: application/json: example: - code: 403 - message: Forbidden - description: The request must be conditional but no condition has - been specified + code: 400 + message: Bad Request + description: Invalid request or validation error moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Forbidden. The request must be conditional but no condition - has been specified. + description: Bad Request. Invalid request or validation error. "404": content: application/json: @@ -7472,150 +7166,146 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. - "500": - content: - application/json: - example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Internal Server Error. security: - OAuth2Security: - apim:admin - summary: Export a tenant-Config. + - apim:api_provider_change + summary: Update the api provider tags: - - Tenant Config + - Api Provider Change x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/tenant-config" > tenant-config.json' + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" "https://127.0.0.1:9443/api/am/admin/v4/provider/admin/apis/33662a62-8db1-4d75-af08-afd63c6bd0b4/change-provider?provider=user1"' x-accepts: application/json - put: - description: | - This operation can be used to update tenant-config. - operationId: updateTenantConfig - requestBody: - content: - application/json: - schema: - type: object - description: tenant-config + /transaction-count: + get: + description: This endpoint retrieves the transaction count based on various + filter parameters. + parameters: + - description: Start time for the transaction count retrieval + explode: true + in: query + name: startTime + required: true + schema: + type: string + style: form + - description: End time for the transaction count retrieval + explode: true + in: query + name: endTime required: true + schema: + type: string + style: form responses: "200": content: application/json: schema: - type: object - description: | - OK. - Role mapping alias returned - "403": - content: - application/json: - example: - code: 403 - message: Forbidden - description: The request must be conditional but no condition has - been specified - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Forbidden. The request must be conditional but no condition - has been specified. - "413": - content: - application/json: - example: - code: 413 - message: Payload Too Large - description: Request entity is larger than limits defined by server - moreInfo: "" - error: [] - schema: - $ref: '#/components/schemas/Error' - description: Payload Too Large. Request entity is larger than limits defined - by server. - "500": + $ref: '#/components/schemas/TransactionCount' + description: Transaction count retrieved successfully + default: content: application/json: - example: - code: 500 - message: Internal Server Error - description: The server encountered an internal error. Please contact - administrator. - moreInfo: "" - error: [] schema: $ref: '#/components/schemas/Error' - description: Internal Server Error. + description: Unexpected error security: - OAuth2Security: - apim:admin - summary: Update a tenant-config. + summary: Get transaction count tags: - - Tenant Config - x-code-samples: - - lang: Shell - source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/tenant-config"' - x-contentType: application/json + - Transaction Records x-accepts: application/json - /tenant-config-schema: + /export-consumption: get: description: | - This operation can be used to export a tenant-config-schema.json used in deployment. - operationId: exportTenantConfigSchema + This operation provides a ZIP archive containing API consumption/usage data + for a given date range. + operationId: exportConsumptionData + parameters: + - description: | + Start date of the export range (inclusive). Format: YYYY-MM-DD. + explode: true + in: query + name: fromDate + required: true + schema: + type: string + style: form + - description: | + End date of the export range (inclusive). Format: YYYY-MM-DD. + explode: true + in: query + name: toDate + required: true + schema: + type: string + style: form responses: "200": content: - application/json: + application/zip: schema: - type: object + format: binary + type: string description: | OK. - Tenant config schema exported successfully. + Consumption data exported successfully as a ZIP file. headers: - Content-Type: + Content-Disposition: description: | - The content type of the body. + Indicates the filename for the download (e.g., consumption-report.zip). explode: false schema: type: string style: simple - "403": + Content-Type: + description: The content type of the body. + explode: false + schema: + type: string + style: simple + "400": content: application/json: example: - code: 403 - message: Forbidden - description: The request must be conditional but no condition has - been specified + code: 400 + message: Bad Request + description: Invalid request or validation error moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Forbidden. The request must be conditional but no condition - has been specified. - "404": + description: Bad Request. Invalid request or validation error. + "401": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 401 + message: Unauthorized + description: The user is not authorized moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. + description: Unauthorized. The user is not authorized. + "403": + content: + application/json: + example: + code: 403 + message: Forbidden + description: The request must be conditional but no condition has + been specified + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Forbidden. The request must be conditional but no condition + has been specified. "500": content: application/json: @@ -7632,56 +7322,60 @@ paths: security: - OAuth2Security: - apim:admin - summary: Export a tenant-Config-Schema. + summary: | + Export API Consumption Data tags: - - Tenant Config Schema + - Consumption x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/tenant-config-schema" > tenant-config-schema.json' + - lang: Curl + source: | + curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" \ + "https://127.0.0.1:9443/api/am/admin/v4/export-consumption?fromDate=2026-01-01&toDate=2026-03-31" \ + > consumption-report.zip x-accepts: application/json - /key-managers: + /labels: get: description: | - Get all Key managers + Get all Labels + operationId: getAllLabels responses: "200": content: application/json: schema: - $ref: '#/components/schemas/KeyManagerList' + $ref: '#/components/schemas/LabelList' description: | OK. - KeyManagers returned + Labels returned security: - OAuth2Security: - apim:admin - - apim:admin_operations - summary: Get all Key managers + summary: Get all Labels tags: - - Key Manager (Collection) + - Labels (Collection) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/key-managers"' + "https://127.0.0.1:9443/api/am/admin/v4/labels"' x-accepts: application/json post: description: | - Add a new API Key Manager + Add a new Label + operationId: createLabel requestBody: content: application/json: schema: - $ref: '#/components/schemas/KeyManager' + $ref: '#/components/schemas/Label' description: | - Key Manager object that should to be added + Label object that should to be added required: true responses: "201": content: application/json: schema: - $ref: '#/components/schemas/KeyManager' + $ref: '#/components/schemas/Label' description: | Created. Successful response with the newly created object as entity in the body. @@ -7697,138 +7391,96 @@ paths: schema: $ref: '#/components/schemas/Error' description: Bad Request. Invalid request or validation error. - security: - - OAuth2Security: - - apim:admin - - apim:admin_operations - summary: Add a new API Key Manager - tags: - - Key Manager (Collection) - x-code-samples: - - lang: Shell - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/key-managers"' - x-contentType: application/json - x-accepts: application/json - /key-managers/{keyManagerId}: - delete: - description: | - Delete a Key Manager by keyManager id - parameters: - - description: | - Key Manager UUID - explode: false - in: path - name: keyManagerId - required: true - schema: - type: string - style: simple - responses: - "200": - content: {} - description: | - OK. - Key Manager successfully deleted. - "404": + "409": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 409 + message: Conflict + description: Specified resource already exists moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. + description: Conflict. Specified resource already exists. security: - OAuth2Security: - apim:admin - - apim:admin_operations - summary: Delete a Key Manager + summary: Add a new Label tags: - - Key Manager (Individual) + - Label (Individual) x-code-samples: - - lang: Shell - source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/labels"' + x-contentType: application/json x-accepts: application/json - get: + /labels/{labelId}: + delete: description: | - Retrieve a single Key Manager Configuration. We should provide the Id of the KeyManager as a path parameter. + Delete a Label by label id + operationId: deleteLabel parameters: - description: | - Key Manager UUID + Label UUID explode: false in: path - name: keyManagerId + name: labelId required: true schema: type: string style: simple responses: "200": - content: - application/json: - schema: - $ref: '#/components/schemas/KeyManager' + content: {} description: | OK. - KeyManager Configuration returned - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple - "404": + Label successfully deleted. + "409": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 409 + message: Conflict + description: Specified resource already exists moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. - "406": + description: Conflict. Specified resource already exists. + "404": content: application/json: example: - code: 406 - message: Not Acceptable - description: The requested media type is not supported + code: 404 + message: Not Found + description: The specified resource does not exist moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Acceptable. The requested media type is not supported. + description: Not Found. The specified resource does not exist. security: - OAuth2Security: - apim:admin - - apim:admin_operations - summary: Get a Key Manager Configuration + summary: Delete a Label tags: - - Key Manager (Individual) + - Label (Individual) x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/labels/d7cf8523-9180-4255-84fa-6cb171c1f779"' x-accepts: application/json put: description: | - Update a Key Manager by keyManager id + Update a Label by label id + operationId: updateLabel parameters: - description: | - Key Manager UUID + Label UUID explode: false in: path - name: keyManagerId + name: labelId required: true schema: type: string @@ -7837,16 +7489,16 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/KeyManager' + $ref: '#/components/schemas/Label' description: | - Key Manager object with updated information + Label object with updated information required: true responses: "200": content: application/json: schema: - $ref: '#/components/schemas/KeyManager' + $ref: '#/components/schemas/Label' description: | OK. Label updated. @@ -7874,194 +7526,159 @@ paths: schema: $ref: '#/components/schemas/Error' description: Not Found. The specified resource does not exist. + "409": + content: + application/json: + example: + code: 409 + message: Conflict + description: Specified resource already exists + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Conflict. Specified resource already exists. security: - OAuth2Security: - apim:admin - - apim:admin_operations - summary: Update a Key Manager + summary: Update a Label tags: - - Key Manager (Individual) + - Label (Individual) x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/labels/d7cf8523-9180-4255-84fa-6cb171c1f779"' x-contentType: application/json x-accepts: application/json - /key-managers/discover: - post: + /labels/{labelId}/usage: + get: description: | - Retrieve well-known information from key manager's well-known endpoint - requestBody: - content: - multipart/form-data: - schema: - properties: - url: - description: Well-Known Endpoint - type: string - type: - default: "false" - description: | - Key Manager Type - type: string + Retrieve a single Label Usage. We should provide the Id of the Label as a path parameter. + operationId: getLabelUsage + parameters: + - description: | + Label UUID + explode: false + in: path + name: labelId + required: true + schema: + type: string + style: simple responses: "200": content: application/json: schema: - $ref: '#/components/schemas/KeyManagerWellKnownResponse' + $ref: '#/components/schemas/LabelUsage' description: | OK. - KeyManagers returned + Label Usage returned + "404": + content: + application/json: + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] + schema: + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. security: - OAuth2Security: - apim:admin - - apim:admin_operations - summary: Retrieve Well-known information from Key Manager Well-known Endpoint + summary: Get a Label Usage tags: - - Key Manager (Collection) + - Label (Individual) x-code-samples: - - lang: Shell - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -F "type=WSO2-IS" "https://127.0.0.1:9443/api/am/admin/v4/key-managers/discover"' - x-contentType: multipart/form-data + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/labels/d7cf8523-9180-4255-84fa-6cb171c1f779/usage"' x-accepts: application/json - /apis: + /api-keys: get: description: | - This operation provides you a list of available APIs qualifying under a given search condition. - Each retrieved API is represented with a minimal amount of attributes. If you want to get complete details of an API, you need to use **Get details of an API** operation. - operationId: getAllAPIs - parameters: - - description: | - Maximum size of resource array to return. - explode: true - in: query - name: limit - required: false - schema: - default: 25 - type: integer - style: form - - description: | - Starting point within the complete list of items qualified. - explode: true - in: query - name: offset - required: false - schema: - default: 0 - type: integer - style: form - - description: | - **Search and get all apis in admin portal**. - - You can search by proving a keyword. - explode: true - in: query - name: query - required: false - schema: - type: string - style: form - - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - explode: false - in: header - name: If-None-Match - required: false - schema: - type: string - style: simple + Retrieve all API Keys. + operationId: getAllAPIKeys responses: "200": content: application/json: schema: - $ref: '#/components/schemas/SearchResultList' + $ref: '#/components/schemas/APIKeyList' description: | OK. - List of qualifying APIs is returned. - headers: - ETag: - description: | - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). - explode: false + API keys returned. + "400": + content: + application/json: + example: + code: 400 + message: Bad Request + description: Invalid request or validation error + moreInfo: "" + error: [] schema: - type: string - style: simple - Content-Type: - description: The content type of the body. - explode: false + $ref: '#/components/schemas/Error' + description: Bad Request. Invalid request or validation error. + "404": + content: + application/json: + example: + code: 404 + message: Not Found + description: The specified resource does not exist + moreInfo: "" + error: [] schema: - type: string - style: simple - "304": - content: {} - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - "406": + $ref: '#/components/schemas/Error' + description: Not Found. The specified resource does not exist. + "412": content: application/json: example: - code: 406 - message: Not Acceptable - description: The requested media type is not supported + code: 412 + message: Precondition Failed + description: The request has not been performed because one of the + preconditions is not met moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Acceptable. The requested media type is not supported. + description: Precondition Failed. The request has not been performed because + one of the preconditions is not met. security: - OAuth2Security: - apim:admin - - apim:api_provider_change - summary: | - Retrieve/Search APIs + summary: Get all API Keys tags: - - APIs + - APIKeys x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/publisher/v4/apis"' + -H "Content-Type: application/json" -X GET "https://127.0.0.1:9443/api/am/admin/v4/api-keys"' x-accepts: application/json - /apis/{apiId}/change-provider: + /api-keys/revoke: post: - description: | - Update the api provider - operationId: providerNamePost - parameters: - - explode: true - in: query - name: provider - required: true - schema: - type: string - style: form - - description: | - **API ID** consisting of the **UUID** of the API. - explode: false - in: path - name: apiId + description: | + Revoke an API Key for the API + operationId: revokeAPIKeyFromAdmin + requestBody: + content: + application/json: + schema: + $ref: '#/components/schemas/APIKeyRevokeRequest' + description: | + API key revoke object required: true - schema: - type: string - style: simple responses: "200": + content: {} description: | OK. - Api Provider updated. - headers: - Content-Type: - description: | - The content type of the body. - explode: false - schema: - type: string - style: simple + Api key revoked successfully. "400": content: application/json: @@ -8074,32 +7691,86 @@ paths: schema: $ref: '#/components/schemas/Error' description: Bad Request. Invalid request or validation error. - "404": + "412": content: application/json: example: - code: 404 - message: Not Found - description: The specified resource does not exist + code: 412 + message: Precondition Failed + description: The request has not been performed because one of the + preconditions is not met moreInfo: "" error: [] schema: $ref: '#/components/schemas/Error' - description: Not Found. The specified resource does not exist. + description: Precondition Failed. The request has not been performed because + one of the preconditions is not met. security: - OAuth2Security: - apim:admin - - apim:api_provider_change - summary: Update the api provider + summary: Revoke an API Key tags: - - Api Provider Change + - APIKeys x-code-samples: - lang: Curl - source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" "https://127.0.0.1:9443/api/am/admin/v4/provider/admin/apis/33662a62-8db1-4d75-af08-afd63c6bd0b4"' + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/api-keys/ght65523-7650-4255-84fa-6cb171c1f779/d7cf8523-9180-4255-84fa-6cb171c1f779/PRODUCTION/revoke"' + x-contentType: application/json x-accepts: application/json components: parameters: + If-None-Match: + description: | + Validator for conditional requests; based on the ETag of the formerly retrieved + variant of the resource. + explode: false + in: header + name: If-None-Match + required: false + schema: + type: string + style: simple + requestedTenant: + description: | + For cross-tenant invocations, this is used to specify the tenant domain, where the resource need to be + retirieved from. + explode: false + in: header + name: X-WSO2-Tenant + required: false + schema: + type: string + style: simple + sortBy: + description: | + Criteria for sorting. + explode: true + in: query + name: sortBy + required: false + schema: + default: createdTime + enum: + - apiName + - version + - createdTime + - status + type: string + style: form + sortOrder: + description: | + Order of sorting(ascending/descending). + explode: true + in: query + name: sortOrder + required: false + schema: + default: desc + enum: + - asc + - desc + type: string + style: form username: description: | username of the new application owner @@ -8112,7 +7783,7 @@ components: style: form scopeName: description: | - scope name to be validated + Base64 URL encoded value of the scope name to be validated explode: false in: path name: scopeName @@ -8120,19 +7791,10 @@ components: schema: type: string style: simple - labelId: - description: | - Label UUID - explode: false - in: path - name: labelId - required: true - schema: - type: string - style: simple environmentId: description: | - Environment UUID (or Environment name defined in config) + Environment UUID (or Environment name defined in config), in case the ID contains special characters it should + be base64 encoded explode: false in: path name: environmentId @@ -8232,48 +7894,6 @@ components: default: application/json type: string style: simple - If-None-Match: - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - explode: false - in: header - name: If-None-Match - required: false - schema: - type: string - style: simple - If-Modified-Since: - description: | - Validator for conditional requests; based on Last Modified header of the - formerly retrieved variant of the resource (Will be supported in future). - explode: false - in: header - name: If-Modified-Since - required: false - schema: - type: string - style: simple - If-Match: - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - explode: false - in: header - name: If-Match - required: false - schema: - type: string - style: simple - If-Unmodified-Since: - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). - explode: false - in: header - name: If-Unmodified-Since - required: false - schema: - type: string - style: simple limit: description: | Maximum size of resource array to return. @@ -8296,16 +7916,6 @@ components: default: 0 type: integer style: form - mediationPolicyId: - description: | - Mediation policy Id - explode: false - in: path - name: mediationPolicyId - required: true - schema: - type: string - style: simple user: description: | username of the application creator @@ -8346,6 +7956,18 @@ components: schema: type: string style: simple + roleId: + description: | + The Base 64 URL encoded role name with domain. If the given role is in PRIMARY user-store, role ID should be + derived as Base64URLEncode(role-name). If the given role is in secondary user-store, role ID should be + derived as Base64URLEncode({user-store-name}/{role-name}). + explode: false + in: path + name: roleId + required: true + schema: + type: string + style: simple apiId: description: | **API ID** consisting of the **UUID** of the API. @@ -8356,6 +7978,29 @@ components: schema: type: string style: simple + labelId: + description: | + Label UUID + explode: false + in: path + name: labelId + required: true + schema: + type: string + style: simple + keyType: + description: | + **Application Key Type** standing for the type of the keys (i.e. Production or Sandbox). + explode: false + in: path + name: keyType + required: true + schema: + enum: + - PRODUCTION + - SANDBOX + type: string + style: simple responses: BadRequest: content: @@ -8528,6 +8173,43 @@ components: - message title: Description of individual errors that may have occurred during a request. type: object + ContentPublishStatus: + example: + action: PUBLISH + properties: + action: + enum: + - PUBLISH + - UNPUBLISH + type: string + type: object + ContentPublishStatusResponse: + example: + id: id + published: true + properties: + id: + description: UUID of the org-theme + type: string + published: + description: Publish status of the org-theme + type: boolean + type: object + ThrottlePolicyList: + properties: + count: + description: | + Number of Throttling Policies returned. + example: 1 + type: integer + list: + items: + $ref: '#/components/schemas/ThrottlePolicy' + type: array + pagination: + $ref: '#/components/schemas/Pagination' + title: Throttle Policy List + type: object ThrottlePolicyDetailsList: example: count: 1 @@ -8911,8 +8593,6 @@ components: endingIP: description: Ending IP when "IPRANGE" is used as the ipConditionType type: string - required: - - specificIP title: IP based throttling condition type: object JWTClaimsCondition: @@ -9010,7 +8690,6 @@ components: description: Map of custom properties related to each monetization plan type: object required: - - monetizationPlan - properties title: API monetization details object type: object @@ -9132,114 +8811,63 @@ components: - value title: Name-Value pair type: object - mediationList: - example: - next: next - previous: previous - count: 1 - list: - - name: json_fault.xml - id: 01234567-0123-0123-0123-012345678901 - type: in - - name: json_fault.xml - id: 01234567-0123-0123-0123-012345678901 - type: in - properties: - count: - description: | - Number of mediation sequences returned. - example: 1 - type: integer - next: - description: | - Link to the next subset of sequences qualified. - Empty if no more sequences are to be returned. - type: string - previous: - description: | - Link to the previous subset of sequences qualified. - Empty if current subset is the first subset returned. - type: string - list: - items: - $ref: '#/components/schemas/MediationInfo' - type: array - title: Mediation List - type: object - MediationInfo: - example: - name: json_fault.xml - id: 01234567-0123-0123-0123-012345678901 - type: in - properties: - name: - example: json_fault.xml - type: string - id: - example: 01234567-0123-0123-0123-012345678901 - type: string - type: - enum: - - in - - out - - fault - example: in - type: string - required: - - id - - name - - type - title: MediationInfo - type: object - Mediation: - example: - name: custom_log_in_message.xml - id: 01234567-0123-0123-0123-012345678901 - type: IN - config: - - - properties: - id: - example: 01234567-0123-0123-0123-012345678901 - readOnly: true - type: string - name: - example: custom_log_in_message.xml - type: string - type: - enum: - - IN - - OUT - - FAULT - example: IN - type: string - config: - example: - - - type: string - required: - - config - - name - - type - title: Mediation - type: object ApplicationList: example: - next: /applications?limit=1&offset=2&user= - previous: /applications?limit=1&offset=0&user= + pagination: + next: next + total: 10 + offset: 0 + previous: previous + limit: 1 count: 1 list: - owner: admin groupId: groupId name: CalculatorApp + createdTime: "1651555310208" + keyManagers: + - name: WSO2 IS + isGlobal: true + description: This is a key manager for Developers + id: 01234567-0123-0123-0123-012345678901 + type: IS + tokenType: EXCHANGED + enabled: true + isUsed: true + - name: WSO2 IS + isGlobal: true + description: This is a key manager for Developers + id: 01234567-0123-0123-0123-012345678901 + type: IS + tokenType: EXCHANGED + enabled: true + isUsed: true applicationId: 01234567-0123-0123-0123-012345678901 + tokenType: OAUTH status: APPROVED - owner: admin groupId: groupId name: CalculatorApp + createdTime: "1651555310208" + keyManagers: + - name: WSO2 IS + isGlobal: true + description: This is a key manager for Developers + id: 01234567-0123-0123-0123-012345678901 + type: IS + tokenType: EXCHANGED + enabled: true + isUsed: true + - name: WSO2 IS + isGlobal: true + description: This is a key manager for Developers + id: 01234567-0123-0123-0123-012345678901 + type: IS + tokenType: EXCHANGED + enabled: true + isUsed: true applicationId: 01234567-0123-0123-0123-012345678901 + tokenType: OAUTH status: APPROVED properties: count: @@ -9247,30 +8875,96 @@ components: Number of applications returned. example: 1 type: integer - next: - description: | - Link to the next subset of resources qualified. - Empty if no more resources are to be returned. - example: /applications?limit=1&offset=2&user= + list: + items: + $ref: '#/components/schemas/ApplicationInfo' + type: array + pagination: + $ref: '#/components/schemas/Pagination' + title: Application List + type: object + ApplicationInfo: + example: + owner: admin + groupId: groupId + name: CalculatorApp + createdTime: "1651555310208" + keyManagers: + - name: WSO2 IS + isGlobal: true + description: This is a key manager for Developers + id: 01234567-0123-0123-0123-012345678901 + type: IS + tokenType: EXCHANGED + enabled: true + isUsed: true + - name: WSO2 IS + isGlobal: true + description: This is a key manager for Developers + id: 01234567-0123-0123-0123-012345678901 + type: IS + tokenType: EXCHANGED + enabled: true + isUsed: true + applicationId: 01234567-0123-0123-0123-012345678901 + tokenType: OAUTH + status: APPROVED + properties: + applicationId: + example: 01234567-0123-0123-0123-012345678901 type: string - previous: - description: | - Link to the previous subset of resources qualified. - Empty if current subset is the first subset returned. - example: /applications?limit=1&offset=0&user= + name: + example: CalculatorApp type: string - list: + owner: + example: admin + type: string + tokenType: + enum: + - OAUTH + - JWT + type: string + createdTime: + example: "1651555310208" + readOnly: true + type: string + keyManagers: items: - $ref: '#/components/schemas/ApplicationInfo' + $ref: '#/components/schemas/KeyManagerInfo' type: array - title: Application List + status: + example: APPROVED + type: string + groupId: + type: string + title: Application info object with basic application details type: object - ApplicationInfo: + Application: example: owner: admin - groupId: groupId + subscriptionScopes: + - roles: + - manager + - developer + name: admin scope + description: description + key: admin_scope + - roles: + - manager + - developer + name: admin scope + description: description + key: admin_scope name: CalculatorApp + subscriptionCount: 0 + description: Sample calculator application + groups: + - groups + - groups + attributes: External Reference ID, Billing Tier + throttlingPolicy: Unlimited applicationId: 01234567-0123-0123-0123-012345678901 + tokenType: JWT status: APPROVED properties: applicationId: @@ -9279,15 +8973,76 @@ components: name: example: CalculatorApp type: string - owner: - example: admin + throttlingPolicy: + example: Unlimited + type: string + description: + example: Sample calculator application + type: string + tokenType: + default: JWT + description: | + Type of the access token generated for this application. + **OAUTH:** A UUID based access token which is issued by default. + **JWT:** A self-contained, signed JWT based access token. **Note:** This can be only used in Microgateway environments. + enum: + - OAUTH + - JWT + example: JWT type: string status: + default: "" example: APPROVED type: string - groupId: + groups: + items: + type: string + type: array + subscriptionCount: + type: integer + attributes: + additionalProperties: + type: string + example: External Reference ID, Billing Tier + type: object + subscriptionScopes: + items: + $ref: '#/components/schemas/ScopeInfo' + type: array + owner: + description: | + Application created user + example: admin type: string - title: Application info object with basic application details + title: Application object with all the application details + type: object + ScopeInfo: + example: + roles: + - manager + - developer + name: admin scope + description: description + key: admin_scope + properties: + key: + example: admin_scope + type: string + name: + example: admin scope + type: string + roles: + description: Allowed roles for the scope + example: + - manager + - developer + items: + type: string + type: array + description: + description: Description of the scope + type: string + title: API Scope info object with scope details type: object APIInfoList: properties: @@ -9308,6 +9063,13 @@ components: description: The name of the API. example: PizzaShackAPI type: string + displayName: + description: | + Display name of the API. + This is the name that will be displayed in the Publisher and DevPortal. + If not provided, the name will be used as the display name. + example: PizzaShack API + type: string version: description: The version of the API example: 1.0.0 @@ -9318,84 +9080,29 @@ components: type: string title: API info object with basic API details type: object - Label: - example: - accessUrls: - - http://localhost:9443/ - - http://localhost:9443/ - name: Public - description: Label to use for public Gateway - id: ece92bdc-e1e6-325c-b6f4-656208a041e9 - properties: - id: - example: ece92bdc-e1e6-325c-b6f4-656208a041e9 - readOnly: true - type: string - name: - example: Public - maxLength: 255 - minLength: 1 - type: string - description: - example: Label to use for public Gateway - maxLength: 1024 - type: string - accessUrls: - items: - example: http://localhost:9443/ - type: string - type: array - required: - - name - title: Label - type: object - LabelList: - example: - count: 1 - list: - - accessUrls: - - http://localhost:9443/ - - http://localhost:9443/ - name: Public - description: Label to use for public Gateway - id: ece92bdc-e1e6-325c-b6f4-656208a041e9 - - accessUrls: - - http://localhost:9443/ - - http://localhost:9443/ - name: Public - description: Label to use for public Gateway - id: ece92bdc-e1e6-325c-b6f4-656208a041e9 - properties: - count: - description: | - Number of Labels returned. - example: 1 - type: integer - list: - items: - $ref: '#/components/schemas/Label' - type: array - title: Label List - type: object Environment: example: + apiDiscoveryScheduledWindow: 0 + universalGatewayVersion: 1.0.0 + displayName: US Region + description: Gateway environment in US Region + type: hybrid + mode: READ_WRITE endpointURIs: - protocol: default endpointURI: default - protocol: default endpointURI: default - apiDiscoveryScheduledWindow: 0 + vhost: https://mg.wso2.com gatewayType: Regular isReadOnly: false provider: wso2 - displayName: US Region permissions: permissionType: ALLOW roles: - - Subscriber - - Internal/subscriber + - Internal/everyone + - Internal/everyone name: us-region - description: Gateway environment in US Region id: ece92bdc-e1e6-325c-b6f4-656208a041e9 additionalProperties: - value: wso2 @@ -9404,17 +9111,22 @@ components: key: Organization vhosts: - httpContext: pets + wsHost: mg.wso2.com wssPort: 8099 httpPort: 80 wsPort: 9099 + wssHost: mg.wso2.com host: mg.wso2.com httpsPort: 443 - httpContext: pets + wsHost: mg.wso2.com wssPort: 8099 httpPort: 80 wsPort: 9099 + wssHost: mg.wso2.com host: mg.wso2.com httpsPort: 443 + status: Active properties: id: example: ece92bdc-e1e6-325c-b6f4-656208a041e9 @@ -9424,28 +9136,46 @@ components: example: us-region maxLength: 255 minLength: 1 - pattern: (^[^~!@#;:%^*()+={}|\\<>"',&$\s+]*$) + pattern: ^[a-zA-Z0-9_-]+$ type: string displayName: example: US Region maxLength: 255 minLength: 1 type: string - description: - example: Gateway environment in US Region - maxLength: 1023 - type: string provider: example: wso2 type: string + type: + default: hybrid + example: hybrid + type: string gatewayType: default: Regular example: Regular type: string + description: + example: Gateway environment in US Region + maxLength: 1023 + type: string isReadOnly: + default: false + deprecated: true example: false - readOnly: true type: boolean + mode: + default: WRITE_ONLY + description: | + The mode of the environment. This indicates whether the environment is in read-only or read-write mode. + **READ_ONLY:** The environment is in read-only mode. API cannot be deployed, only discovery is possible. + **READ_WRITE:** The environment is in read-write mode. APIs can be deployed and discovered. + **WRITE_ONLY:** The environment is in write-only mode/ APIs only can be deployed. + enum: + - READ_ONLY + - READ_WRITE + - WRITE_ONLY + example: READ_WRITE + type: string apiDiscoveryScheduledWindow: default: 60 description: | @@ -9467,6 +9197,30 @@ components: type: array permissions: $ref: '#/components/schemas/Environment_permissions' + status: + default: Active + description: For platform gateway environments (gatewayType Universal), + connection status to the control plane (Active or Inactive). + enum: + - Active + - Inactive + example: Active + readOnly: true + type: string + vhost: + description: For platform gateway environments, the gateway URL (e.g. https://host:9443). + Same as Platform Gateways API; only set when this environment represents + a platform gateway. + example: https://mg.wso2.com + format: uri + readOnly: true + type: string + universalGatewayVersion: + description: Universal Gateway version from config (e.g. "1.0.0"). Set for + deploy targets so UI can show quick-start version; from apim.universal_gateway.version. + example: 1.0.0 + readOnly: true + type: string required: - name - vhosts @@ -9476,23 +9230,27 @@ components: example: count: 1 list: - - endpointURIs: + - apiDiscoveryScheduledWindow: 0 + universalGatewayVersion: 1.0.0 + displayName: US Region + description: Gateway environment in US Region + type: hybrid + mode: READ_WRITE + endpointURIs: - protocol: default endpointURI: default - protocol: default endpointURI: default - apiDiscoveryScheduledWindow: 0 + vhost: https://mg.wso2.com gatewayType: Regular isReadOnly: false provider: wso2 - displayName: US Region permissions: permissionType: ALLOW roles: - - Subscriber - - Internal/subscriber + - Internal/everyone + - Internal/everyone name: us-region - description: Gateway environment in US Region id: ece92bdc-e1e6-325c-b6f4-656208a041e9 additionalProperties: - value: wso2 @@ -9501,34 +9259,43 @@ components: key: Organization vhosts: - httpContext: pets + wsHost: mg.wso2.com wssPort: 8099 httpPort: 80 wsPort: 9099 + wssHost: mg.wso2.com host: mg.wso2.com httpsPort: 443 - httpContext: pets + wsHost: mg.wso2.com wssPort: 8099 httpPort: 80 wsPort: 9099 + wssHost: mg.wso2.com host: mg.wso2.com httpsPort: 443 - - endpointURIs: + status: Active + - apiDiscoveryScheduledWindow: 0 + universalGatewayVersion: 1.0.0 + displayName: US Region + description: Gateway environment in US Region + type: hybrid + mode: READ_WRITE + endpointURIs: - protocol: default endpointURI: default - protocol: default endpointURI: default - apiDiscoveryScheduledWindow: 0 + vhost: https://mg.wso2.com gatewayType: Regular isReadOnly: false provider: wso2 - displayName: US Region permissions: permissionType: ALLOW roles: - - Subscriber - - Internal/subscriber + - Internal/everyone + - Internal/everyone name: us-region - description: Gateway environment in US Region id: ece92bdc-e1e6-325c-b6f4-656208a041e9 additionalProperties: - value: wso2 @@ -9537,17 +9304,22 @@ components: key: Organization vhosts: - httpContext: pets + wsHost: mg.wso2.com wssPort: 8099 httpPort: 80 wsPort: 9099 + wssHost: mg.wso2.com host: mg.wso2.com httpsPort: 443 - httpContext: pets + wsHost: mg.wso2.com wssPort: 8099 httpPort: 80 wsPort: 9099 + wssHost: mg.wso2.com host: mg.wso2.com httpsPort: 443 + status: Active properties: count: description: | @@ -9605,6 +9377,213 @@ components: - gatewayId title: Gateway instance in the gateway environment type: object + ApplicationUpdateRequest: + description: Request body to update application attributes + properties: + owner: + description: The new owner of the application + type: string + tokenType: + description: The type of token for the application (e.g., JWT) + enum: + - JWT + type: string + type: object + CreatePlatformGatewayRequest: + description: Request body for creating a platform gateway (name, displayName, + vhost as URL, optional properties). Same property name as platform API; type + is URL. + properties: + name: + description: URL-friendly gateway identifier (lowercase alphanumeric with + hyphens, unique per organization) + example: prod-gateway-01 + maxLength: 64 + minLength: 3 + pattern: ^[a-z0-9-]+$ + type: string + displayName: + description: Human-readable gateway name + example: Production Gateway 01 + maxLength: 128 + minLength: 1 + type: string + description: + description: Optional description + maxLength: 1023 + type: string + vhost: + description: Gateway URL (e.g. https://mg.example.com:9443). Same name as + platform API; type is URL. Server persists host internally. + example: https://mg.wso2.com + format: uri + type: string + properties: + additionalProperties: true + description: Custom key-value properties for the gateway + example: + region: us-west + tier: premium + type: object + permissions: + $ref: '#/components/schemas/CreatePlatformGatewayRequest_permissions' + required: + - displayName + - name + - vhost + title: Create Platform Gateway Request + type: object + UpdatePlatformGatewayRequest: + description: | + Request body for PUT /gateways/{gatewayId}. Per PUT semantics, send the full resource + representation. Name and vhost are immutable (server validates they match the existing gateway). + properties: + name: + description: Gateway identifier (immutable; must match existing). Required + for PUT full representation. + maxLength: 64 + minLength: 3 + pattern: ^[a-z0-9-]+$ + type: string + vhost: + description: Gateway URL (immutable; must match existing). Same name as + platform API; type is URL. Example https://mg.wso2.com + example: https://mg.wso2.com + format: uri + type: string + displayName: + description: Human-readable gateway name + example: Production Gateway 01 + maxLength: 128 + minLength: 1 + type: string + description: + description: Optional description + maxLength: 1023 + type: string + properties: + additionalProperties: true + description: Custom key-value properties for the gateway + example: + region: us-west + tier: premium + type: object + permissions: + $ref: '#/components/schemas/UpdatePlatformGatewayRequest_permissions' + required: + - displayName + - name + - vhost + title: Update Platform Gateway Request + type: object + PlatformGatewayResponse: + description: Platform gateway response (without registration token). Used for + list and get. + example: + vhost: https://openapi-generator.tech + createdAt: 2000-01-23T04:56:07.000+00:00 + displayName: displayName + permissions: + permissionType: PUBLIC + roles: + - roles + - roles + name: name + description: description + id: id + isActive: true + properties: + key: '{}' + updatedAt: 2000-01-23T04:56:07.000+00:00 + properties: + id: + description: Gateway UUID + readOnly: true + type: string + name: + type: string + displayName: + type: string + description: + type: string + properties: + additionalProperties: true + description: Custom key-value properties + type: object + vhost: + description: Gateway URL (e.g. https://host or https://host:9443). Same + name as platform API; type is URL. + format: uri + readOnly: true + type: string + isActive: + description: Indicates if the gateway is currently connected to the control + plane via WebSocket + readOnly: true + type: boolean + permissions: + $ref: '#/components/schemas/PlatformGatewayResponse_permissions' + createdAt: + format: date-time + readOnly: true + type: string + updatedAt: + format: date-time + readOnly: true + type: string + title: Platform Gateway Response + type: object + GatewayResponseWithToken: + allOf: + - $ref: '#/components/schemas/PlatformGatewayResponse' + - $ref: '#/components/schemas/GatewayResponseWithToken_allOf' + description: Platform gateway response including the one-time registration token + (POST create or regenerate-token). + title: Gateway Response With Token + GatewayList: + example: + count: 0 + list: + - vhost: https://openapi-generator.tech + createdAt: 2000-01-23T04:56:07.000+00:00 + displayName: displayName + permissions: + permissionType: PUBLIC + roles: + - roles + - roles + name: name + description: description + id: id + isActive: true + properties: + key: '{}' + updatedAt: 2000-01-23T04:56:07.000+00:00 + - vhost: https://openapi-generator.tech + createdAt: 2000-01-23T04:56:07.000+00:00 + displayName: displayName + permissions: + permissionType: PUBLIC + roles: + - roles + - roles + name: name + description: description + id: id + isActive: true + properties: + key: '{}' + updatedAt: 2000-01-23T04:56:07.000+00:00 + properties: + count: + description: Number of platform gateways returned + type: integer + list: + items: + $ref: '#/components/schemas/PlatformGatewayResponse' + type: array + title: Gateway List + type: object Organization: example: organizationId: ece92bdc-e1e6-325c-b6f4-656208a041e9 @@ -9743,6 +9722,7 @@ components: multipleModelProviderSupport: true builtInSupport: true configurations: configurations + deprecated: false name: OpenAI description: OpenAI LLM id: ece92bdc-e1e6-325c-b6f4-656208a041e9 @@ -9786,12 +9766,17 @@ components: items: $ref: '#/components/schemas/ModelProvider' type: array + deprecated: + description: Indicates if the LLM provider is deprecated + example: false + type: boolean title: AIServiceProviderResponse type: object AIServiceProviderSummaryResponse: example: apiVersion: 1.0.0 builtInSupport: true + deprecated: false name: open-ai description: OpenAI LLM Provider id: ece92bdc-e1e6-325c-b6f4-656208a041e9 @@ -9817,6 +9802,10 @@ components: example: OpenAI LLM Provider maxLength: 1023 type: string + deprecated: + description: Indicates if the LLM provider is deprecated + example: false + type: boolean required: - apiVersion - name @@ -9828,11 +9817,13 @@ components: list: - apiVersion: 1.0.0 builtInSupport: true + deprecated: false name: open-ai description: OpenAI LLM Provider id: ece92bdc-e1e6-325c-b6f4-656208a041e9 - apiVersion: 1.0.0 builtInSupport: true + deprecated: false name: open-ai description: OpenAI LLM Provider id: ece92bdc-e1e6-325c-b6f4-656208a041e9 @@ -9984,9 +9975,11 @@ components: VHost: example: httpContext: pets + wsHost: mg.wso2.com wssPort: 8099 httpPort: 80 wsPort: 9099 + wssHost: mg.wso2.com host: mg.wso2.com httpsPort: 443 properties: @@ -9994,7 +9987,6 @@ components: example: mg.wso2.com maxLength: 255 minLength: 1 - pattern: ^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$ type: string httpContext: example: pets @@ -10011,9 +10003,15 @@ components: wsPort: example: 9099 type: integer + wsHost: + example: mg.wso2.com + type: string wssPort: example: 8099 type: integer + wssHost: + example: mg.wso2.com + type: string required: - host title: Virtual Host @@ -10222,65 +10220,276 @@ components: type: object Settings: example: + gatewayConfiguration: + - defaultHostnameTemplate: '{apiId}.execute-api.{region}.amazonaws.com' + displayName: default + configurations: + - default: admin + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username + label: Consumer Key + type: select + required: true + mask: true + - default: admin + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username + label: Consumer Key + type: select + required: true + mask: true + type: default + supportedModes: + - READ_WRITE + - READ_WRITE + - defaultHostnameTemplate: '{apiId}.execute-api.{region}.amazonaws.com' + displayName: default + configurations: + - default: admin + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username + label: Consumer Key + type: select + required: true + mask: true + - default: admin + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username + label: Consumer Key + type: select + required: true + mask: true + type: default + supportedModes: + - READ_WRITE + - READ_WRITE analyticsEnabled: false keyManagerConfiguration: - - defaultConsumerKeyClaim: azp + - authConfigurations: + - default: admin + updateDisabled: true + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username to connect to key manager + label: Consumer Key + type: select + required: true + mask: true + - default: admin + updateDisabled: true + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username to connect to key manager + label: Consumer Key + type: select + required: true + mask: true + defaultConsumerKeyClaim: azp + endpointConfigurations: + - default: admin + updateDisabled: true + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username to connect to key manager + label: Consumer Key + type: select + required: true + mask: true + - default: admin + updateDisabled: true + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username to connect to key manager + label: Consumer Key + type: select + required: true + mask: true displayName: default configurations: - default: admin + updateDisabled: true values: - '{}' - '{}' name: consumer_key multiple: true - tooltip: Entet username to connect to key manager + tooltip: Enter username to connect to key manager label: Consumer Key type: select required: true mask: true - default: admin + updateDisabled: true values: - '{}' - '{}' name: consumer_key multiple: true - tooltip: Entet username to connect to key manager + tooltip: Enter username to connect to key manager label: Consumer Key type: select required: true mask: true + configurationConstraints: + - constraintType: RANGE + default: '{}' + values: + - '{}' + - '{}' + name: application_access_token_expiry_time + multiple: true + tooltip: Define the valid range for token expiration in seconds. + label: Access Token Expiry + type: input + - constraintType: RANGE + default: '{}' + values: + - '{}' + - '{}' + name: application_access_token_expiry_time + multiple: true + tooltip: Define the valid range for token expiration in seconds. + label: Access Token Expiry + type: input defaultScopesClaim: scope type: default - - defaultConsumerKeyClaim: azp + - authConfigurations: + - default: admin + updateDisabled: true + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username to connect to key manager + label: Consumer Key + type: select + required: true + mask: true + - default: admin + updateDisabled: true + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username to connect to key manager + label: Consumer Key + type: select + required: true + mask: true + defaultConsumerKeyClaim: azp + endpointConfigurations: + - default: admin + updateDisabled: true + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username to connect to key manager + label: Consumer Key + type: select + required: true + mask: true + - default: admin + updateDisabled: true + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username to connect to key manager + label: Consumer Key + type: select + required: true + mask: true displayName: default configurations: - default: admin + updateDisabled: true values: - '{}' - '{}' name: consumer_key multiple: true - tooltip: Entet username to connect to key manager + tooltip: Enter username to connect to key manager label: Consumer Key type: select required: true mask: true - default: admin + updateDisabled: true values: - '{}' - '{}' name: consumer_key multiple: true - tooltip: Entet username to connect to key manager + tooltip: Enter username to connect to key manager label: Consumer Key type: select required: true mask: true + configurationConstraints: + - constraintType: RANGE + default: '{}' + values: + - '{}' + - '{}' + name: application_access_token_expiry_time + multiple: true + tooltip: Define the valid range for token expiration in seconds. + label: Access Token Expiry + type: input + - constraintType: RANGE + default: '{}' + values: + - '{}' + - '{}' + name: application_access_token_expiry_time + multiple: true + tooltip: Define the valid range for token expiration in seconds. + label: Access Token Expiry + type: input defaultScopesClaim: scope type: default + consumptionExportEnabled: false + isGatewayNotificationEnabled: false + universalGatewayVersion: 1.0.0 gatewayTypes: - gatewayTypes - gatewayTypes + orgAccessControlEnabled: true + IsJWTEnabledForLoginTokens: false + transactionCounterEnable: false scopes: - scopes - scopes @@ -10293,14 +10502,43 @@ components: items: type: string type: array + IsJWTEnabledForLoginTokens: + default: false + type: boolean + orgAccessControlEnabled: + description: | + Is Organization-based access control configuration enabled + example: true + type: boolean keyManagerConfiguration: items: $ref: '#/components/schemas/Settings_keyManagerConfiguration' type: array + gatewayConfiguration: + items: + $ref: '#/components/schemas/Settings_gatewayConfiguration' + type: array analyticsEnabled: description: To determine whether analytics is enabled or not example: false type: boolean + transactionCounterEnable: + description: To determine whether the transaction counter is enabled or + not + example: false + type: boolean + isGatewayNotificationEnabled: + default: false + description: Is Gateway Notification Enabled + type: boolean + universalGatewayVersion: + description: Universal Gateway version for quick-start guide (e.g. "1.0.0") + example: 1.0.0 + type: string + consumptionExportEnabled: + description: Whether the ConsumptionDataExportService OSGi service is available + example: false + type: boolean title: Settings type: object ScopeList: @@ -10380,6 +10618,7 @@ components: - allowedOrganizations scopeManagementEndpoint: https://wso2is.com:9444/api/identity/oauth2/v1.0/scopes description: This is a key manager for Developers + global: true type: WSO2-IS issuer: https://localhost:9444/services enabled: true @@ -10396,6 +10635,11 @@ components: userInfoEndpoint: https://localhost:9444/oauth2/userinfo?schema=openid displayTokenEndpoint: https://localhost:9444/oauth2/token displayRevokeEndpoint: https://localhost:9444/oauth2/revoke + endpoints: + - name: token_endpoint + value: https://localhost:9443/oauth2/token + - name: token_endpoint + value: https://localhost:9443/oauth2/token enableSelfValidationJWT: true enableTokenEncryption: false availableGrantTypes: @@ -10450,6 +10694,7 @@ components: - allowedOrganizations scopeManagementEndpoint: https://wso2is.com:9444/api/identity/oauth2/v1.0/scopes description: This is a key manager for Developers + global: true type: WSO2-IS issuer: https://localhost:9444/services enabled: true @@ -10466,6 +10711,11 @@ components: userInfoEndpoint: https://localhost:9444/oauth2/userinfo?schema=openid displayTokenEndpoint: https://localhost:9444/oauth2/token displayRevokeEndpoint: https://localhost:9444/oauth2/revoke + endpoints: + - name: token_endpoint + value: https://localhost:9443/oauth2/token + - name: token_endpoint + value: https://localhost:9443/oauth2/token enableSelfValidationJWT: true enableTokenEncryption: false availableGrantTypes: @@ -10530,29 +10780,41 @@ components: Well-Known Endpoint of Identity Provider. type: string introspectionEndpoint: + deprecated: true example: https://localhost:9444/oauth2/introspect type: string clientRegistrationEndpoint: + deprecated: true example: https://localhost:9444/keymanager-operations/dcr/register type: string tokenEndpoint: + deprecated: true example: https://localhost:9444/oauth2/token type: string displayTokenEndpoint: + deprecated: true example: https://localhost:9444/oauth2/token type: string revokeEndpoint: + deprecated: true example: https://localhost:9444/oauth2/revoke type: string displayRevokeEndpoint: + deprecated: true example: https://localhost:9444/oauth2/revoke type: string userInfoEndpoint: + deprecated: true example: https://localhost:9444/oauth2/userinfo?schema=openid type: string authorizeEndpoint: + deprecated: true example: https://localhost:9444/oauth2/authorize type: string + endpoints: + items: + $ref: '#/components/schemas/KeyManagerEndpoint' + type: array certificates: $ref: '#/components/schemas/KeyManager_certificates' issuer: @@ -10565,6 +10827,7 @@ components: example: https://localhost:9443/oauth2/token type: string scopeManagementEndpoint: + deprecated: true example: https://wso2is.com:9444/api/identity/oauth2/v1.0/scopes type: string availableGrantTypes: @@ -10612,6 +10875,9 @@ components: enabled: example: true type: boolean + global: + example: true + type: boolean additionalProperties: example: self_validate_jwt: true @@ -10624,7 +10890,7 @@ components: tokenType: default: DIRECT description: The type of the tokens to be used (exchanged or without exchanged). - Accepted values are EXCHANGED and DIRECT. + Accepted values are EXCHANGED, DIRECT and BOTH. enum: - EXCHANGED - DIRECT @@ -10633,53 +10899,171 @@ components: type: string allowedOrganizations: items: - type: string + type: string + type: array + required: + - name + - type + title: Key Manager + type: object + KeyManagerEndpoint: + example: + name: token_endpoint + value: https://localhost:9443/oauth2/token + properties: + name: + example: token_endpoint + type: string + value: + example: https://localhost:9443/oauth2/token + type: string + required: + - name + - value + title: Key Manager Endpoint. + type: object + KeyManagerInfo: + example: + name: WSO2 IS + isGlobal: true + description: This is a key manager for Developers + id: 01234567-0123-0123-0123-012345678901 + type: IS + tokenType: EXCHANGED + enabled: true + isUsed: true + properties: + id: + example: 01234567-0123-0123-0123-012345678901 + type: string + name: + example: WSO2 IS + type: string + type: + example: IS + type: string + description: + example: This is a key manager for Developers + type: string + enabled: + example: true + type: boolean + isGlobal: + example: true + type: boolean + isUsed: + example: true + type: boolean + tokenType: + default: DIRECT + description: The type of the tokens to be used (exchanged or without exchanged). + Accepted values are EXCHANGED, DIRECT and BOTH. + enum: + - EXCHANGED + - DIRECT + - BOTH + example: EXCHANGED + type: string + required: + - name + - type + title: Key Manager Info + type: object + KeyManagerConfiguration: + example: + default: admin + updateDisabled: true + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username to connect to key manager + label: Consumer Key + type: select + required: true + mask: true + properties: + name: + example: consumer_key + type: string + label: + example: Consumer Key + type: string + type: + example: select + type: string + required: + example: true + type: boolean + mask: + example: true + type: boolean + multiple: + example: true + type: boolean + tooltip: + example: Enter username to connect to key manager + type: string + default: + example: admin + properties: {} + type: object + values: + items: + properties: {} + type: object type: array - required: - - name - - type - title: Key Manager + updateDisabled: + default: false + description: Indicates that this configuration field cannot be modified + once the Key Manager is created. + example: true + type: boolean + title: Key Manager Configuration type: object - KeyManagerInfo: + ConfigurationConstraint: example: - name: WSO2 IS - description: This is a key manager for Developers - id: 01234567-0123-0123-0123-012345678901 - type: IS - tokenType: EXCHANGED - enabled: true + constraintType: RANGE + default: '{}' + values: + - '{}' + - '{}' + name: application_access_token_expiry_time + multiple: true + tooltip: Define the valid range for token expiration in seconds. + label: Access Token Expiry + type: input properties: - id: - example: 01234567-0123-0123-0123-012345678901 - type: string name: - example: WSO2 IS + example: application_access_token_expiry_time type: string - type: - example: IS + label: + example: Access Token Expiry type: string - description: - example: This is a key manager for Developers + type: + example: input type: string - enabled: + multiple: example: true type: boolean - tokenType: - default: DIRECT - description: The type of the tokens to be used (exchanged or without exchanged). - Accepted values are EXCHANGED and DIRECT. - enum: - - EXCHANGED - - DIRECT - - BOTH - example: EXCHANGED + tooltip: + example: Define the valid range for token expiration in seconds. type: string - required: - - name - - type - title: Key Manager Info + constraintType: + example: RANGE + type: string + values: + items: + properties: {} + type: object + type: array + default: + properties: {} + type: object + title: Configurable Configuration Constraints type: object - KeyManagerConfiguration: + GatewayConfiguration: example: default: admin values: @@ -10687,7 +11071,7 @@ components: - '{}' name: consumer_key multiple: true - tooltip: Entet username to connect to key manager + tooltip: Enter username label: Consumer Key type: select required: true @@ -10712,7 +11096,7 @@ components: example: true type: boolean tooltip: - example: Entet username to connect to key manager + example: Enter username type: string default: example: admin @@ -10723,24 +11107,28 @@ components: properties: {} type: object type: array - title: Key Manager Configuration + title: Gateway Configuration type: object KeyManagerList: example: count: 1 list: - name: WSO2 IS + isGlobal: true description: This is a key manager for Developers id: 01234567-0123-0123-0123-012345678901 type: IS tokenType: EXCHANGED enabled: true + isUsed: true - name: WSO2 IS + isGlobal: true description: This is a key manager for Developers id: 01234567-0123-0123-0123-012345678901 type: IS tokenType: EXCHANGED enabled: true + isUsed: true properties: count: description: | @@ -10753,6 +11141,163 @@ components: type: array title: Key Manager List type: object + KeyManagerAppUsages: + example: + applicationCount: 0 + applications: + - organizationId: organizationId + owner: owner + organization: organization + name: name + uuid: uuid + - organizationId: organizationId + owner: owner + organization: organization + name: name + uuid: uuid + properties: + applicationCount: + description: The total count of applications. + type: integer + applications: + items: + $ref: '#/components/schemas/ApplicationInfoKeyManager' + type: array + required: + - applicationCount + - applications + title: Key Manager Application Usages. + type: object + ApplicationInfoKeyManager: + example: + organizationId: organizationId + owner: owner + organization: organization + name: name + uuid: uuid + properties: + name: + description: The name of the application. + type: string + uuid: + description: The UUID of the application. + type: string + organizationId: + description: The ID of the organization to which the application belongs. + nullable: true + type: string + owner: + description: The owner of the application. + type: string + organization: + description: The organization of the application. + type: string + required: + - name + - organization + - owner + - uuid + type: object + KeyManagerAPIUsages: + example: + apis: + - advertiseOnly: true + provider: provider + name: name + context: context + description: description + transportType: transportType + keyManagerEntry: keyManagerEntry + id: id + type: type + thumbnailUri: thumbnailUri + version: version + status: status + - advertiseOnly: true + provider: provider + name: name + context: context + description: description + transportType: transportType + keyManagerEntry: keyManagerEntry + id: id + type: type + thumbnailUri: thumbnailUri + version: version + status: status + apiCount: 0 + properties: + apiCount: + description: The total count of APIs. + type: integer + apis: + items: + $ref: '#/components/schemas/APIInfoKeyManager' + type: array + required: + - apiCount + - apis + title: Key Manager API Usages. + type: object + APIInfoKeyManager: + example: + advertiseOnly: true + provider: provider + name: name + context: context + description: description + transportType: transportType + keyManagerEntry: keyManagerEntry + id: id + type: type + thumbnailUri: thumbnailUri + version: version + status: status + properties: + id: + description: The ID of the API. + type: string + type: + description: The type of the entry (e.g., "API"). + type: string + name: + description: The name of the API. + type: string + transportType: + description: The transport type of the API. + type: string + description: + description: The description of the API. + nullable: true + type: string + context: + description: The context of the API. + type: string + version: + description: The version of the API. + type: string + provider: + description: The provider of the API. + type: string + status: + description: The status of the API. + type: string + thumbnailUri: + description: The URI of the thumbnail of the API. + nullable: true + type: string + advertiseOnly: + description: Indicates if the API is advertised only. + type: boolean + keyManagerEntry: + description: The key manager entry related to the API. + type: string + required: + - id + - name + - provider + - version + type: object ClaimMappingEntry: example: remoteClaim: http://idp.org/username @@ -10955,17 +11500,17 @@ components: Type of the Workflow Request. It shows which type of request is it. enum: - APPLICATION_CREATION - - APPLICATION_UPDATE - SUBSCRIPTION_CREATION - USER_SIGNUP - APPLICATION_REGISTRATION_PRODUCTION - APPLICATION_REGISTRATION_SANDBOX - APPLICATION_DELETION - API_STATE + - API_PRODUCT_STATE - SUBSCRIPTION_DELETION - SUBSCRIPTION_UPDATE - - API_PRODUCT_STATE - REVISION_DEPLOYMENT + - APPLICATION_UPDATE example: APPLICATION_CREATION type: string workflowStatus: @@ -11143,7 +11688,140 @@ components: type: array title: Role alias type: object - SearchResultList: + Pagination: + example: + next: next + total: 10 + offset: 0 + previous: previous + limit: 1 + properties: + offset: + example: 0 + type: integer + limit: + example: 1 + type: integer + total: + example: 10 + type: integer + next: + description: | + Link to the next subset of resources qualified. + Empty if no more resources are to be returned. + example: "" + type: string + previous: + description: | + Link to the previous subset of resources qualified. + Empty if current subset is the first subset returned. + example: "" + type: string + title: Pagination + type: object + PaginationApis: + properties: + offset: + example: 0 + type: integer + limit: + example: 1 + type: integer + total: + example: 10 + type: integer + next: + description: | + Link to the next subset of resources qualified. + Empty if no more resources are to be returned. + type: string + previous: + description: | + Link to the previous subset of resources qualified. + Empty if current subset is the first subset returned. + type: string + title: Pagination + type: object + SearchResultList: + example: + pagination: + next: next + total: 10 + offset: 0 + previous: previous + limit: 1 + apis: + - provider: provider + name: name + id: id + version: version + - provider: provider + name: name + id: id + version: version + count: 1 + properties: + apis: + items: + $ref: '#/components/schemas/ApiResult' + type: array + count: + description: | + Number of results returned. + example: 1 + type: integer + pagination: + $ref: '#/components/schemas/Pagination' + title: Unified Search Result List + type: object + ApiResult: + example: + provider: provider + name: name + id: id + version: version + properties: + provider: + type: string + name: + type: string + version: + type: string + id: + type: string + type: object + TransactionCount: + example: + count: 120 + properties: + count: + example: 120 + type: integer + type: object + Label: + example: + name: Health + description: Health related APIs + id: d7cf8523-9180-4255-84fa-6cb171c1f779 + properties: + id: + example: d7cf8523-9180-4255-84fa-6cb171c1f779 + readOnly: true + type: string + name: + example: Health + maxLength: 255 + minLength: 1 + type: string + description: + example: Health related APIs + maxLength: 1024 + type: string + required: + - name + title: Label + type: object + LabelList: example: pagination: next: next @@ -11151,76 +11829,143 @@ components: offset: 0 previous: previous limit: 1 - apis: - - provider: provider - name: name - id: id - version: version - - provider: provider - name: name - id: id - version: version count: 1 + list: + - name: Health + description: Health related APIs + id: d7cf8523-9180-4255-84fa-6cb171c1f779 + - name: Health + description: Health related APIs + id: d7cf8523-9180-4255-84fa-6cb171c1f779 properties: - apis: - items: - $ref: '#/components/schemas/ApiResult' - type: array count: - description: | - Number of results returned. + description: Number of labels returned. example: 1 type: integer + list: + description: List of labels. + items: + $ref: '#/components/schemas/Label' + type: array pagination: $ref: '#/components/schemas/Pagination' - title: Unified Search Result List + title: Label List type: object - ApiResult: + LabelUsage: example: - provider: provider - name: name - id: id - version: version + apis: + count: 1 + list: + - provider: provider + name: name + id: id + version: version + - provider: provider + name: name + id: id + version: version properties: - provider: + apis: + $ref: '#/components/schemas/LabelUsage_apis' + title: Label Usage + type: object + APIKey: + example: + validityPeriod: 3600 + lastUsed: 1599196134000 + apiName: NotificationsAPI + keyName: Test_Key + keyType: PRODUCTION + user: Bob + applicationName: DefaultApplication + keyUUID: keyUUID + issuedOn: 1599196134000 + properties: + keyUUID: + description: The UUID of the API key type: string - name: + keyName: + description: API Key name + example: Test_Key type: string - version: + apiName: + description: API Name + example: NotificationsAPI type: string - id: + applicationName: + description: Application Name + example: DefaultApplication + type: string + keyType: + description: Application Key Type + enum: + - PRODUCTION + - SANDBOX + example: PRODUCTION + type: string + user: + description: Owner of the Application + example: Bob type: string + issuedOn: + description: Created time in Unix epoch milliseconds + example: 1599196134000 + format: int64 + type: integer + validityPeriod: + example: 3600 + format: int64 + type: integer + lastUsed: + description: Last used time in Unix epoch milliseconds + example: 1599196134000 + format: int64 + nullable: true + type: integer + title: API Key details to invoke APIs type: object - Pagination: + APIKeyList: example: - next: next - total: 10 - offset: 0 - previous: previous - limit: 1 + count: 1 + list: + - validityPeriod: 3600 + lastUsed: 1599196134000 + apiName: NotificationsAPI + keyName: Test_Key + keyType: PRODUCTION + user: Bob + applicationName: DefaultApplication + keyUUID: keyUUID + issuedOn: 1599196134000 + - validityPeriod: 3600 + lastUsed: 1599196134000 + apiName: NotificationsAPI + keyName: Test_Key + keyType: PRODUCTION + user: Bob + applicationName: DefaultApplication + keyUUID: keyUUID + issuedOn: 1599196134000 properties: - offset: - example: 0 - type: integer - limit: + count: + description: | + Number of API keys returned. example: 1 type: integer - total: - example: 10 - type: integer - next: - description: | - Link to the next subset of resources qualified. - Empty if no more resources are to be returned. - example: "" - type: string - previous: - description: | - Link to the previous subset of resources qualified. - Empty if current subset is the first subset returned. - example: "" + list: + items: + $ref: '#/components/schemas/APIKey' + type: array + title: API Keys List + type: object + APIKeyRevokeRequest: + properties: + keyUUID: + description: The UUID of the API key type: string - title: Pagination + required: + - keyUUID + title: API Key revoke request object type: object AdvancedThrottlePolicyInfo_allOf: properties: @@ -11260,6 +12005,10 @@ components: description: Burst control time unit example: min type: string + subscriberCount: + description: Number of subscriptions allowed + example: 10 + type: integer customAttributes: description: | Custom attributes added to the Subscription Throttling Policy @@ -11279,11 +12028,6 @@ components: type: string permissions: $ref: '#/components/schemas/SubscriptionThrottlePolicyPermission' - subscriberCount: - description: | - Number of subscriptions allowed - example: 10 - type: integer required: - defaultLimit CustomRule_allOf: @@ -11362,8 +12106,8 @@ components: example: permissionType: ALLOW roles: - - Subscriber - - Internal/subscriber + - Internal/everyone + - Internal/everyone properties: permissionType: default: PUBLIC @@ -11374,12 +12118,81 @@ components: example: ALLOW type: string roles: + items: + example: Internal/everyone + type: string + type: array + CreatePlatformGatewayRequest_permissions: + description: Gateway visibility permissions configuration + example: '{"permissionType":"ALLOW","roles":["admin","publisher"]}' + properties: + permissionType: + default: PUBLIC + description: | + Permission type for gateway visibility: + - PUBLIC: Gateway is visible to all users + - ALLOW: Gateway is visible only to specified roles + - DENY: Gateway is hidden from specified roles + enum: + - PUBLIC + - ALLOW + - DENY + type: string + roles: + description: List of roles for ALLOW/DENY permission types example: - - Subscriber - - Internal/subscriber + - admin + - publisher + items: + type: string + type: array + UpdatePlatformGatewayRequest_permissions: + description: Gateway visibility permissions (on-prem extension) + properties: + permissionType: + default: PUBLIC + enum: + - PUBLIC + - ALLOW + - DENY + type: string + roles: + description: List of roles for ALLOW/DENY permission types + items: + type: string + type: array + PlatformGatewayResponse_permissions: + description: Gateway visibility permissions configuration + example: + permissionType: PUBLIC + roles: + - roles + - roles + properties: + permissionType: + default: PUBLIC + description: | + Permission type for gateway visibility: + - PUBLIC: Gateway is visible to all users + - ALLOW: Gateway is visible only to specified roles + - DENY: Gateway is hidden from specified roles + enum: + - PUBLIC + - ALLOW + - DENY + type: string + roles: + description: List of roles for ALLOW/DENY permission types items: type: string type: array + GatewayResponseWithToken_allOf: + properties: + registrationToken: + description: | + Registration token (returned only once on create or regenerate). Use as api-key when connecting + the gateway to the control plane WebSocket. Store e.g. as GATEWAY_REGISTRATION_TOKEN. + type: string CustomUrlInfo_devPortal: example: url: http://example.com @@ -11389,31 +12202,104 @@ components: type: string Settings_keyManagerConfiguration: example: + authConfigurations: + - default: admin + updateDisabled: true + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username to connect to key manager + label: Consumer Key + type: select + required: true + mask: true + - default: admin + updateDisabled: true + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username to connect to key manager + label: Consumer Key + type: select + required: true + mask: true defaultConsumerKeyClaim: azp + endpointConfigurations: + - default: admin + updateDisabled: true + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username to connect to key manager + label: Consumer Key + type: select + required: true + mask: true + - default: admin + updateDisabled: true + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username to connect to key manager + label: Consumer Key + type: select + required: true + mask: true displayName: default configurations: - default: admin + updateDisabled: true values: - '{}' - '{}' name: consumer_key multiple: true - tooltip: Entet username to connect to key manager + tooltip: Enter username to connect to key manager label: Consumer Key type: select required: true mask: true - default: admin + updateDisabled: true values: - '{}' - '{}' name: consumer_key multiple: true - tooltip: Entet username to connect to key manager + tooltip: Enter username to connect to key manager label: Consumer Key type: select required: true mask: true + configurationConstraints: + - constraintType: RANGE + default: '{}' + values: + - '{}' + - '{}' + name: application_access_token_expiry_time + multiple: true + tooltip: Define the valid range for token expiration in seconds. + label: Access Token Expiry + type: input + - constraintType: RANGE + default: '{}' + values: + - '{}' + - '{}' + name: application_access_token_expiry_time + multiple: true + tooltip: Define the valid range for token expiration in seconds. + label: Access Token Expiry + type: input defaultScopesClaim: scope type: default properties: @@ -11429,10 +12315,72 @@ components: defaultScopesClaim: example: scope type: string + authConfigurations: + items: + $ref: '#/components/schemas/KeyManagerConfiguration' + type: array configurations: items: $ref: '#/components/schemas/KeyManagerConfiguration' type: array + endpointConfigurations: + items: + $ref: '#/components/schemas/KeyManagerConfiguration' + type: array + configurationConstraints: + items: + $ref: '#/components/schemas/ConfigurationConstraint' + type: array + Settings_gatewayConfiguration: + example: + defaultHostnameTemplate: '{apiId}.execute-api.{region}.amazonaws.com' + displayName: default + configurations: + - default: admin + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username + label: Consumer Key + type: select + required: true + mask: true + - default: admin + values: + - '{}' + - '{}' + name: consumer_key + multiple: true + tooltip: Enter username + label: Consumer Key + type: select + required: true + mask: true + type: default + supportedModes: + - READ_WRITE + - READ_WRITE + properties: + type: + example: default + type: string + displayName: + example: default + type: string + supportedModes: + items: + example: READ_WRITE + type: string + type: array + configurations: + items: + $ref: '#/components/schemas/GatewayConfiguration' + type: array + defaultHostnameTemplate: + example: '{apiId}.execute-api.{region}.amazonaws.com' + type: string KeyManager_certificates: example: type: JWKS @@ -11465,6 +12413,30 @@ components: example: Internal/subscriber type: string type: array + LabelUsage_apis: + description: | + List of APIs associated with the label. + example: + count: 1 + list: + - provider: provider + name: name + id: id + version: version + - provider: provider + name: name + id: id + version: version + properties: + count: + description: Number of APIs associated with the label. + example: 1 + type: integer + list: + description: List of APIs associated with the label. + items: + $ref: '#/components/schemas/ApiResult' + type: array securitySchemes: OAuth2Security: flows: @@ -11475,17 +12447,18 @@ components: apim:admin: Manage all admin operations apim:tier_view: View throttling policies apim:tier_manage: Update and delete throttling policies + apim:admin_tier_view: View throttling policies + apim:admin_tier_manage: Update and delete throttling policies apim:bl_view: View deny policies apim:bl_manage: Update and delete deny policies apim:mediation_policy_view: View mediation policies apim:mediation_policy_create: Create and update mediation policies apim:app_owner_change: Retrieve and manage applications + apim:app_settings_change: Change Application Settings apim:app_import_export: Import and export applications related operations apim:api_import_export: Import and export APIs related operations apim:api_product_import_export: Import and export API Products related operations - apim:label_manage: Manage microgateway labels - apim:label_read: Retrieve microgateway labels apim:environment_manage: Manage gateway environments apim:environment_read: Retrieve gateway environments apim:monetization_usage_publish: Retrieve and publish Monetization related @@ -11496,11 +12469,21 @@ components: apim:tenant_theme_manage: Manage tenant themes apim:admin_operations: Manage API categories and Key Managers related operations + apim:api_category: Manage API categories apim:admin_settings: Retrieve admin settings apim:admin_alert_manage: Manage admin alerts apim:api_workflow_view: Retrive workflow requests apim:scope_manage: Manage system scopes + apim:role_manage: Manage system roles + apim:admin_application_view: View Applications + apim:keymanagers_manage: Manage Key Managers + apim:api_provider_change: Retrieve and manage applications apim:llm_provider_manage: Manage LLM Providers + apim:gov_policy_read: Retrieve governance policies + apim:gov_policy_manage: Manage governance policies + apim:gov_result_read: Retrieve governance results + apim:gov_rule_read: Retrieve governance rules + apim:gov_rule_manage: Manage governance rules apim:organization_manage: Manage Organizations apim:organization_read: Read Organizations tokenUrl: https://localhost:9443/oauth2/token diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/openapi-overrides/JSON.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/openapi-overrides/JSON.java new file mode 100644 index 0000000000..f77c78390d --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/openapi-overrides/JSON.java @@ -0,0 +1,402 @@ +/* + * Applied after OpenAPI codegen (see pom.xml). Gson date adapters accept epoch millis (JSON number + * or string) because some Admin API payloads serialize date-time fields that way; stock okhttp-gson + * JSON.java only accepts ISO-8601 strings. + */ +package org.wso2.am.integration.clients.admin; + +import com.google.gson.Gson; +import com.google.gson.GsonBuilder; +import com.google.gson.JsonParseException; +import com.google.gson.TypeAdapter; +import com.google.gson.internal.bind.util.ISO8601Utils; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonToken; +import com.google.gson.stream.JsonWriter; +import com.google.gson.JsonElement; +import io.gsonfire.GsonFireBuilder; +import io.gsonfire.TypeSelector; + +import org.wso2.am.integration.clients.admin.api.dto.*; +import okio.ByteString; + +import java.io.IOException; +import java.io.StringReader; +import java.lang.reflect.Type; +import java.text.DateFormat; +import java.text.ParseException; +import java.text.ParsePosition; +import java.util.Collections; +import java.util.Date; +import java.util.HashMap; +import java.util.Map; + +public class JSON { + + private static final Map> CLASS_BY_DISCRIMINATOR_VALUE; + + static { + Map> m = new HashMap>(); + m.put("AdvancedThrottlePolicyInfo", AdvancedThrottlePolicyInfoDTO.class); + m.put("AdvancedThrottlePolicy", AdvancedThrottlePolicyDTO.class); + m.put("ApplicationThrottlePolicy", ApplicationThrottlePolicyDTO.class); + m.put("SubscriptionThrottlePolicy", SubscriptionThrottlePolicyDTO.class); + m.put("CustomRule", CustomRuleDTO.class); + m.put("ThrottlePolicy", ThrottlePolicyDTO.class); + CLASS_BY_DISCRIMINATOR_VALUE = Collections.unmodifiableMap(m); + } + + private Gson gson; + private boolean isLenientOnJson = false; + private DateTypeAdapter dateTypeAdapter = new DateTypeAdapter(); + private SqlDateTypeAdapter sqlDateTypeAdapter = new SqlDateTypeAdapter(); + private ByteArrayAdapter byteArrayAdapter = new ByteArrayAdapter(); + + public static GsonBuilder createGson() { + GsonFireBuilder fireBuilder = new GsonFireBuilder() + .registerTypeSelector(ThrottlePolicyDTO.class, new TypeSelector() { + @Override + public Class getClassForElement(JsonElement readElement) { + return getClassByDiscriminator(CLASS_BY_DISCRIMINATOR_VALUE, + getDiscriminatorValue(readElement, "type")); + } + }) + ; + GsonBuilder builder = fireBuilder.createGsonBuilder(); + return builder; + } + + private static String getDiscriminatorValue(JsonElement readElement, String discriminatorField) { + JsonElement element = readElement.getAsJsonObject().get(discriminatorField); + if (null == element) { + throw new IllegalArgumentException("missing discriminator field: <" + discriminatorField + ">"); + } + return element.getAsString(); + } + + /** + * Returns the Java class that implements the OpenAPI schema for the specified discriminator value. + * + * @param classByDiscriminatorValue The map of discriminator values to Java classes. + * @param discriminatorValue The value of the OpenAPI discriminator in the input data. + * @return The Java class that implements the OpenAPI schema + */ + private static Class getClassByDiscriminator(Map classByDiscriminatorValue, String discriminatorValue) { + Class clazz = (Class) classByDiscriminatorValue.get(discriminatorValue); + if (null == clazz) { + throw new IllegalArgumentException("cannot determine model class of name: <" + discriminatorValue + ">"); + } + return clazz; + } + + public JSON() { + gson = createGson() + .registerTypeAdapter(Date.class, dateTypeAdapter) + .registerTypeAdapter(java.sql.Date.class, sqlDateTypeAdapter) + .registerTypeAdapter(byte[].class, byteArrayAdapter) + .create(); + } + + /** + * Get Gson. + * + * @return Gson + */ + public Gson getGson() { + return gson; + } + + /** + * Set Gson. + * + * @param gson Gson + * @return JSON + */ + public JSON setGson(Gson gson) { + this.gson = gson; + return this; + } + + public JSON setLenientOnJson(boolean lenientOnJson) { + isLenientOnJson = lenientOnJson; + return this; + } + + /** + * Serialize the given Java object into JSON string. + * + * @param obj Object + * @return String representation of the JSON + */ + public String serialize(Object obj) { + return gson.toJson(obj); + } + + /** + * Deserialize the given JSON string to Java object. + * + * @param Type + * @param body The JSON string + * @param returnType The type to deserialize into + * @return The deserialized Java object + */ + @SuppressWarnings("unchecked") + public T deserialize(String body, Type returnType) { + try { + if (isLenientOnJson) { + JsonReader jsonReader = new JsonReader(new StringReader(body)); + jsonReader.setLenient(true); + return gson.fromJson(jsonReader, returnType); + } else { + return gson.fromJson(body, returnType); + } + } catch (JsonParseException e) { + if (returnType.equals(String.class)) { + return (T) body; + } else { + throw (e); + } + } + } + + /** + * Gson TypeAdapter for Byte Array type + */ + public class ByteArrayAdapter extends TypeAdapter { + + @Override + public void write(JsonWriter out, byte[] value) throws IOException { + if (value == null) { + out.nullValue(); + } else { + out.value(ByteString.of(value).base64()); + } + } + + @Override + public byte[] read(JsonReader in) throws IOException { + JsonToken token = in.peek(); + if (token == JsonToken.NULL) { + in.nextNull(); + return null; + } + if (token != JsonToken.STRING) { + throw new JsonParseException( + "Expected STRING or NULL for byte[] property, got " + token); + } + String bytesAsBase64 = in.nextString(); + ByteString byteString = ByteString.decodeBase64(bytesAsBase64); + if (byteString == null) { + throw new JsonParseException( + "Invalid base64 content for byte[] property: " + bytesAsBase64); + } + return byteString.toByteArray(); + } + } + + /** + * Gson TypeAdapter for java.sql.Date type + * If the dateFormat is null, a simple "yyyy-MM-dd" format will be used + * (more efficient than SimpleDateFormat). + */ + public static class SqlDateTypeAdapter extends TypeAdapter { + + private DateFormat dateFormat; + + public SqlDateTypeAdapter() {} + + public SqlDateTypeAdapter(DateFormat dateFormat) { + this.dateFormat = dateFormat; + } + + public void setFormat(DateFormat dateFormat) { + this.dateFormat = dateFormat; + } + + @Override + public void write(JsonWriter out, java.sql.Date date) throws IOException { + if (date == null) { + out.nullValue(); + } else { + String value; + if (dateFormat != null) { + value = dateFormat.format(date); + } else { + value = date.toString(); + } + out.value(value); + } + } + + @Override + public java.sql.Date read(JsonReader in) throws IOException { + switch (in.peek()) { + case NULL: + in.nextNull(); + return null; + case NUMBER: + return parseSqlDateFromJsonNumber(in); + default: + String date = in.nextString(); + try { + java.sql.Date fromEpoch = parseSqlDateFromEpochString(date); + if (fromEpoch != null) { + return fromEpoch; + } + if (dateFormat != null) { + return new java.sql.Date(dateFormat.parse(date).getTime()); + } + return new java.sql.Date(ISO8601Utils.parse(date, new ParsePosition(0)).getTime()); + } catch (ParseException e) { + throw new JsonParseException(e); + } + } + } + + private java.sql.Date parseSqlDateFromJsonNumber(JsonReader in) throws IOException { + String epochRaw = in.nextString(); + try { + return new java.sql.Date(Long.parseLong(epochRaw)); + } catch (NumberFormatException e) { + try { + double d = Double.parseDouble(epochRaw); + return new java.sql.Date((long) d); + } catch (NumberFormatException e2) { + throw new JsonParseException( + "Cannot parse sql.Date from JSON number: " + epochRaw, e2); + } + } + } + + private java.sql.Date parseSqlDateFromEpochString(String raw) { + if (raw == null) { + return null; + } + String date = raw.trim(); + if (date.isEmpty()) { + return null; + } + if (date.matches("^-?\\d+$")) { + return new java.sql.Date(Long.parseLong(date)); + } + try { + double asDouble = Double.parseDouble(date); + if (!Double.isNaN(asDouble) && !Double.isInfinite(asDouble)) { + return new java.sql.Date((long) asDouble); + } + } catch (NumberFormatException ignored) { + } + return null; + } + } + + /** + * Gson TypeAdapter for java.util.Date type + * If the dateFormat is null, ISO8601Utils will be used. + */ + public static class DateTypeAdapter extends TypeAdapter { + + private DateFormat dateFormat; + + public DateTypeAdapter() {} + + public DateTypeAdapter(DateFormat dateFormat) { + this.dateFormat = dateFormat; + } + + public void setFormat(DateFormat dateFormat) { + this.dateFormat = dateFormat; + } + + @Override + public void write(JsonWriter out, Date date) throws IOException { + if (date == null) { + out.nullValue(); + } else { + String value; + if (dateFormat != null) { + value = dateFormat.format(date); + } else { + value = ISO8601Utils.format(date, true); + } + out.value(value); + } + } + + @Override + public Date read(JsonReader in) throws IOException { + try { + switch (in.peek()) { + case NULL: + in.nextNull(); + return null; + case NUMBER: + return parseUtilDateFromJsonNumber(in); + default: + String date = in.nextString(); + try { + Date fromEpoch = parseUtilDateFromEpochString(date); + if (fromEpoch != null) { + return fromEpoch; + } + if (dateFormat != null) { + return dateFormat.parse(date); + } + return ISO8601Utils.parse(date, new ParsePosition(0)); + } catch (ParseException e) { + throw new JsonParseException(e); + } + } + } catch (IllegalArgumentException e) { + throw new JsonParseException(e); + } + } + + private Date parseUtilDateFromJsonNumber(JsonReader in) throws IOException { + String epochRaw = in.nextString(); + try { + return new Date(Long.parseLong(epochRaw)); + } catch (NumberFormatException e) { + try { + double d = Double.parseDouble(epochRaw); + return new Date((long) d); + } catch (NumberFormatException e2) { + throw new JsonParseException( + "Cannot parse java.util.Date from JSON number: " + epochRaw, e2); + } + } + } + + private Date parseUtilDateFromEpochString(String raw) { + if (raw == null) { + return null; + } + String date = raw.trim(); + if (date.isEmpty()) { + return null; + } + if (date.matches("^-?\\d+$")) { + return new Date(Long.parseLong(date)); + } + try { + double asDouble = Double.parseDouble(date); + if (!Double.isNaN(asDouble) && !Double.isInfinite(asDouble)) { + return new Date((long) asDouble); + } + } catch (NumberFormatException ignored) { + } + return null; + } + } + + public JSON setDateFormat(DateFormat dateFormat) { + dateTypeAdapter.setFormat(dateFormat); + return this; + } + + public JSON setSqlDateFormat(DateFormat dateFormat) { + sqlDateTypeAdapter.setFormat(dateFormat); + return this; + } + +} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/openapi-overrides/api/dto/EnvironmentDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/openapi-overrides/api/dto/EnvironmentDTO.java new file mode 100644 index 0000000000..e988a725b4 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/openapi-overrides/api/dto/EnvironmentDTO.java @@ -0,0 +1,680 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonToken; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.net.URI; +import java.util.ArrayList; +import java.util.List; +import org.wso2.am.integration.clients.admin.api.dto.AdditionalPropertyDTO; +import org.wso2.am.integration.clients.admin.api.dto.EnvironmentPermissionsDTO; +import org.wso2.am.integration.clients.admin.api.dto.GatewayEnvironmentProtocolURIDTO; +import org.wso2.am.integration.clients.admin.api.dto.VHostDTO; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* EnvironmentDTO +*/ + +public class EnvironmentDTO { + public static final String SERIALIZED_NAME_ID = "id"; + @SerializedName(SERIALIZED_NAME_ID) + private String id; + + public static final String SERIALIZED_NAME_NAME = "name"; + @SerializedName(SERIALIZED_NAME_NAME) + private String name; + + public static final String SERIALIZED_NAME_DISPLAY_NAME = "displayName"; + @SerializedName(SERIALIZED_NAME_DISPLAY_NAME) + private String displayName; + + public static final String SERIALIZED_NAME_PROVIDER = "provider"; + @SerializedName(SERIALIZED_NAME_PROVIDER) + private String provider; + + public static final String SERIALIZED_NAME_TYPE = "type"; + @SerializedName(SERIALIZED_NAME_TYPE) + private String type = "hybrid"; + + public static final String SERIALIZED_NAME_GATEWAY_TYPE = "gatewayType"; + @SerializedName(SERIALIZED_NAME_GATEWAY_TYPE) + private String gatewayType = "Regular"; + + public static final String SERIALIZED_NAME_DESCRIPTION = "description"; + @SerializedName(SERIALIZED_NAME_DESCRIPTION) + private String description; + + public static final String SERIALIZED_NAME_IS_READ_ONLY = "isReadOnly"; + @SerializedName(SERIALIZED_NAME_IS_READ_ONLY) + private Boolean isReadOnly = false; + + /** +* The mode of the environment. This indicates whether the environment is in read-only or read-write mode. **READ_ONLY:** The environment is in read-only mode. API cannot be deployed, only discovery is possible. **READ_WRITE:** The environment is in read-write mode. APIs can be deployed and discovered. **WRITE_ONLY:** The environment is in write-only mode/ APIs only can be deployed. +*/ + @JsonAdapter(ModeEnum.Adapter.class) +public enum ModeEnum { + READ_ONLY("READ_ONLY"), + + READ_WRITE("READ_WRITE"), + + WRITE_ONLY("WRITE_ONLY"); + +private String value; + +ModeEnum(String value) { +this.value = value; +} + +public String getValue() { +return value; +} + +@Override +public String toString() { +return String.valueOf(value); +} + +public static ModeEnum fromValue(String value) { + if (value == null) { + return null; + } + for (ModeEnum b : ModeEnum.values()) { + if (b.name().equalsIgnoreCase(value) || b.getValue().equalsIgnoreCase(value)) { + return b; + } + } + throw new IllegalArgumentException("Unexpected value '" + value + "'"); +} + + public static class Adapter extends TypeAdapter { + @Override + public void write(final JsonWriter jsonWriter, final ModeEnum enumeration) throws IOException { + jsonWriter.value(enumeration.getValue()); + } + + @Override + public ModeEnum read(final JsonReader jsonReader) throws IOException { + if (jsonReader.peek() == JsonToken.NULL) { + jsonReader.nextNull(); + return null; + } + String value = jsonReader.nextString(); + return ModeEnum.fromValue(value); + } + } +} + + public static final String SERIALIZED_NAME_MODE = "mode"; + @SerializedName(SERIALIZED_NAME_MODE) + // Aligns with admin-api.yaml Environment.mode default: WRITE_ONLY (example in spec is READ_WRITE). + private ModeEnum mode = ModeEnum.WRITE_ONLY; + + public static final String SERIALIZED_NAME_API_DISCOVERY_SCHEDULED_WINDOW = "apiDiscoveryScheduledWindow"; + @SerializedName(SERIALIZED_NAME_API_DISCOVERY_SCHEDULED_WINDOW) + private Integer apiDiscoveryScheduledWindow = 60; + + public static final String SERIALIZED_NAME_VHOSTS = "vhosts"; + @SerializedName(SERIALIZED_NAME_VHOSTS) + private List vhosts = new ArrayList(); + + public static final String SERIALIZED_NAME_ENDPOINT_U_R_IS = "endpointURIs"; + @SerializedName(SERIALIZED_NAME_ENDPOINT_U_R_IS) + private List endpointURIs = null; + + public static final String SERIALIZED_NAME_ADDITIONAL_PROPERTIES = "additionalProperties"; + @SerializedName(SERIALIZED_NAME_ADDITIONAL_PROPERTIES) + private List additionalProperties = null; + + public static final String SERIALIZED_NAME_PERMISSIONS = "permissions"; + @SerializedName(SERIALIZED_NAME_PERMISSIONS) + private EnvironmentPermissionsDTO permissions; + + /** +* For platform gateway environments (gatewayType Universal), connection status to the control plane (Active or Inactive). +*/ + @JsonAdapter(StatusEnum.Adapter.class) +public enum StatusEnum { + ACTIVE("Active"), + + INACTIVE("Inactive"); + +private String value; + +StatusEnum(String value) { +this.value = value; +} + +public String getValue() { +return value; +} + +@Override +public String toString() { +return String.valueOf(value); +} + +public static StatusEnum fromValue(String value) { + if (value == null) { + return null; + } + for (StatusEnum b : StatusEnum.values()) { + if (b.name().equalsIgnoreCase(value) || b.getValue().equalsIgnoreCase(value)) { + return b; + } + } + throw new IllegalArgumentException("Unexpected value '" + value + "'"); +} + + public static class Adapter extends TypeAdapter { + @Override + public void write(final JsonWriter jsonWriter, final StatusEnum enumeration) throws IOException { + jsonWriter.value(enumeration.getValue()); + } + + @Override + public StatusEnum read(final JsonReader jsonReader) throws IOException { + if (jsonReader.peek() == JsonToken.NULL) { + jsonReader.nextNull(); + return null; + } + String value = jsonReader.nextString(); + return StatusEnum.fromValue(value); + } + } +} + + public static final String SERIALIZED_NAME_STATUS = "status"; + @SerializedName(SERIALIZED_NAME_STATUS) + private StatusEnum status; + + public static final String SERIALIZED_NAME_VHOST = "vhost"; + @SerializedName(SERIALIZED_NAME_VHOST) + private URI vhost; + + public static final String SERIALIZED_NAME_UNIVERSAL_GATEWAY_VERSION = "universalGatewayVersion"; + @SerializedName(SERIALIZED_NAME_UNIVERSAL_GATEWAY_VERSION) + private String universalGatewayVersion; + + + public EnvironmentDTO id(String id) { + + this.id = id; + return this; + } + + /** + * Get id + * @return id + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "ece92bdc-e1e6-325c-b6f4-656208a041e9", value = "") + + public String getId() { + return id; + } + + + public void setId(String id) { + this.id = id; + } + + + public EnvironmentDTO name(String name) { + + this.name = name; + return this; + } + + /** + * Get name + * @return name + **/ + @ApiModelProperty(example = "us-region", required = true, value = "") + + public String getName() { + return name; + } + + + public void setName(String name) { + this.name = name; + } + + + public EnvironmentDTO displayName(String displayName) { + + this.displayName = displayName; + return this; + } + + /** + * Get displayName + * @return displayName + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "US Region", value = "") + + public String getDisplayName() { + return displayName; + } + + + public void setDisplayName(String displayName) { + this.displayName = displayName; + } + + + public EnvironmentDTO provider(String provider) { + + this.provider = provider; + return this; + } + + /** + * Get provider + * @return provider + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "wso2", value = "") + + public String getProvider() { + return provider; + } + + + public void setProvider(String provider) { + this.provider = provider; + } + + + public EnvironmentDTO type(String type) { + + this.type = type; + return this; + } + + /** + * Get type + * @return type + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "hybrid", value = "") + + public String getType() { + return type; + } + + + public void setType(String type) { + this.type = type; + } + + + public EnvironmentDTO gatewayType(String gatewayType) { + + this.gatewayType = gatewayType; + return this; + } + + /** + * Get gatewayType + * @return gatewayType + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "Regular", value = "") + + public String getGatewayType() { + return gatewayType; + } + + + public void setGatewayType(String gatewayType) { + this.gatewayType = gatewayType; + } + + + public EnvironmentDTO description(String description) { + + this.description = description; + return this; + } + + /** + * Get description + * @return description + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "Gateway environment in US Region", value = "") + + public String getDescription() { + return description; + } + + + public void setDescription(String description) { + this.description = description; + } + + + public EnvironmentDTO isReadOnly(Boolean isReadOnly) { + + this.isReadOnly = isReadOnly; + return this; + } + + /** + * Get isReadOnly + * @return isReadOnly + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "false", value = "") + + public Boolean isIsReadOnly() { + return isReadOnly; + } + + + public void setIsReadOnly(Boolean isReadOnly) { + this.isReadOnly = isReadOnly; + } + + + public EnvironmentDTO mode(ModeEnum mode) { + + this.mode = mode; + return this; + } + + /** + * The mode of the environment. This indicates whether the environment is in read-only or read-write mode. **READ_ONLY:** The environment is in read-only mode. API cannot be deployed, only discovery is possible. **READ_WRITE:** The environment is in read-write mode. APIs can be deployed and discovered. **WRITE_ONLY:** The environment is in write-only mode/ APIs only can be deployed. + * @return mode + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "READ_WRITE", value = "The mode of the environment. This indicates whether the environment is in read-only or read-write mode. **READ_ONLY:** The environment is in read-only mode. API cannot be deployed, only discovery is possible. **READ_WRITE:** The environment is in read-write mode. APIs can be deployed and discovered. **WRITE_ONLY:** The environment is in write-only mode/ APIs only can be deployed. ") + + public ModeEnum getMode() { + return mode; + } + + + public void setMode(ModeEnum mode) { + this.mode = mode; + } + + + public EnvironmentDTO apiDiscoveryScheduledWindow(Integer apiDiscoveryScheduledWindow) { + + this.apiDiscoveryScheduledWindow = apiDiscoveryScheduledWindow; + return this; + } + + /** + * The time window in minutes to schedule the API discovery task. This is used to discover APIs from the API Gateway and update the API list in the environment. + * @return apiDiscoveryScheduledWindow + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "The time window in minutes to schedule the API discovery task. This is used to discover APIs from the API Gateway and update the API list in the environment. ") + + public Integer getApiDiscoveryScheduledWindow() { + return apiDiscoveryScheduledWindow; + } + + + public void setApiDiscoveryScheduledWindow(Integer apiDiscoveryScheduledWindow) { + this.apiDiscoveryScheduledWindow = apiDiscoveryScheduledWindow; + } + + + public EnvironmentDTO vhosts(List vhosts) { + + this.vhosts = vhosts; + return this; + } + + /** + * Get vhosts + * @return vhosts + **/ + @ApiModelProperty(required = true, value = "") + + public List getVhosts() { + return vhosts; + } + + + public void setVhosts(List vhosts) { + this.vhosts = vhosts; + } + + + public EnvironmentDTO endpointURIs(List endpointURIs) { + + this.endpointURIs = endpointURIs; + return this; + } + + /** + * Get endpointURIs + * @return endpointURIs + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getEndpointURIs() { + return endpointURIs; + } + + + public void setEndpointURIs(List endpointURIs) { + this.endpointURIs = endpointURIs; + } + + + public EnvironmentDTO additionalProperties(List additionalProperties) { + + this.additionalProperties = additionalProperties; + return this; + } + + /** + * Get additionalProperties + * @return additionalProperties + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getAdditionalProperties() { + return additionalProperties; + } + + + public void setAdditionalProperties(List additionalProperties) { + this.additionalProperties = additionalProperties; + } + + + public EnvironmentDTO permissions(EnvironmentPermissionsDTO permissions) { + + this.permissions = permissions; + return this; + } + + /** + * Get permissions + * @return permissions + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public EnvironmentPermissionsDTO getPermissions() { + return permissions; + } + + + public void setPermissions(EnvironmentPermissionsDTO permissions) { + this.permissions = permissions; + } + + + public EnvironmentDTO status(StatusEnum status) { + + this.status = status; + return this; + } + + /** + * For platform gateway environments (gatewayType Universal), connection status to the control plane (Active or Inactive). + * @return status + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "Active", value = "For platform gateway environments (gatewayType Universal), connection status to the control plane (Active or Inactive).") + + public StatusEnum getStatus() { + return status; + } + + + public void setStatus(StatusEnum status) { + this.status = status; + } + + + public EnvironmentDTO vhost(URI vhost) { + + this.vhost = vhost; + return this; + } + + /** + * For platform gateway environments, the gateway URL (e.g. https://host:9443). Same as Platform Gateways API; only set when this environment represents a platform gateway. + * @return vhost + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "https://mg.wso2.com", value = "For platform gateway environments, the gateway URL (e.g. https://host:9443). Same as Platform Gateways API; only set when this environment represents a platform gateway.") + + public URI getVhost() { + return vhost; + } + + + public void setVhost(URI vhost) { + this.vhost = vhost; + } + + + public EnvironmentDTO universalGatewayVersion(String universalGatewayVersion) { + + this.universalGatewayVersion = universalGatewayVersion; + return this; + } + + /** + * Universal Gateway version from config (e.g. \"1.0.0\"). Set for deploy targets so UI can show quick-start version; from apim.universal_gateway.version. + * @return universalGatewayVersion + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "1.0.0", value = "Universal Gateway version from config (e.g. \"1.0.0\"). Set for deploy targets so UI can show quick-start version; from apim.universal_gateway.version.") + + public String getUniversalGatewayVersion() { + return universalGatewayVersion; + } + + + public void setUniversalGatewayVersion(String universalGatewayVersion) { + this.universalGatewayVersion = universalGatewayVersion; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + EnvironmentDTO environment = (EnvironmentDTO) o; + return Objects.equals(this.id, environment.id) && + Objects.equals(this.name, environment.name) && + Objects.equals(this.displayName, environment.displayName) && + Objects.equals(this.provider, environment.provider) && + Objects.equals(this.type, environment.type) && + Objects.equals(this.gatewayType, environment.gatewayType) && + Objects.equals(this.description, environment.description) && + Objects.equals(this.isReadOnly, environment.isReadOnly) && + Objects.equals(this.mode, environment.mode) && + Objects.equals(this.apiDiscoveryScheduledWindow, environment.apiDiscoveryScheduledWindow) && + Objects.equals(this.vhosts, environment.vhosts) && + Objects.equals(this.endpointURIs, environment.endpointURIs) && + Objects.equals(this.additionalProperties, environment.additionalProperties) && + Objects.equals(this.permissions, environment.permissions) && + Objects.equals(this.status, environment.status) && + Objects.equals(this.vhost, environment.vhost) && + Objects.equals(this.universalGatewayVersion, environment.universalGatewayVersion); + } + + @Override + public int hashCode() { + return Objects.hash(id, name, displayName, provider, type, gatewayType, description, isReadOnly, mode, apiDiscoveryScheduledWindow, vhosts, endpointURIs, additionalProperties, permissions, status, vhost, universalGatewayVersion); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class EnvironmentDTO {\n"); + sb.append(" id: ").append(toIndentedString(id)).append("\n"); + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" displayName: ").append(toIndentedString(displayName)).append("\n"); + sb.append(" provider: ").append(toIndentedString(provider)).append("\n"); + sb.append(" type: ").append(toIndentedString(type)).append("\n"); + sb.append(" gatewayType: ").append(toIndentedString(gatewayType)).append("\n"); + sb.append(" description: ").append(toIndentedString(description)).append("\n"); + sb.append(" isReadOnly: ").append(toIndentedString(isReadOnly)).append("\n"); + sb.append(" mode: ").append(toIndentedString(mode)).append("\n"); + sb.append(" apiDiscoveryScheduledWindow: ").append(toIndentedString(apiDiscoveryScheduledWindow)).append("\n"); + sb.append(" vhosts: ").append(toIndentedString(vhosts)).append("\n"); + sb.append(" endpointURIs: ").append(toIndentedString(endpointURIs)).append("\n"); + sb.append(" additionalProperties: ").append(toIndentedString(additionalProperties)).append("\n"); + sb.append(" permissions: ").append(toIndentedString(permissions)).append("\n"); + sb.append(" status: ").append(toIndentedString(status)).append("\n"); + sb.append(" vhost: ").append(toIndentedString(vhost)).append("\n"); + sb.append(" universalGatewayVersion: ").append(toIndentedString(universalGatewayVersion)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/pom.xml b/all-in-one-apim/modules/integration/tests-common/clients/admin/pom.xml index 8daa2da5b6..55c265ff25 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/pom.xml +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/pom.xml @@ -74,6 +74,55 @@ + + + + org.apache.maven.plugins + maven-resources-plugin + 2.6 + + + apply-admin-json-date-override + process-sources + + copy-resources + + + true + ${project.basedir}/src/gen/java/org/wso2/am/integration/clients/admin + + + ${project.basedir}/openapi-overrides + false + + JSON.java + + + + + + + apply-environment-dto-status-override + process-sources + + copy-resources + + + true + ${project.basedir}/src/gen/java/org/wso2/am/integration/clients/admin/api/dto + + + ${project.basedir}/openapi-overrides/api/dto + false + + EnvironmentDTO.java + + + + + + + org.apache.maven.plugins maven-compiler-plugin diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ApiCallback.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ApiCallback.java index 02e183e077..9bdfe8c675 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ApiCallback.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ApiCallback.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ApiClient.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ApiClient.java index b7dcaae662..2f488b34ff 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ApiClient.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ApiClient.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ApiException.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ApiException.java index 4a365fb3cf..3763f0cedb 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ApiException.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ApiException.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ApiResponse.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ApiResponse.java index 4f8bd12ec3..3620d31ae5 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ApiResponse.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ApiResponse.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/Configuration.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/Configuration.java index 885b0e7911..d2d11cec2e 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/Configuration.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/Configuration.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/GzipRequestInterceptor.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/GzipRequestInterceptor.java index be0e4a0863..c4e81a35c5 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/GzipRequestInterceptor.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/GzipRequestInterceptor.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/JSON.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/JSON.java index d15d9b6b74..f77c78390d 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/JSON.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/JSON.java @@ -1,16 +1,8 @@ /* - * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) - * - * The version of the OpenAPI document: v4 - * Contact: architecture@wso2.com - * - * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). - * https://openapi-generator.tech - * Do not edit the class manually. + * Applied after OpenAPI codegen (see pom.xml). Gson date adapters accept epoch millis (JSON number + * or string) because some Admin API payloads serialize date-time fields that way; stock okhttp-gson + * JSON.java only accepts ISO-8601 strings. */ - - package org.wso2.am.integration.clients.admin; import com.google.gson.Gson; @@ -19,6 +11,7 @@ import com.google.gson.TypeAdapter; import com.google.gson.internal.bind.util.ISO8601Utils; import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonToken; import com.google.gson.stream.JsonWriter; import com.google.gson.JsonElement; import io.gsonfire.GsonFireBuilder; @@ -33,12 +26,26 @@ import java.text.DateFormat; import java.text.ParseException; import java.text.ParsePosition; +import java.util.Collections; import java.util.Date; -import java.util.Locale; -import java.util.Map; import java.util.HashMap; +import java.util.Map; public class JSON { + + private static final Map> CLASS_BY_DISCRIMINATOR_VALUE; + + static { + Map> m = new HashMap>(); + m.put("AdvancedThrottlePolicyInfo", AdvancedThrottlePolicyInfoDTO.class); + m.put("AdvancedThrottlePolicy", AdvancedThrottlePolicyDTO.class); + m.put("ApplicationThrottlePolicy", ApplicationThrottlePolicyDTO.class); + m.put("SubscriptionThrottlePolicy", SubscriptionThrottlePolicyDTO.class); + m.put("CustomRule", CustomRuleDTO.class); + m.put("ThrottlePolicy", ThrottlePolicyDTO.class); + CLASS_BY_DISCRIMINATOR_VALUE = Collections.unmodifiableMap(m); + } + private Gson gson; private boolean isLenientOnJson = false; private DateTypeAdapter dateTypeAdapter = new DateTypeAdapter(); @@ -50,14 +57,7 @@ public static GsonBuilder createGson() { .registerTypeSelector(ThrottlePolicyDTO.class, new TypeSelector() { @Override public Class getClassForElement(JsonElement readElement) { - Map classByDiscriminatorValue = new HashMap(); - classByDiscriminatorValue.put("AdvancedThrottlePolicyInfo", AdvancedThrottlePolicyInfoDTO.class); - classByDiscriminatorValue.put("AdvancedThrottlePolicy", AdvancedThrottlePolicyDTO.class); - classByDiscriminatorValue.put("ApplicationThrottlePolicy", ApplicationThrottlePolicyDTO.class); - classByDiscriminatorValue.put("SubscriptionThrottlePolicy", SubscriptionThrottlePolicyDTO.class); - classByDiscriminatorValue.put("CustomRule", CustomRuleDTO.class); - classByDiscriminatorValue.put("ThrottlePolicy", ThrottlePolicyDTO.class); - return getClassByDiscriminator(classByDiscriminatorValue, + return getClassByDiscriminator(CLASS_BY_DISCRIMINATOR_VALUE, getDiscriminatorValue(readElement, "type")); } }) @@ -145,15 +145,12 @@ public T deserialize(String body, Type returnType) { try { if (isLenientOnJson) { JsonReader jsonReader = new JsonReader(new StringReader(body)); - // see https://google-gson.googlecode.com/svn/trunk/gson/docs/javadocs/com/google/gson/stream/JsonReader.html#setLenient(boolean) jsonReader.setLenient(true); return gson.fromJson(jsonReader, returnType); } else { return gson.fromJson(body, returnType); } } catch (JsonParseException e) { - // Fallback processing when failed to parse JSON form response body: - // return the response body string directly for the String return type; if (returnType.equals(String.class)) { return (T) body; } else { @@ -178,15 +175,22 @@ public void write(JsonWriter out, byte[] value) throws IOException { @Override public byte[] read(JsonReader in) throws IOException { - switch (in.peek()) { - case NULL: - in.nextNull(); - return null; - default: - String bytesAsBase64 = in.nextString(); - ByteString byteString = ByteString.decodeBase64(bytesAsBase64); - return byteString.toByteArray(); + JsonToken token = in.peek(); + if (token == JsonToken.NULL) { + in.nextNull(); + return null; + } + if (token != JsonToken.STRING) { + throw new JsonParseException( + "Expected STRING or NULL for byte[] property, got " + token); + } + String bytesAsBase64 = in.nextString(); + ByteString byteString = ByteString.decodeBase64(bytesAsBase64); + if (byteString == null) { + throw new JsonParseException( + "Invalid base64 content for byte[] property: " + bytesAsBase64); } + return byteString.toByteArray(); } } @@ -230,9 +234,15 @@ public java.sql.Date read(JsonReader in) throws IOException { case NULL: in.nextNull(); return null; + case NUMBER: + return parseSqlDateFromJsonNumber(in); default: String date = in.nextString(); try { + java.sql.Date fromEpoch = parseSqlDateFromEpochString(date); + if (fromEpoch != null) { + return fromEpoch; + } if (dateFormat != null) { return new java.sql.Date(dateFormat.parse(date).getTime()); } @@ -242,6 +252,42 @@ public java.sql.Date read(JsonReader in) throws IOException { } } } + + private java.sql.Date parseSqlDateFromJsonNumber(JsonReader in) throws IOException { + String epochRaw = in.nextString(); + try { + return new java.sql.Date(Long.parseLong(epochRaw)); + } catch (NumberFormatException e) { + try { + double d = Double.parseDouble(epochRaw); + return new java.sql.Date((long) d); + } catch (NumberFormatException e2) { + throw new JsonParseException( + "Cannot parse sql.Date from JSON number: " + epochRaw, e2); + } + } + } + + private java.sql.Date parseSqlDateFromEpochString(String raw) { + if (raw == null) { + return null; + } + String date = raw.trim(); + if (date.isEmpty()) { + return null; + } + if (date.matches("^-?\\d+$")) { + return new java.sql.Date(Long.parseLong(date)); + } + try { + double asDouble = Double.parseDouble(date); + if (!Double.isNaN(asDouble) && !Double.isInfinite(asDouble)) { + return new java.sql.Date((long) asDouble); + } + } catch (NumberFormatException ignored) { + } + return null; + } } /** @@ -284,9 +330,15 @@ public Date read(JsonReader in) throws IOException { case NULL: in.nextNull(); return null; + case NUMBER: + return parseUtilDateFromJsonNumber(in); default: String date = in.nextString(); try { + Date fromEpoch = parseUtilDateFromEpochString(date); + if (fromEpoch != null) { + return fromEpoch; + } if (dateFormat != null) { return dateFormat.parse(date); } @@ -299,6 +351,42 @@ public Date read(JsonReader in) throws IOException { throw new JsonParseException(e); } } + + private Date parseUtilDateFromJsonNumber(JsonReader in) throws IOException { + String epochRaw = in.nextString(); + try { + return new Date(Long.parseLong(epochRaw)); + } catch (NumberFormatException e) { + try { + double d = Double.parseDouble(epochRaw); + return new Date((long) d); + } catch (NumberFormatException e2) { + throw new JsonParseException( + "Cannot parse java.util.Date from JSON number: " + epochRaw, e2); + } + } + } + + private Date parseUtilDateFromEpochString(String raw) { + if (raw == null) { + return null; + } + String date = raw.trim(); + if (date.isEmpty()) { + return null; + } + if (date.matches("^-?\\d+$")) { + return new Date(Long.parseLong(date)); + } + try { + double asDouble = Double.parseDouble(date); + if (!Double.isNaN(asDouble) && !Double.isInfinite(asDouble)) { + return new Date((long) asDouble); + } + } catch (NumberFormatException ignored) { + } + return null; + } } public JSON setDateFormat(DateFormat dateFormat) { diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/Pair.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/Pair.java index 1552300727..0c251674f2 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/Pair.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/Pair.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ProgressRequestBody.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ProgressRequestBody.java index 8aa9c74f89..b1365beb12 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ProgressRequestBody.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ProgressRequestBody.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ProgressResponseBody.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ProgressResponseBody.java index 13e1d44424..3856c713c2 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ProgressResponseBody.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/ProgressResponseBody.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/StringUtil.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/StringUtil.java index 3439d56f1c..1ae3e5cbcd 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/StringUtil.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/StringUtil.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AdvancedPolicyCollectionApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AdvancedPolicyCollectionApi.java index f313a812d3..34e1c4d3bb 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AdvancedPolicyCollectionApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AdvancedPolicyCollectionApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -59,20 +59,17 @@ public void setApiClient(ApiClient apiClient) { /** * Build call for throttlingPoliciesAdvancedGet * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingPoliciesAdvancedGetCall(String accept, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesAdvancedGetCall(String accept, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -85,14 +82,6 @@ public okhttp3.Call throttlingPoliciesAdvancedGetCall(String accept, String ifNo localVarHeaderParams.put("Accept", localVarApiClient.parameterToString(accept)); } - if (ifNoneMatch != null) { - localVarHeaderParams.put("If-None-Match", localVarApiClient.parameterToString(ifNoneMatch)); - } - - if (ifModifiedSince != null) { - localVarHeaderParams.put("If-Modified-Since", localVarApiClient.parameterToString(ifModifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -114,10 +103,10 @@ public okhttp3.Call throttlingPoliciesAdvancedGetCall(String accept, String ifNo } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingPoliciesAdvancedGetValidateBeforeCall(String accept, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingPoliciesAdvancedGetValidateBeforeCall(String accept, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesAdvancedGetCall(accept, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesAdvancedGetCall(accept, _callback); return localVarCall; } @@ -126,20 +115,17 @@ private okhttp3.Call throttlingPoliciesAdvancedGetValidateBeforeCall(String acce * Get all Advanced Throttling Policies * Retrieves all existing advanced throttling policies. * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return AdvancedThrottlePolicyListDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public AdvancedThrottlePolicyListDTO throttlingPoliciesAdvancedGet(String accept, String ifNoneMatch, String ifModifiedSince) throws ApiException { - ApiResponse localVarResp = throttlingPoliciesAdvancedGetWithHttpInfo(accept, ifNoneMatch, ifModifiedSince); + public AdvancedThrottlePolicyListDTO throttlingPoliciesAdvancedGet(String accept) throws ApiException { + ApiResponse localVarResp = throttlingPoliciesAdvancedGetWithHttpInfo(accept); return localVarResp.getData(); } @@ -147,20 +133,17 @@ public AdvancedThrottlePolicyListDTO throttlingPoliciesAdvancedGet(String accept * Get all Advanced Throttling Policies * Retrieves all existing advanced throttling policies. * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return ApiResponse<AdvancedThrottlePolicyListDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public ApiResponse throttlingPoliciesAdvancedGetWithHttpInfo(String accept, String ifNoneMatch, String ifModifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesAdvancedGetValidateBeforeCall(accept, ifNoneMatch, ifModifiedSince, null); + public ApiResponse throttlingPoliciesAdvancedGetWithHttpInfo(String accept) throws ApiException { + okhttp3.Call localVarCall = throttlingPoliciesAdvancedGetValidateBeforeCall(accept, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -169,22 +152,19 @@ public ApiResponse throttlingPoliciesAdvancedGetW * Get all Advanced Throttling Policies (asynchronously) * Retrieves all existing advanced throttling policies. * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingPoliciesAdvancedGetAsync(String accept, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesAdvancedGetAsync(String accept, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesAdvancedGetValidateBeforeCall(accept, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesAdvancedGetValidateBeforeCall(accept, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; @@ -199,7 +179,7 @@ public okhttp3.Call throttlingPoliciesAdvancedGetAsync(String accept, String ifN * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created Advanced Throttling Policy.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created Advanced Throttling Policy.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
@@ -266,7 +246,7 @@ private okhttp3.Call throttlingPoliciesAdvancedPostValidateBeforeCall(String con * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created Advanced Throttling Policy.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created Advanced Throttling Policy.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
@@ -286,7 +266,7 @@ public AdvancedThrottlePolicyDTO throttlingPoliciesAdvancedPost(String contentTy * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created Advanced Throttling Policy.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created Advanced Throttling Policy.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
@@ -308,7 +288,7 @@ public ApiResponse throttlingPoliciesAdvancedPostWith * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created Advanced Throttling Policy.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created Advanced Throttling Policy.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AdvancedPolicyIndividualApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AdvancedPolicyIndividualApi.java index c611941b15..4257784c82 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AdvancedPolicyIndividualApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AdvancedPolicyIndividualApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -58,8 +58,6 @@ public void setApiClient(ApiClient apiClient) { /** * Build call for throttlingPoliciesAdvancedPolicyIdDelete * @param policyId Thorttle policy UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object @@ -68,10 +66,9 @@ public void setApiClient(ApiClient apiClient) { Status Code Description Response Headers 200 OK. Resource successfully deleted. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public okhttp3.Call throttlingPoliciesAdvancedPolicyIdDeleteCall(String policyId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesAdvancedPolicyIdDeleteCall(String policyId, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -81,14 +78,6 @@ public okhttp3.Call throttlingPoliciesAdvancedPolicyIdDeleteCall(String policyId List localVarQueryParams = new ArrayList(); List localVarCollectionQueryParams = new ArrayList(); Map localVarHeaderParams = new HashMap(); - if (ifMatch != null) { - localVarHeaderParams.put("If-Match", localVarApiClient.parameterToString(ifMatch)); - } - - if (ifUnmodifiedSince != null) { - localVarHeaderParams.put("If-Unmodified-Since", localVarApiClient.parameterToString(ifUnmodifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -110,7 +99,7 @@ public okhttp3.Call throttlingPoliciesAdvancedPolicyIdDeleteCall(String policyId } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingPoliciesAdvancedPolicyIdDeleteValidateBeforeCall(String policyId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingPoliciesAdvancedPolicyIdDeleteValidateBeforeCall(String policyId, final ApiCallback _callback) throws ApiException { // verify the required parameter 'policyId' is set if (policyId == null) { @@ -118,7 +107,7 @@ private okhttp3.Call throttlingPoliciesAdvancedPolicyIdDeleteValidateBeforeCall( } - okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdDeleteCall(policyId, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdDeleteCall(policyId, _callback); return localVarCall; } @@ -127,27 +116,22 @@ private okhttp3.Call throttlingPoliciesAdvancedPolicyIdDeleteValidateBeforeCall( * Delete an Advanced Throttling Policy * Deletes an advanced throttling policy. * @param policyId Thorttle policy UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details -
Status Code Description Response Headers
200 OK. Resource successfully deleted. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public void throttlingPoliciesAdvancedPolicyIdDelete(String policyId, String ifMatch, String ifUnmodifiedSince) throws ApiException { - throttlingPoliciesAdvancedPolicyIdDeleteWithHttpInfo(policyId, ifMatch, ifUnmodifiedSince); + public void throttlingPoliciesAdvancedPolicyIdDelete(String policyId) throws ApiException { + throttlingPoliciesAdvancedPolicyIdDeleteWithHttpInfo(policyId); } /** * Delete an Advanced Throttling Policy * Deletes an advanced throttling policy. * @param policyId Thorttle policy UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return ApiResponse<Void> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -155,11 +139,10 @@ public void throttlingPoliciesAdvancedPolicyIdDelete(String policyId, String ifM Status Code Description Response Headers 200 OK. Resource successfully deleted. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public ApiResponse throttlingPoliciesAdvancedPolicyIdDeleteWithHttpInfo(String policyId, String ifMatch, String ifUnmodifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdDeleteValidateBeforeCall(policyId, ifMatch, ifUnmodifiedSince, null); + public ApiResponse throttlingPoliciesAdvancedPolicyIdDeleteWithHttpInfo(String policyId) throws ApiException { + okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdDeleteValidateBeforeCall(policyId, null); return localVarApiClient.execute(localVarCall); } @@ -167,8 +150,6 @@ public ApiResponse throttlingPoliciesAdvancedPolicyIdDeleteWithHttpInfo(St * Delete an Advanced Throttling Policy (asynchronously) * Deletes an advanced throttling policy. * @param policyId Thorttle policy UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object @@ -177,33 +158,29 @@ public ApiResponse throttlingPoliciesAdvancedPolicyIdDeleteWithHttpInfo(St Status Code Description Response Headers 200 OK. Resource successfully deleted. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public okhttp3.Call throttlingPoliciesAdvancedPolicyIdDeleteAsync(String policyId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesAdvancedPolicyIdDeleteAsync(String policyId, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdDeleteValidateBeforeCall(policyId, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdDeleteValidateBeforeCall(policyId, _callback); localVarApiClient.executeAsync(localVarCall, _callback); return localVarCall; } /** * Build call for throttlingPoliciesAdvancedPolicyIdGet * @param policyId Thorttle policy UUID (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policy returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policy returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingPoliciesAdvancedPolicyIdGetCall(String policyId, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesAdvancedPolicyIdGetCall(String policyId, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -213,14 +190,6 @@ public okhttp3.Call throttlingPoliciesAdvancedPolicyIdGetCall(String policyId, S List localVarQueryParams = new ArrayList(); List localVarCollectionQueryParams = new ArrayList(); Map localVarHeaderParams = new HashMap(); - if (ifNoneMatch != null) { - localVarHeaderParams.put("If-None-Match", localVarApiClient.parameterToString(ifNoneMatch)); - } - - if (ifModifiedSince != null) { - localVarHeaderParams.put("If-Modified-Since", localVarApiClient.parameterToString(ifModifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -242,7 +211,7 @@ public okhttp3.Call throttlingPoliciesAdvancedPolicyIdGetCall(String policyId, S } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingPoliciesAdvancedPolicyIdGetValidateBeforeCall(String policyId, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingPoliciesAdvancedPolicyIdGetValidateBeforeCall(String policyId, final ApiCallback _callback) throws ApiException { // verify the required parameter 'policyId' is set if (policyId == null) { @@ -250,7 +219,7 @@ private okhttp3.Call throttlingPoliciesAdvancedPolicyIdGetValidateBeforeCall(Str } - okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdGetCall(policyId, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdGetCall(policyId, _callback); return localVarCall; } @@ -259,21 +228,18 @@ private okhttp3.Call throttlingPoliciesAdvancedPolicyIdGetValidateBeforeCall(Str * Get an Advanced Throttling Policy * Retrieves an advanced throttling policy. * @param policyId Thorttle policy UUID (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return AdvancedThrottlePolicyDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policy returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policy returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public AdvancedThrottlePolicyDTO throttlingPoliciesAdvancedPolicyIdGet(String policyId, String ifNoneMatch, String ifModifiedSince) throws ApiException { - ApiResponse localVarResp = throttlingPoliciesAdvancedPolicyIdGetWithHttpInfo(policyId, ifNoneMatch, ifModifiedSince); + public AdvancedThrottlePolicyDTO throttlingPoliciesAdvancedPolicyIdGet(String policyId) throws ApiException { + ApiResponse localVarResp = throttlingPoliciesAdvancedPolicyIdGetWithHttpInfo(policyId); return localVarResp.getData(); } @@ -281,21 +247,18 @@ public AdvancedThrottlePolicyDTO throttlingPoliciesAdvancedPolicyIdGet(String po * Get an Advanced Throttling Policy * Retrieves an advanced throttling policy. * @param policyId Thorttle policy UUID (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return ApiResponse<AdvancedThrottlePolicyDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policy returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policy returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public ApiResponse throttlingPoliciesAdvancedPolicyIdGetWithHttpInfo(String policyId, String ifNoneMatch, String ifModifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdGetValidateBeforeCall(policyId, ifNoneMatch, ifModifiedSince, null); + public ApiResponse throttlingPoliciesAdvancedPolicyIdGetWithHttpInfo(String policyId) throws ApiException { + okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdGetValidateBeforeCall(policyId, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -304,23 +267,20 @@ public ApiResponse throttlingPoliciesAdvancedPolicyId * Get an Advanced Throttling Policy (asynchronously) * Retrieves an advanced throttling policy. * @param policyId Thorttle policy UUID (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policy returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policy returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingPoliciesAdvancedPolicyIdGetAsync(String policyId, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesAdvancedPolicyIdGetAsync(String policyId, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdGetValidateBeforeCall(policyId, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdGetValidateBeforeCall(policyId, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; @@ -330,21 +290,18 @@ public okhttp3.Call throttlingPoliciesAdvancedPolicyIdGetAsync(String policyId, * @param policyId Thorttle policy UUID (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param advancedThrottlePolicyDTO Policy object that needs to be modified (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - + -
Status Code Description Response Headers
200 OK. Policy updated. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
200 OK. Policy updated. * Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public okhttp3.Call throttlingPoliciesAdvancedPolicyIdPutCall(String policyId, String contentType, AdvancedThrottlePolicyDTO advancedThrottlePolicyDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesAdvancedPolicyIdPutCall(String policyId, String contentType, AdvancedThrottlePolicyDTO advancedThrottlePolicyDTO, final ApiCallback _callback) throws ApiException { Object localVarPostBody = advancedThrottlePolicyDTO; // create path and map variables @@ -358,14 +315,6 @@ public okhttp3.Call throttlingPoliciesAdvancedPolicyIdPutCall(String policyId, S localVarHeaderParams.put("Content-Type", localVarApiClient.parameterToString(contentType)); } - if (ifMatch != null) { - localVarHeaderParams.put("If-Match", localVarApiClient.parameterToString(ifMatch)); - } - - if (ifUnmodifiedSince != null) { - localVarHeaderParams.put("If-Unmodified-Since", localVarApiClient.parameterToString(ifUnmodifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -387,7 +336,7 @@ public okhttp3.Call throttlingPoliciesAdvancedPolicyIdPutCall(String policyId, S } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingPoliciesAdvancedPolicyIdPutValidateBeforeCall(String policyId, String contentType, AdvancedThrottlePolicyDTO advancedThrottlePolicyDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingPoliciesAdvancedPolicyIdPutValidateBeforeCall(String policyId, String contentType, AdvancedThrottlePolicyDTO advancedThrottlePolicyDTO, final ApiCallback _callback) throws ApiException { // verify the required parameter 'policyId' is set if (policyId == null) { @@ -405,7 +354,7 @@ private okhttp3.Call throttlingPoliciesAdvancedPolicyIdPutValidateBeforeCall(Str } - okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdPutCall(policyId, contentType, advancedThrottlePolicyDTO, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdPutCall(policyId, contentType, advancedThrottlePolicyDTO, _callback); return localVarCall; } @@ -416,21 +365,18 @@ private okhttp3.Call throttlingPoliciesAdvancedPolicyIdPutValidateBeforeCall(Str * @param policyId Thorttle policy UUID (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param advancedThrottlePolicyDTO Policy object that needs to be modified (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return AdvancedThrottlePolicyDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - + -
Status Code Description Response Headers
200 OK. Policy updated. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
200 OK. Policy updated. * Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public AdvancedThrottlePolicyDTO throttlingPoliciesAdvancedPolicyIdPut(String policyId, String contentType, AdvancedThrottlePolicyDTO advancedThrottlePolicyDTO, String ifMatch, String ifUnmodifiedSince) throws ApiException { - ApiResponse localVarResp = throttlingPoliciesAdvancedPolicyIdPutWithHttpInfo(policyId, contentType, advancedThrottlePolicyDTO, ifMatch, ifUnmodifiedSince); + public AdvancedThrottlePolicyDTO throttlingPoliciesAdvancedPolicyIdPut(String policyId, String contentType, AdvancedThrottlePolicyDTO advancedThrottlePolicyDTO) throws ApiException { + ApiResponse localVarResp = throttlingPoliciesAdvancedPolicyIdPutWithHttpInfo(policyId, contentType, advancedThrottlePolicyDTO); return localVarResp.getData(); } @@ -440,21 +386,18 @@ public AdvancedThrottlePolicyDTO throttlingPoliciesAdvancedPolicyIdPut(String po * @param policyId Thorttle policy UUID (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param advancedThrottlePolicyDTO Policy object that needs to be modified (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return ApiResponse<AdvancedThrottlePolicyDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - + -
Status Code Description Response Headers
200 OK. Policy updated. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
200 OK. Policy updated. * Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public ApiResponse throttlingPoliciesAdvancedPolicyIdPutWithHttpInfo(String policyId, String contentType, AdvancedThrottlePolicyDTO advancedThrottlePolicyDTO, String ifMatch, String ifUnmodifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdPutValidateBeforeCall(policyId, contentType, advancedThrottlePolicyDTO, ifMatch, ifUnmodifiedSince, null); + public ApiResponse throttlingPoliciesAdvancedPolicyIdPutWithHttpInfo(String policyId, String contentType, AdvancedThrottlePolicyDTO advancedThrottlePolicyDTO) throws ApiException { + okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdPutValidateBeforeCall(policyId, contentType, advancedThrottlePolicyDTO, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -465,23 +408,20 @@ public ApiResponse throttlingPoliciesAdvancedPolicyId * @param policyId Thorttle policy UUID (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param advancedThrottlePolicyDTO Policy object that needs to be modified (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - + -
Status Code Description Response Headers
200 OK. Policy updated. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
200 OK. Policy updated. * Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public okhttp3.Call throttlingPoliciesAdvancedPolicyIdPutAsync(String policyId, String contentType, AdvancedThrottlePolicyDTO advancedThrottlePolicyDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesAdvancedPolicyIdPutAsync(String policyId, String contentType, AdvancedThrottlePolicyDTO advancedThrottlePolicyDTO, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdPutValidateBeforeCall(policyId, contentType, advancedThrottlePolicyDTO, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesAdvancedPolicyIdPutValidateBeforeCall(policyId, contentType, advancedThrottlePolicyDTO, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AiServiceProviderApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AiServiceProviderApi.java index ef2c0f96af..2edcfbc85e 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AiServiceProviderApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AiServiceProviderApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AiServiceProvidersApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AiServiceProvidersApi.java index f0183fcba3..5526b2c02e 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AiServiceProvidersApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AiServiceProvidersApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AlertSubscriptionsApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AlertSubscriptionsApi.java index 4b99d89852..57ca5c8273 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AlertSubscriptionsApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AlertSubscriptionsApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AlertsApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AlertsApi.java index 936a802363..7b47ea6f18 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AlertsApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/AlertsApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApIsApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApIsApi.java index 0f3154f745..5a65a0aa27 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApIsApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApIsApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -60,7 +60,7 @@ public void setApiClient(ApiClient apiClient) { * @param limit Maximum size of resource array to return. (optional, default to 25) * @param offset Starting point within the complete list of items qualified. (optional, default to 0) * @param query **Search and get all apis in admin portal**. You can search by proving a keyword. (optional) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) + * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource. (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object @@ -132,7 +132,7 @@ private okhttp3.Call getAllAPIsValidateBeforeCall(Integer limit, Integer offset, * @param limit Maximum size of resource array to return. (optional, default to 25) * @param offset Starting point within the complete list of items qualified. (optional, default to 0) * @param query **Search and get all apis in admin portal**. You can search by proving a keyword. (optional) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) + * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource. (optional) * @return SearchResultListDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -154,7 +154,7 @@ public SearchResultListDTO getAllAPIs(Integer limit, Integer offset, String quer * @param limit Maximum size of resource array to return. (optional, default to 25) * @param offset Starting point within the complete list of items qualified. (optional, default to 0) * @param query **Search and get all apis in admin portal**. You can search by proving a keyword. (optional) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) + * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource. (optional) * @return ApiResponse<SearchResultListDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -177,7 +177,7 @@ public ApiResponse getAllAPIsWithHttpInfo(Integer limit, In * @param limit Maximum size of resource array to return. (optional, default to 25) * @param offset Starting point within the complete list of items qualified. (optional, default to 0) * @param query **Search and get all apis in admin portal**. You can search by proving a keyword. (optional) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) + * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource. (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiCategoryCollectionApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiCategoryCollectionApi.java index 4d79cf6ed4..4897b2da92 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiCategoryCollectionApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiCategoryCollectionApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiCategoryIndividualApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiCategoryIndividualApi.java index 0e10c13b36..dbd8f3ca8b 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiCategoryIndividualApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiCategoryIndividualApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -58,8 +58,6 @@ public void setApiClient(ApiClient apiClient) { /** * Build call for apiCategoriesApiCategoryIdDelete * @param apiCategoryId API Category UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object @@ -70,7 +68,7 @@ public void setApiClient(ApiClient apiClient) { 404 Not Found. The specified resource does not exist. - */ - public okhttp3.Call apiCategoriesApiCategoryIdDeleteCall(String apiCategoryId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call apiCategoriesApiCategoryIdDeleteCall(String apiCategoryId, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -80,14 +78,6 @@ public okhttp3.Call apiCategoriesApiCategoryIdDeleteCall(String apiCategoryId, S List localVarQueryParams = new ArrayList(); List localVarCollectionQueryParams = new ArrayList(); Map localVarHeaderParams = new HashMap(); - if (ifMatch != null) { - localVarHeaderParams.put("If-Match", localVarApiClient.parameterToString(ifMatch)); - } - - if (ifUnmodifiedSince != null) { - localVarHeaderParams.put("If-Unmodified-Since", localVarApiClient.parameterToString(ifUnmodifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -109,7 +99,7 @@ public okhttp3.Call apiCategoriesApiCategoryIdDeleteCall(String apiCategoryId, S } @SuppressWarnings("rawtypes") - private okhttp3.Call apiCategoriesApiCategoryIdDeleteValidateBeforeCall(String apiCategoryId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call apiCategoriesApiCategoryIdDeleteValidateBeforeCall(String apiCategoryId, final ApiCallback _callback) throws ApiException { // verify the required parameter 'apiCategoryId' is set if (apiCategoryId == null) { @@ -117,7 +107,7 @@ private okhttp3.Call apiCategoriesApiCategoryIdDeleteValidateBeforeCall(String a } - okhttp3.Call localVarCall = apiCategoriesApiCategoryIdDeleteCall(apiCategoryId, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = apiCategoriesApiCategoryIdDeleteCall(apiCategoryId, _callback); return localVarCall; } @@ -126,8 +116,6 @@ private okhttp3.Call apiCategoriesApiCategoryIdDeleteValidateBeforeCall(String a * Delete an API Category * Delete an API Category by API Category Id * @param apiCategoryId API Category UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -136,16 +124,14 @@ private okhttp3.Call apiCategoriesApiCategoryIdDeleteValidateBeforeCall(String a
404 Not Found. The specified resource does not exist. -
*/ - public void apiCategoriesApiCategoryIdDelete(String apiCategoryId, String ifMatch, String ifUnmodifiedSince) throws ApiException { - apiCategoriesApiCategoryIdDeleteWithHttpInfo(apiCategoryId, ifMatch, ifUnmodifiedSince); + public void apiCategoriesApiCategoryIdDelete(String apiCategoryId) throws ApiException { + apiCategoriesApiCategoryIdDeleteWithHttpInfo(apiCategoryId); } /** * Delete an API Category * Delete an API Category by API Category Id * @param apiCategoryId API Category UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return ApiResponse<Void> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -155,8 +141,8 @@ public void apiCategoriesApiCategoryIdDelete(String apiCategoryId, String ifMatc 404 Not Found. The specified resource does not exist. - */ - public ApiResponse apiCategoriesApiCategoryIdDeleteWithHttpInfo(String apiCategoryId, String ifMatch, String ifUnmodifiedSince) throws ApiException { - okhttp3.Call localVarCall = apiCategoriesApiCategoryIdDeleteValidateBeforeCall(apiCategoryId, ifMatch, ifUnmodifiedSince, null); + public ApiResponse apiCategoriesApiCategoryIdDeleteWithHttpInfo(String apiCategoryId) throws ApiException { + okhttp3.Call localVarCall = apiCategoriesApiCategoryIdDeleteValidateBeforeCall(apiCategoryId, null); return localVarApiClient.execute(localVarCall); } @@ -164,8 +150,6 @@ public ApiResponse apiCategoriesApiCategoryIdDeleteWithHttpInfo(String api * Delete an API Category (asynchronously) * Delete an API Category by API Category Id * @param apiCategoryId API Category UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object @@ -176,9 +160,9 @@ public ApiResponse apiCategoriesApiCategoryIdDeleteWithHttpInfo(String api 404 Not Found. The specified resource does not exist. - */ - public okhttp3.Call apiCategoriesApiCategoryIdDeleteAsync(String apiCategoryId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call apiCategoriesApiCategoryIdDeleteAsync(String apiCategoryId, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = apiCategoriesApiCategoryIdDeleteValidateBeforeCall(apiCategoryId, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = apiCategoriesApiCategoryIdDeleteValidateBeforeCall(apiCategoryId, _callback); localVarApiClient.executeAsync(localVarCall, _callback); return localVarCall; } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiIndividualApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiIndividualApi.java deleted file mode 100644 index 0a122df208..0000000000 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiIndividualApi.java +++ /dev/null @@ -1,359 +0,0 @@ -/* - * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) - * - * The version of the OpenAPI document: v4 - * Contact: architecture@wso2.com - * - * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). - * https://openapi-generator.tech - * Do not edit the class manually. - */ - - -package org.wso2.am.integration.clients.admin.api; - -import org.wso2.am.integration.clients.admin.ApiCallback; -import org.wso2.am.integration.clients.admin.ApiClient; -import org.wso2.am.integration.clients.admin.ApiException; -import org.wso2.am.integration.clients.admin.ApiResponse; -import org.wso2.am.integration.clients.admin.Configuration; -import org.wso2.am.integration.clients.admin.Pair; -import org.wso2.am.integration.clients.admin.ProgressRequestBody; -import org.wso2.am.integration.clients.admin.ProgressResponseBody; - -import com.google.gson.reflect.TypeToken; - -import java.io.IOException; - - -import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; -import java.io.File; - -import java.lang.reflect.Type; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -public class ApiIndividualApi { - private ApiClient localVarApiClient; - - public ApiIndividualApi() { - this(Configuration.getDefaultApiClient()); - } - - public ApiIndividualApi(ApiClient apiClient) { - this.localVarApiClient = apiClient; - } - - public ApiClient getApiClient() { - return localVarApiClient; - } - - public void setApiClient(ApiClient apiClient) { - this.localVarApiClient = apiClient; - } - - /** - * Build call for exportApiGet - * @param name API Name (required) - * @param version Version of the API (required) - * @param providerName Provider name of the API (optional) - * @param format Format of output documents. Can be YAML or JSON. (optional) - * @param preserveStatus Preserve API Status on export (optional) - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - - - -
Status Code Description Response Headers
200 OK. Export Successful. * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
500 Internal Server Error. -
- */ - public okhttp3.Call exportApiGetCall(String name, String version, String providerName, String format, Boolean preserveStatus, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = null; - - // create path and map variables - String localVarPath = "/export/api"; - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - if (name != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("name", name)); - } - - if (version != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("version", version)); - } - - if (providerName != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("providerName", providerName)); - } - - if (format != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("format", format)); - } - - if (preserveStatus != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("preserveStatus", preserveStatus)); - } - - Map localVarHeaderParams = new HashMap(); - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - final String[] localVarAccepts = { - "application/zip", "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call exportApiGetValidateBeforeCall(String name, String version, String providerName, String format, Boolean preserveStatus, final ApiCallback _callback) throws ApiException { - - // verify the required parameter 'name' is set - if (name == null) { - throw new ApiException("Missing the required parameter 'name' when calling exportApiGet(Async)"); - } - - // verify the required parameter 'version' is set - if (version == null) { - throw new ApiException("Missing the required parameter 'version' when calling exportApiGet(Async)"); - } - - - okhttp3.Call localVarCall = exportApiGetCall(name, version, providerName, format, preserveStatus, _callback); - return localVarCall; - - } - - /** - * Export an API - * This operation can be used to export the details of a particular API as a zip file. - * @param name API Name (required) - * @param version Version of the API (required) - * @param providerName Provider name of the API (optional) - * @param format Format of output documents. Can be YAML or JSON. (optional) - * @param preserveStatus Preserve API Status on export (optional) - * @return File - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - -
Status Code Description Response Headers
200 OK. Export Successful. * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
500 Internal Server Error. -
- */ - public File exportApiGet(String name, String version, String providerName, String format, Boolean preserveStatus) throws ApiException { - ApiResponse localVarResp = exportApiGetWithHttpInfo(name, version, providerName, format, preserveStatus); - return localVarResp.getData(); - } - - /** - * Export an API - * This operation can be used to export the details of a particular API as a zip file. - * @param name API Name (required) - * @param version Version of the API (required) - * @param providerName Provider name of the API (optional) - * @param format Format of output documents. Can be YAML or JSON. (optional) - * @param preserveStatus Preserve API Status on export (optional) - * @return ApiResponse<File> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - -
Status Code Description Response Headers
200 OK. Export Successful. * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
500 Internal Server Error. -
- */ - public ApiResponse exportApiGetWithHttpInfo(String name, String version, String providerName, String format, Boolean preserveStatus) throws ApiException { - okhttp3.Call localVarCall = exportApiGetValidateBeforeCall(name, version, providerName, format, preserveStatus, null); - Type localVarReturnType = new TypeToken(){}.getType(); - return localVarApiClient.execute(localVarCall, localVarReturnType); - } - - /** - * Export an API (asynchronously) - * This operation can be used to export the details of a particular API as a zip file. - * @param name API Name (required) - * @param version Version of the API (required) - * @param providerName Provider name of the API (optional) - * @param format Format of output documents. Can be YAML or JSON. (optional) - * @param preserveStatus Preserve API Status on export (optional) - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - - - -
Status Code Description Response Headers
200 OK. Export Successful. * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
500 Internal Server Error. -
- */ - public okhttp3.Call exportApiGetAsync(String name, String version, String providerName, String format, Boolean preserveStatus, final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = exportApiGetValidateBeforeCall(name, version, providerName, format, preserveStatus, _callback); - Type localVarReturnType = new TypeToken(){}.getType(); - localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); - return localVarCall; - } - /** - * Build call for importApiPost - * @param file Zip archive consisting on exported api configuration (required) - * @param preserveProvider Preserve Original Provider of the API. This is the user choice to keep or replace the API provider. (optional) - * @param overwrite Whether to update the API or not. This is used when updating already existing APIs. (optional) - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - - - - - -
Status Code Description Response Headers
200 Created. API Imported Successfully. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Specified resource already exists. -
500 Internal Server Error. -
- */ - public okhttp3.Call importApiPostCall(File file, Boolean preserveProvider, Boolean overwrite, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = null; - - // create path and map variables - String localVarPath = "/import/api"; - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - if (preserveProvider != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("preserveProvider", preserveProvider)); - } - - if (overwrite != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("overwrite", overwrite)); - } - - Map localVarHeaderParams = new HashMap(); - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - if (file != null) { - localVarFormParams.put("file", file); - } - - final String[] localVarAccepts = { - "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - "multipart/form-data" - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call importApiPostValidateBeforeCall(File file, Boolean preserveProvider, Boolean overwrite, final ApiCallback _callback) throws ApiException { - - // verify the required parameter 'file' is set - if (file == null) { - throw new ApiException("Missing the required parameter 'file' when calling importApiPost(Async)"); - } - - - okhttp3.Call localVarCall = importApiPostCall(file, preserveProvider, overwrite, _callback); - return localVarCall; - - } - - /** - * Import an API - * This operation can be used to import an API. - * @param file Zip archive consisting on exported api configuration (required) - * @param preserveProvider Preserve Original Provider of the API. This is the user choice to keep or replace the API provider. (optional) - * @param overwrite Whether to update the API or not. This is used when updating already existing APIs. (optional) - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - - - -
Status Code Description Response Headers
200 Created. API Imported Successfully. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Specified resource already exists. -
500 Internal Server Error. -
- */ - public void importApiPost(File file, Boolean preserveProvider, Boolean overwrite) throws ApiException { - importApiPostWithHttpInfo(file, preserveProvider, overwrite); - } - - /** - * Import an API - * This operation can be used to import an API. - * @param file Zip archive consisting on exported api configuration (required) - * @param preserveProvider Preserve Original Provider of the API. This is the user choice to keep or replace the API provider. (optional) - * @param overwrite Whether to update the API or not. This is used when updating already existing APIs. (optional) - * @return ApiResponse<Void> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - - - -
Status Code Description Response Headers
200 Created. API Imported Successfully. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Specified resource already exists. -
500 Internal Server Error. -
- */ - public ApiResponse importApiPostWithHttpInfo(File file, Boolean preserveProvider, Boolean overwrite) throws ApiException { - okhttp3.Call localVarCall = importApiPostValidateBeforeCall(file, preserveProvider, overwrite, null); - return localVarApiClient.execute(localVarCall); - } - - /** - * Import an API (asynchronously) - * This operation can be used to import an API. - * @param file Zip archive consisting on exported api configuration (required) - * @param preserveProvider Preserve Original Provider of the API. This is the user choice to keep or replace the API provider. (optional) - * @param overwrite Whether to update the API or not. This is used when updating already existing APIs. (optional) - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - - - - - -
Status Code Description Response Headers
200 Created. API Imported Successfully. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Specified resource already exists. -
500 Internal Server Error. -
- */ - public okhttp3.Call importApiPostAsync(File file, Boolean preserveProvider, Boolean overwrite, final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = importApiPostValidateBeforeCall(file, preserveProvider, overwrite, _callback); - localVarApiClient.executeAsync(localVarCall, _callback); - return localVarCall; - } -} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiKeysApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiKeysApi.java new file mode 100644 index 0000000000..5ba62c22b9 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiKeysApi.java @@ -0,0 +1,286 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api; + +import org.wso2.am.integration.clients.admin.ApiCallback; +import org.wso2.am.integration.clients.admin.ApiClient; +import org.wso2.am.integration.clients.admin.ApiException; +import org.wso2.am.integration.clients.admin.ApiResponse; +import org.wso2.am.integration.clients.admin.Configuration; +import org.wso2.am.integration.clients.admin.Pair; +import org.wso2.am.integration.clients.admin.ProgressRequestBody; +import org.wso2.am.integration.clients.admin.ProgressResponseBody; + +import com.google.gson.reflect.TypeToken; + +import java.io.IOException; + + +import org.wso2.am.integration.clients.admin.api.dto.APIKeyListDTO; +import org.wso2.am.integration.clients.admin.api.dto.APIKeyRevokeRequestDTO; +import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; + +import java.lang.reflect.Type; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class ApiKeysApi { + private ApiClient localVarApiClient; + + public ApiKeysApi() { + this(Configuration.getDefaultApiClient()); + } + + public ApiKeysApi(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + public ApiClient getApiClient() { + return localVarApiClient; + } + + public void setApiClient(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + /** + * Build call for getAllAPIKeys + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + + +
Status Code Description Response Headers
200 OK. API keys returned. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
+ */ + public okhttp3.Call getAllAPIKeysCall(final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/api-keys"; + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call getAllAPIKeysValidateBeforeCall(final ApiCallback _callback) throws ApiException { + + + okhttp3.Call localVarCall = getAllAPIKeysCall(_callback); + return localVarCall; + + } + + /** + * Get all API Keys + * Retrieve all API Keys. + * @return APIKeyListDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + +
Status Code Description Response Headers
200 OK. API keys returned. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
+ */ + public APIKeyListDTO getAllAPIKeys() throws ApiException { + ApiResponse localVarResp = getAllAPIKeysWithHttpInfo(); + return localVarResp.getData(); + } + + /** + * Get all API Keys + * Retrieve all API Keys. + * @return ApiResponse<APIKeyListDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + +
Status Code Description Response Headers
200 OK. API keys returned. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
+ */ + public ApiResponse getAllAPIKeysWithHttpInfo() throws ApiException { + okhttp3.Call localVarCall = getAllAPIKeysValidateBeforeCall(null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Get all API Keys (asynchronously) + * Retrieve all API Keys. + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + + +
Status Code Description Response Headers
200 OK. API keys returned. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
+ */ + public okhttp3.Call getAllAPIKeysAsync(final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = getAllAPIKeysValidateBeforeCall(_callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } + /** + * Build call for revokeAPIKeyFromAdmin + * @param apIKeyRevokeRequestDTO API key revoke object (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Api key revoked successfully. -
400 Bad Request. Invalid request or validation error. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
+ */ + public okhttp3.Call revokeAPIKeyFromAdminCall(APIKeyRevokeRequestDTO apIKeyRevokeRequestDTO, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = apIKeyRevokeRequestDTO; + + // create path and map variables + String localVarPath = "/api-keys/revoke"; + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + "application/json" + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call revokeAPIKeyFromAdminValidateBeforeCall(APIKeyRevokeRequestDTO apIKeyRevokeRequestDTO, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'apIKeyRevokeRequestDTO' is set + if (apIKeyRevokeRequestDTO == null) { + throw new ApiException("Missing the required parameter 'apIKeyRevokeRequestDTO' when calling revokeAPIKeyFromAdmin(Async)"); + } + + + okhttp3.Call localVarCall = revokeAPIKeyFromAdminCall(apIKeyRevokeRequestDTO, _callback); + return localVarCall; + + } + + /** + * Revoke an API Key + * Revoke an API Key for the API + * @param apIKeyRevokeRequestDTO API key revoke object (required) + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Api key revoked successfully. -
400 Bad Request. Invalid request or validation error. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
+ */ + public void revokeAPIKeyFromAdmin(APIKeyRevokeRequestDTO apIKeyRevokeRequestDTO) throws ApiException { + revokeAPIKeyFromAdminWithHttpInfo(apIKeyRevokeRequestDTO); + } + + /** + * Revoke an API Key + * Revoke an API Key for the API + * @param apIKeyRevokeRequestDTO API key revoke object (required) + * @return ApiResponse<Void> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Api key revoked successfully. -
400 Bad Request. Invalid request or validation error. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
+ */ + public ApiResponse revokeAPIKeyFromAdminWithHttpInfo(APIKeyRevokeRequestDTO apIKeyRevokeRequestDTO) throws ApiException { + okhttp3.Call localVarCall = revokeAPIKeyFromAdminValidateBeforeCall(apIKeyRevokeRequestDTO, null); + return localVarApiClient.execute(localVarCall); + } + + /** + * Revoke an API Key (asynchronously) + * Revoke an API Key for the API + * @param apIKeyRevokeRequestDTO API key revoke object (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Api key revoked successfully. -
400 Bad Request. Invalid request or validation error. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
+ */ + public okhttp3.Call revokeAPIKeyFromAdminAsync(APIKeyRevokeRequestDTO apIKeyRevokeRequestDTO, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = revokeAPIKeyFromAdminValidateBeforeCall(apIKeyRevokeRequestDTO, _callback); + localVarApiClient.executeAsync(localVarCall, _callback); + return localVarCall; + } +} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiProductIndividualApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiProductIndividualApi.java deleted file mode 100644 index 7a4809dc3b..0000000000 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiProductIndividualApi.java +++ /dev/null @@ -1,375 +0,0 @@ -/* - * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) - * - * The version of the OpenAPI document: v4 - * Contact: architecture@wso2.com - * - * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). - * https://openapi-generator.tech - * Do not edit the class manually. - */ - - -package org.wso2.am.integration.clients.admin.api; - -import org.wso2.am.integration.clients.admin.ApiCallback; -import org.wso2.am.integration.clients.admin.ApiClient; -import org.wso2.am.integration.clients.admin.ApiException; -import org.wso2.am.integration.clients.admin.ApiResponse; -import org.wso2.am.integration.clients.admin.Configuration; -import org.wso2.am.integration.clients.admin.Pair; -import org.wso2.am.integration.clients.admin.ProgressRequestBody; -import org.wso2.am.integration.clients.admin.ProgressResponseBody; - -import com.google.gson.reflect.TypeToken; - -import java.io.IOException; - - -import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; -import java.io.File; - -import java.lang.reflect.Type; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -public class ApiProductIndividualApi { - private ApiClient localVarApiClient; - - public ApiProductIndividualApi() { - this(Configuration.getDefaultApiClient()); - } - - public ApiProductIndividualApi(ApiClient apiClient) { - this.localVarApiClient = apiClient; - } - - public ApiClient getApiClient() { - return localVarApiClient; - } - - public void setApiClient(ApiClient apiClient) { - this.localVarApiClient = apiClient; - } - - /** - * Build call for exportApiProductGet - * @param name API Product Name (required) - * @param version Version of the API Product (required) - * @param providerName Provider name of the API Product (optional) - * @param format Format of output documents. Can be YAML or JSON. (optional) - * @param preserveStatus Preserve API Product Status on export (optional) - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - - - -
Status Code Description Response Headers
200 OK. Export Successful. * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
500 Internal Server Error. -
- */ - public okhttp3.Call exportApiProductGetCall(String name, String version, String providerName, String format, Boolean preserveStatus, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = null; - - // create path and map variables - String localVarPath = "/export/api-product"; - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - if (name != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("name", name)); - } - - if (version != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("version", version)); - } - - if (providerName != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("providerName", providerName)); - } - - if (format != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("format", format)); - } - - if (preserveStatus != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("preserveStatus", preserveStatus)); - } - - Map localVarHeaderParams = new HashMap(); - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - final String[] localVarAccepts = { - "application/zip", "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call exportApiProductGetValidateBeforeCall(String name, String version, String providerName, String format, Boolean preserveStatus, final ApiCallback _callback) throws ApiException { - - // verify the required parameter 'name' is set - if (name == null) { - throw new ApiException("Missing the required parameter 'name' when calling exportApiProductGet(Async)"); - } - - // verify the required parameter 'version' is set - if (version == null) { - throw new ApiException("Missing the required parameter 'version' when calling exportApiProductGet(Async)"); - } - - - okhttp3.Call localVarCall = exportApiProductGetCall(name, version, providerName, format, preserveStatus, _callback); - return localVarCall; - - } - - /** - * Export an API Product - * This operation can be used to export the details of a particular API Product as a zip file. - * @param name API Product Name (required) - * @param version Version of the API Product (required) - * @param providerName Provider name of the API Product (optional) - * @param format Format of output documents. Can be YAML or JSON. (optional) - * @param preserveStatus Preserve API Product Status on export (optional) - * @return File - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - -
Status Code Description Response Headers
200 OK. Export Successful. * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
500 Internal Server Error. -
- */ - public File exportApiProductGet(String name, String version, String providerName, String format, Boolean preserveStatus) throws ApiException { - ApiResponse localVarResp = exportApiProductGetWithHttpInfo(name, version, providerName, format, preserveStatus); - return localVarResp.getData(); - } - - /** - * Export an API Product - * This operation can be used to export the details of a particular API Product as a zip file. - * @param name API Product Name (required) - * @param version Version of the API Product (required) - * @param providerName Provider name of the API Product (optional) - * @param format Format of output documents. Can be YAML or JSON. (optional) - * @param preserveStatus Preserve API Product Status on export (optional) - * @return ApiResponse<File> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - -
Status Code Description Response Headers
200 OK. Export Successful. * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
500 Internal Server Error. -
- */ - public ApiResponse exportApiProductGetWithHttpInfo(String name, String version, String providerName, String format, Boolean preserveStatus) throws ApiException { - okhttp3.Call localVarCall = exportApiProductGetValidateBeforeCall(name, version, providerName, format, preserveStatus, null); - Type localVarReturnType = new TypeToken(){}.getType(); - return localVarApiClient.execute(localVarCall, localVarReturnType); - } - - /** - * Export an API Product (asynchronously) - * This operation can be used to export the details of a particular API Product as a zip file. - * @param name API Product Name (required) - * @param version Version of the API Product (required) - * @param providerName Provider name of the API Product (optional) - * @param format Format of output documents. Can be YAML or JSON. (optional) - * @param preserveStatus Preserve API Product Status on export (optional) - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - - - -
Status Code Description Response Headers
200 OK. Export Successful. * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
500 Internal Server Error. -
- */ - public okhttp3.Call exportApiProductGetAsync(String name, String version, String providerName, String format, Boolean preserveStatus, final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = exportApiProductGetValidateBeforeCall(name, version, providerName, format, preserveStatus, _callback); - Type localVarReturnType = new TypeToken(){}.getType(); - localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); - return localVarCall; - } - /** - * Build call for importApiProductPost - * @param file Zip archive consisting on exported API Product configuration (required) - * @param preserveProvider Preserve Original Provider of the API Product. This is the user choice to keep or replace the API Product provider. (optional) - * @param importAPIs Whether to import the dependent APIs or not. (optional) - * @param overwriteAPIProduct Whether to update the API Product or not. This is used when updating already existing API Products. (optional) - * @param overwriteAPIs Whether to update the dependent APIs or not. This is used when updating already existing dependent APIs of an API Product. (optional) - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - - - - - -
Status Code Description Response Headers
200 Created. API Product Imported Successfully. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Specified resource already exists. -
500 Internal Server Error. -
- */ - public okhttp3.Call importApiProductPostCall(File file, Boolean preserveProvider, Boolean importAPIs, Boolean overwriteAPIProduct, Boolean overwriteAPIs, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = null; - - // create path and map variables - String localVarPath = "/import/api-product"; - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - if (preserveProvider != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("preserveProvider", preserveProvider)); - } - - if (importAPIs != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("importAPIs", importAPIs)); - } - - if (overwriteAPIProduct != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("overwriteAPIProduct", overwriteAPIProduct)); - } - - if (overwriteAPIs != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("overwriteAPIs", overwriteAPIs)); - } - - Map localVarHeaderParams = new HashMap(); - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - if (file != null) { - localVarFormParams.put("file", file); - } - - final String[] localVarAccepts = { - "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - "multipart/form-data" - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call importApiProductPostValidateBeforeCall(File file, Boolean preserveProvider, Boolean importAPIs, Boolean overwriteAPIProduct, Boolean overwriteAPIs, final ApiCallback _callback) throws ApiException { - - // verify the required parameter 'file' is set - if (file == null) { - throw new ApiException("Missing the required parameter 'file' when calling importApiProductPost(Async)"); - } - - - okhttp3.Call localVarCall = importApiProductPostCall(file, preserveProvider, importAPIs, overwriteAPIProduct, overwriteAPIs, _callback); - return localVarCall; - - } - - /** - * Import an API Product - * This operation can be used to import an API Product. - * @param file Zip archive consisting on exported API Product configuration (required) - * @param preserveProvider Preserve Original Provider of the API Product. This is the user choice to keep or replace the API Product provider. (optional) - * @param importAPIs Whether to import the dependent APIs or not. (optional) - * @param overwriteAPIProduct Whether to update the API Product or not. This is used when updating already existing API Products. (optional) - * @param overwriteAPIs Whether to update the dependent APIs or not. This is used when updating already existing dependent APIs of an API Product. (optional) - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - - - -
Status Code Description Response Headers
200 Created. API Product Imported Successfully. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Specified resource already exists. -
500 Internal Server Error. -
- */ - public void importApiProductPost(File file, Boolean preserveProvider, Boolean importAPIs, Boolean overwriteAPIProduct, Boolean overwriteAPIs) throws ApiException { - importApiProductPostWithHttpInfo(file, preserveProvider, importAPIs, overwriteAPIProduct, overwriteAPIs); - } - - /** - * Import an API Product - * This operation can be used to import an API Product. - * @param file Zip archive consisting on exported API Product configuration (required) - * @param preserveProvider Preserve Original Provider of the API Product. This is the user choice to keep or replace the API Product provider. (optional) - * @param importAPIs Whether to import the dependent APIs or not. (optional) - * @param overwriteAPIProduct Whether to update the API Product or not. This is used when updating already existing API Products. (optional) - * @param overwriteAPIs Whether to update the dependent APIs or not. This is used when updating already existing dependent APIs of an API Product. (optional) - * @return ApiResponse<Void> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - - - -
Status Code Description Response Headers
200 Created. API Product Imported Successfully. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Specified resource already exists. -
500 Internal Server Error. -
- */ - public ApiResponse importApiProductPostWithHttpInfo(File file, Boolean preserveProvider, Boolean importAPIs, Boolean overwriteAPIProduct, Boolean overwriteAPIs) throws ApiException { - okhttp3.Call localVarCall = importApiProductPostValidateBeforeCall(file, preserveProvider, importAPIs, overwriteAPIProduct, overwriteAPIs, null); - return localVarApiClient.execute(localVarCall); - } - - /** - * Import an API Product (asynchronously) - * This operation can be used to import an API Product. - * @param file Zip archive consisting on exported API Product configuration (required) - * @param preserveProvider Preserve Original Provider of the API Product. This is the user choice to keep or replace the API Product provider. (optional) - * @param importAPIs Whether to import the dependent APIs or not. (optional) - * @param overwriteAPIProduct Whether to update the API Product or not. This is used when updating already existing API Products. (optional) - * @param overwriteAPIs Whether to update the dependent APIs or not. This is used when updating already existing dependent APIs of an API Product. (optional) - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - - - - - -
Status Code Description Response Headers
200 Created. API Product Imported Successfully. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Specified resource already exists. -
500 Internal Server Error. -
- */ - public okhttp3.Call importApiProductPostAsync(File file, Boolean preserveProvider, Boolean importAPIs, Boolean overwriteAPIProduct, Boolean overwriteAPIs, final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = importApiProductPostValidateBeforeCall(file, preserveProvider, importAPIs, overwriteAPIProduct, overwriteAPIs, _callback); - localVarApiClient.executeAsync(localVarCall, _callback); - return localVarCall; - } -} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiProviderChangeApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiProviderChangeApi.java index 2d1f39f94f..afadff6f00 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiProviderChangeApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApiProviderChangeApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationApi.java index 34d930cf02..2b2f25aeb6 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -27,6 +27,8 @@ import java.io.IOException; +import org.wso2.am.integration.clients.admin.api.dto.ApplicationDTO; +import org.wso2.am.integration.clients.admin.api.dto.ApplicationUpdateRequestDTO; import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; import java.lang.reflect.Type; @@ -67,9 +69,10 @@ public void setApiClient(ApiClient apiClient) { 200 OK. Application owner changed successfully. - 400 Bad Request. Invalid request or validation error. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - + * @deprecated */ + @Deprecated public okhttp3.Call applicationsApplicationIdChangeOwnerPostCall(String owner, String applicationId, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; @@ -104,6 +107,7 @@ public okhttp3.Call applicationsApplicationIdChangeOwnerPostCall(String owner, S return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); } + @Deprecated @SuppressWarnings("rawtypes") private okhttp3.Call applicationsApplicationIdChangeOwnerPostValidateBeforeCall(String owner, String applicationId, final ApiCallback _callback) throws ApiException { @@ -125,7 +129,7 @@ private okhttp3.Call applicationsApplicationIdChangeOwnerPostValidateBeforeCall( /** * Change Application Owner - * This operation is used to change the owner of an Application. In order to change the owner of an application, we need to pass the new application owner as a query parameter + * **Deprecated.** This API will be removed in a future release. Use `/applications/{applicationId}/change-settings` instead. This operation is used to change the owner of an Application. In order to change the owner of an application, we need to pass the new application owner as a query parameter * @param owner (required) * @param applicationId Application UUID (required) * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body @@ -135,16 +139,17 @@ private okhttp3.Call applicationsApplicationIdChangeOwnerPostValidateBeforeCall( 200 OK. Application owner changed successfully. - 400 Bad Request. Invalid request or validation error. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - + * @deprecated */ + @Deprecated public void applicationsApplicationIdChangeOwnerPost(String owner, String applicationId) throws ApiException { applicationsApplicationIdChangeOwnerPostWithHttpInfo(owner, applicationId); } /** * Change Application Owner - * This operation is used to change the owner of an Application. In order to change the owner of an application, we need to pass the new application owner as a query parameter + * **Deprecated.** This API will be removed in a future release. Use `/applications/{applicationId}/change-settings` instead. This operation is used to change the owner of an Application. In order to change the owner of an application, we need to pass the new application owner as a query parameter * @param owner (required) * @param applicationId Application UUID (required) * @return ApiResponse<Void> @@ -155,9 +160,10 @@ public void applicationsApplicationIdChangeOwnerPost(String owner, String applic 200 OK. Application owner changed successfully. - 400 Bad Request. Invalid request or validation error. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - + * @deprecated */ + @Deprecated public ApiResponse applicationsApplicationIdChangeOwnerPostWithHttpInfo(String owner, String applicationId) throws ApiException { okhttp3.Call localVarCall = applicationsApplicationIdChangeOwnerPostValidateBeforeCall(owner, applicationId, null); return localVarApiClient.execute(localVarCall); @@ -165,7 +171,7 @@ public ApiResponse applicationsApplicationIdChangeOwnerPostWithHttpInfo(St /** * Change Application Owner (asynchronously) - * This operation is used to change the owner of an Application. In order to change the owner of an application, we need to pass the new application owner as a query parameter + * **Deprecated.** This API will be removed in a future release. Use `/applications/{applicationId}/change-settings` instead. This operation is used to change the owner of an Application. In order to change the owner of an application, we need to pass the new application owner as a query parameter * @param owner (required) * @param applicationId Application UUID (required) * @param _callback The callback to be executed when the API call finishes @@ -177,13 +183,142 @@ public ApiResponse applicationsApplicationIdChangeOwnerPostWithHttpInfo(St 200 OK. Application owner changed successfully. - 400 Bad Request. Invalid request or validation error. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - + * @deprecated */ + @Deprecated public okhttp3.Call applicationsApplicationIdChangeOwnerPostAsync(String owner, String applicationId, final ApiCallback _callback) throws ApiException { okhttp3.Call localVarCall = applicationsApplicationIdChangeOwnerPostValidateBeforeCall(owner, applicationId, _callback); localVarApiClient.executeAsync(localVarCall, _callback); return localVarCall; } + /** + * Build call for updateApplicationSettings + * @param applicationId Application UUID (required) + * @param applicationUpdateRequestDTO (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 Application updated successfully -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public okhttp3.Call updateApplicationSettingsCall(String applicationId, ApplicationUpdateRequestDTO applicationUpdateRequestDTO, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = applicationUpdateRequestDTO; + + // create path and map variables + String localVarPath = "/applications/{applicationId}/change-settings" + .replaceAll("\\{" + "applicationId" + "\\}", localVarApiClient.escapeString(applicationId.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + "application/json" + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call updateApplicationSettingsValidateBeforeCall(String applicationId, ApplicationUpdateRequestDTO applicationUpdateRequestDTO, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'applicationId' is set + if (applicationId == null) { + throw new ApiException("Missing the required parameter 'applicationId' when calling updateApplicationSettings(Async)"); + } + + // verify the required parameter 'applicationUpdateRequestDTO' is set + if (applicationUpdateRequestDTO == null) { + throw new ApiException("Missing the required parameter 'applicationUpdateRequestDTO' when calling updateApplicationSettings(Async)"); + } + + + okhttp3.Call localVarCall = updateApplicationSettingsCall(applicationId, applicationUpdateRequestDTO, _callback); + return localVarCall; + + } + + /** + * Update Application Settings + * This operation allows updating one or more settings of an application. + * @param applicationId Application UUID (required) + * @param applicationUpdateRequestDTO (required) + * @return ApplicationDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 Application updated successfully -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public ApplicationDTO updateApplicationSettings(String applicationId, ApplicationUpdateRequestDTO applicationUpdateRequestDTO) throws ApiException { + ApiResponse localVarResp = updateApplicationSettingsWithHttpInfo(applicationId, applicationUpdateRequestDTO); + return localVarResp.getData(); + } + + /** + * Update Application Settings + * This operation allows updating one or more settings of an application. + * @param applicationId Application UUID (required) + * @param applicationUpdateRequestDTO (required) + * @return ApiResponse<ApplicationDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 Application updated successfully -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public ApiResponse updateApplicationSettingsWithHttpInfo(String applicationId, ApplicationUpdateRequestDTO applicationUpdateRequestDTO) throws ApiException { + okhttp3.Call localVarCall = updateApplicationSettingsValidateBeforeCall(applicationId, applicationUpdateRequestDTO, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Update Application Settings (asynchronously) + * This operation allows updating one or more settings of an application. + * @param applicationId Application UUID (required) + * @param applicationUpdateRequestDTO (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 Application updated successfully -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public okhttp3.Call updateApplicationSettingsAsync(String applicationId, ApplicationUpdateRequestDTO applicationUpdateRequestDTO, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = updateApplicationSettingsValidateBeforeCall(applicationId, applicationUpdateRequestDTO, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationCollectionApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationCollectionApi.java index 9e6d287c30..3663ede8f2 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationCollectionApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationCollectionApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -61,9 +61,10 @@ public void setApiClient(ApiClient apiClient) { * @param limit Maximum size of resource array to return. (optional, default to 25) * @param offset Starting point within the complete list of items qualified. (optional, default to 0) * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param name Application Name (optional) * @param tenantDomain Tenant domain of the applications to get. This has to be specified only if it is required to get applications of a tenant other than the requester's tenant. So, if not specified, the default will be set as the requester's tenant domain. This cross tenant Application access is allowed only for super tenant admin users **only at a migration process**. (optional) + * @param sortBy (optional, default to name) + * @param sortOrder (optional, default to asc) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object @@ -71,12 +72,11 @@ public void setApiClient(ApiClient apiClient) { -
Status Code Description Response Headers
200 OK. Application list returned. * Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
400 Bad Request. Invalid request or validation error. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call applicationsGetCall(String user, Integer limit, Integer offset, String accept, String ifNoneMatch, String name, String tenantDomain, final ApiCallback _callback) throws ApiException { + public okhttp3.Call applicationsGetCall(String user, Integer limit, Integer offset, String accept, String name, String tenantDomain, String sortBy, String sortOrder, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -104,15 +104,19 @@ public okhttp3.Call applicationsGetCall(String user, Integer limit, Integer offs localVarQueryParams.addAll(localVarApiClient.parameterToPair("tenantDomain", tenantDomain)); } + if (sortBy != null) { + localVarQueryParams.addAll(localVarApiClient.parameterToPair("sortBy", sortBy)); + } + + if (sortOrder != null) { + localVarQueryParams.addAll(localVarApiClient.parameterToPair("sortOrder", sortOrder)); + } + Map localVarHeaderParams = new HashMap(); if (accept != null) { localVarHeaderParams.put("Accept", localVarApiClient.parameterToString(accept)); } - if (ifNoneMatch != null) { - localVarHeaderParams.put("If-None-Match", localVarApiClient.parameterToString(ifNoneMatch)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -134,10 +138,10 @@ public okhttp3.Call applicationsGetCall(String user, Integer limit, Integer offs } @SuppressWarnings("rawtypes") - private okhttp3.Call applicationsGetValidateBeforeCall(String user, Integer limit, Integer offset, String accept, String ifNoneMatch, String name, String tenantDomain, final ApiCallback _callback) throws ApiException { + private okhttp3.Call applicationsGetValidateBeforeCall(String user, Integer limit, Integer offset, String accept, String name, String tenantDomain, String sortBy, String sortOrder, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = applicationsGetCall(user, limit, offset, accept, ifNoneMatch, name, tenantDomain, _callback); + okhttp3.Call localVarCall = applicationsGetCall(user, limit, offset, accept, name, tenantDomain, sortBy, sortOrder, _callback); return localVarCall; } @@ -149,22 +153,22 @@ private okhttp3.Call applicationsGetValidateBeforeCall(String user, Integer limi * @param limit Maximum size of resource array to return. (optional, default to 25) * @param offset Starting point within the complete list of items qualified. (optional, default to 0) * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param name Application Name (optional) * @param tenantDomain Tenant domain of the applications to get. This has to be specified only if it is required to get applications of a tenant other than the requester's tenant. So, if not specified, the default will be set as the requester's tenant domain. This cross tenant Application access is allowed only for super tenant admin users **only at a migration process**. (optional) + * @param sortBy (optional, default to name) + * @param sortOrder (optional, default to asc) * @return ApplicationListDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details -
Status Code Description Response Headers
200 OK. Application list returned. * Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
400 Bad Request. Invalid request or validation error. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public ApplicationListDTO applicationsGet(String user, Integer limit, Integer offset, String accept, String ifNoneMatch, String name, String tenantDomain) throws ApiException { - ApiResponse localVarResp = applicationsGetWithHttpInfo(user, limit, offset, accept, ifNoneMatch, name, tenantDomain); + public ApplicationListDTO applicationsGet(String user, Integer limit, Integer offset, String accept, String name, String tenantDomain, String sortBy, String sortOrder) throws ApiException { + ApiResponse localVarResp = applicationsGetWithHttpInfo(user, limit, offset, accept, name, tenantDomain, sortBy, sortOrder); return localVarResp.getData(); } @@ -175,22 +179,22 @@ public ApplicationListDTO applicationsGet(String user, Integer limit, Integer of * @param limit Maximum size of resource array to return. (optional, default to 25) * @param offset Starting point within the complete list of items qualified. (optional, default to 0) * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param name Application Name (optional) * @param tenantDomain Tenant domain of the applications to get. This has to be specified only if it is required to get applications of a tenant other than the requester's tenant. So, if not specified, the default will be set as the requester's tenant domain. This cross tenant Application access is allowed only for super tenant admin users **only at a migration process**. (optional) + * @param sortBy (optional, default to name) + * @param sortOrder (optional, default to asc) * @return ApiResponse<ApplicationListDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details -
Status Code Description Response Headers
200 OK. Application list returned. * Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
400 Bad Request. Invalid request or validation error. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public ApiResponse applicationsGetWithHttpInfo(String user, Integer limit, Integer offset, String accept, String ifNoneMatch, String name, String tenantDomain) throws ApiException { - okhttp3.Call localVarCall = applicationsGetValidateBeforeCall(user, limit, offset, accept, ifNoneMatch, name, tenantDomain, null); + public ApiResponse applicationsGetWithHttpInfo(String user, Integer limit, Integer offset, String accept, String name, String tenantDomain, String sortBy, String sortOrder) throws ApiException { + okhttp3.Call localVarCall = applicationsGetValidateBeforeCall(user, limit, offset, accept, name, tenantDomain, sortBy, sortOrder, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -202,9 +206,10 @@ public ApiResponse applicationsGetWithHttpInfo(String user, * @param limit Maximum size of resource array to return. (optional, default to 25) * @param offset Starting point within the complete list of items qualified. (optional, default to 0) * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param name Application Name (optional) * @param tenantDomain Tenant domain of the applications to get. This has to be specified only if it is required to get applications of a tenant other than the requester's tenant. So, if not specified, the default will be set as the requester's tenant domain. This cross tenant Application access is allowed only for super tenant admin users **only at a migration process**. (optional) + * @param sortBy (optional, default to name) + * @param sortOrder (optional, default to asc) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object @@ -212,14 +217,13 @@ public ApiResponse applicationsGetWithHttpInfo(String user, -
Status Code Description Response Headers
200 OK. Application list returned. * Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
400 Bad Request. Invalid request or validation error. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call applicationsGetAsync(String user, Integer limit, Integer offset, String accept, String ifNoneMatch, String name, String tenantDomain, final ApiCallback _callback) throws ApiException { + public okhttp3.Call applicationsGetAsync(String user, Integer limit, Integer offset, String accept, String name, String tenantDomain, String sortBy, String sortOrder, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = applicationsGetValidateBeforeCall(user, limit, offset, accept, ifNoneMatch, name, tenantDomain, _callback); + okhttp3.Call localVarCall = applicationsGetValidateBeforeCall(user, limit, offset, accept, name, tenantDomain, sortBy, sortOrder, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationIndividualApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationIndividualApi.java deleted file mode 100644 index 527ddbbf2b..0000000000 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationIndividualApi.java +++ /dev/null @@ -1,373 +0,0 @@ -/* - * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) - * - * The version of the OpenAPI document: v4 - * Contact: architecture@wso2.com - * - * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). - * https://openapi-generator.tech - * Do not edit the class manually. - */ - - -package org.wso2.am.integration.clients.admin.api; - -import org.wso2.am.integration.clients.admin.ApiCallback; -import org.wso2.am.integration.clients.admin.ApiClient; -import org.wso2.am.integration.clients.admin.ApiException; -import org.wso2.am.integration.clients.admin.ApiResponse; -import org.wso2.am.integration.clients.admin.Configuration; -import org.wso2.am.integration.clients.admin.Pair; -import org.wso2.am.integration.clients.admin.ProgressRequestBody; -import org.wso2.am.integration.clients.admin.ProgressResponseBody; - -import com.google.gson.reflect.TypeToken; - -import java.io.IOException; - - -import org.wso2.am.integration.clients.admin.api.dto.APIInfoListDTO; -import org.wso2.am.integration.clients.admin.api.dto.ApplicationInfoDTO; -import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; -import java.io.File; - -import java.lang.reflect.Type; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -public class ApplicationIndividualApi { - private ApiClient localVarApiClient; - - public ApplicationIndividualApi() { - this(Configuration.getDefaultApiClient()); - } - - public ApplicationIndividualApi(ApiClient apiClient) { - this.localVarApiClient = apiClient; - } - - public ApiClient getApiClient() { - return localVarApiClient; - } - - public void setApiClient(ApiClient apiClient) { - this.localVarApiClient = apiClient; - } - - /** - * Build call for exportApplicationsGet - * @param appName Application Name (required) - * @param appOwner Owner of the Application (required) - * @param withKeys Export application keys (optional) - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Export Successful. * Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
- */ - public okhttp3.Call exportApplicationsGetCall(String appName, String appOwner, Boolean withKeys, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = null; - - // create path and map variables - String localVarPath = "/export/applications"; - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - if (appName != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("appName", appName)); - } - - if (appOwner != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("appOwner", appOwner)); - } - - if (withKeys != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("withKeys", withKeys)); - } - - Map localVarHeaderParams = new HashMap(); - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - final String[] localVarAccepts = { - "application/json", "application/zip" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call exportApplicationsGetValidateBeforeCall(String appName, String appOwner, Boolean withKeys, final ApiCallback _callback) throws ApiException { - - // verify the required parameter 'appName' is set - if (appName == null) { - throw new ApiException("Missing the required parameter 'appName' when calling exportApplicationsGet(Async)"); - } - - // verify the required parameter 'appOwner' is set - if (appOwner == null) { - throw new ApiException("Missing the required parameter 'appOwner' when calling exportApplicationsGet(Async)"); - } - - - okhttp3.Call localVarCall = exportApplicationsGetCall(appName, appOwner, withKeys, _callback); - return localVarCall; - - } - - /** - * Export an Application - * This operation can be used to export the details of a particular application as a zip file. - * @param appName Application Name (required) - * @param appOwner Owner of the Application (required) - * @param withKeys Export application keys (optional) - * @return File - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Export Successful. * Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
- */ - public File exportApplicationsGet(String appName, String appOwner, Boolean withKeys) throws ApiException { - ApiResponse localVarResp = exportApplicationsGetWithHttpInfo(appName, appOwner, withKeys); - return localVarResp.getData(); - } - - /** - * Export an Application - * This operation can be used to export the details of a particular application as a zip file. - * @param appName Application Name (required) - * @param appOwner Owner of the Application (required) - * @param withKeys Export application keys (optional) - * @return ApiResponse<File> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Export Successful. * Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
- */ - public ApiResponse exportApplicationsGetWithHttpInfo(String appName, String appOwner, Boolean withKeys) throws ApiException { - okhttp3.Call localVarCall = exportApplicationsGetValidateBeforeCall(appName, appOwner, withKeys, null); - Type localVarReturnType = new TypeToken(){}.getType(); - return localVarApiClient.execute(localVarCall, localVarReturnType); - } - - /** - * Export an Application (asynchronously) - * This operation can be used to export the details of a particular application as a zip file. - * @param appName Application Name (required) - * @param appOwner Owner of the Application (required) - * @param withKeys Export application keys (optional) - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Export Successful. * Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
- */ - public okhttp3.Call exportApplicationsGetAsync(String appName, String appOwner, Boolean withKeys, final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = exportApplicationsGetValidateBeforeCall(appName, appOwner, withKeys, _callback); - Type localVarReturnType = new TypeToken(){}.getType(); - localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); - return localVarCall; - } - /** - * Build call for importApplicationsPost - * @param file Zip archive consisting of exported Application Configuration. (required) - * @param preserveOwner Preserve Original Creator of the Application (optional) - * @param skipSubscriptions Skip importing Subscriptions of the Application (optional) - * @param appOwner Expected Owner of the Application in the Import Environment (optional) - * @param skipApplicationKeys Skip importing Keys of the Application (optional) - * @param update Update if application exists (optional) - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Successful response with the updated object information as entity in the body. * Content-Type - The content type of the body.
207 Multi Status. Partially successful response with skipped APIs information object as entity in the body. -
400 Bad Request. Invalid request or validation error. -
406 Not Acceptable. The requested media type is not supported. -
- */ - public okhttp3.Call importApplicationsPostCall(File file, Boolean preserveOwner, Boolean skipSubscriptions, String appOwner, Boolean skipApplicationKeys, Boolean update, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = null; - - // create path and map variables - String localVarPath = "/import/applications"; - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - if (preserveOwner != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("preserveOwner", preserveOwner)); - } - - if (skipSubscriptions != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("skipSubscriptions", skipSubscriptions)); - } - - if (appOwner != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("appOwner", appOwner)); - } - - if (skipApplicationKeys != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("skipApplicationKeys", skipApplicationKeys)); - } - - if (update != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("update", update)); - } - - Map localVarHeaderParams = new HashMap(); - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - if (file != null) { - localVarFormParams.put("file", file); - } - - final String[] localVarAccepts = { - "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - "multipart/form-data" - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call importApplicationsPostValidateBeforeCall(File file, Boolean preserveOwner, Boolean skipSubscriptions, String appOwner, Boolean skipApplicationKeys, Boolean update, final ApiCallback _callback) throws ApiException { - - // verify the required parameter 'file' is set - if (file == null) { - throw new ApiException("Missing the required parameter 'file' when calling importApplicationsPost(Async)"); - } - - - okhttp3.Call localVarCall = importApplicationsPostCall(file, preserveOwner, skipSubscriptions, appOwner, skipApplicationKeys, update, _callback); - return localVarCall; - - } - - /** - * Import an Application - * This operation can be used to import an application. - * @param file Zip archive consisting of exported Application Configuration. (required) - * @param preserveOwner Preserve Original Creator of the Application (optional) - * @param skipSubscriptions Skip importing Subscriptions of the Application (optional) - * @param appOwner Expected Owner of the Application in the Import Environment (optional) - * @param skipApplicationKeys Skip importing Keys of the Application (optional) - * @param update Update if application exists (optional) - * @return ApplicationInfoDTO - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Successful response with the updated object information as entity in the body. * Content-Type - The content type of the body.
207 Multi Status. Partially successful response with skipped APIs information object as entity in the body. -
400 Bad Request. Invalid request or validation error. -
406 Not Acceptable. The requested media type is not supported. -
- */ - public ApplicationInfoDTO importApplicationsPost(File file, Boolean preserveOwner, Boolean skipSubscriptions, String appOwner, Boolean skipApplicationKeys, Boolean update) throws ApiException { - ApiResponse localVarResp = importApplicationsPostWithHttpInfo(file, preserveOwner, skipSubscriptions, appOwner, skipApplicationKeys, update); - return localVarResp.getData(); - } - - /** - * Import an Application - * This operation can be used to import an application. - * @param file Zip archive consisting of exported Application Configuration. (required) - * @param preserveOwner Preserve Original Creator of the Application (optional) - * @param skipSubscriptions Skip importing Subscriptions of the Application (optional) - * @param appOwner Expected Owner of the Application in the Import Environment (optional) - * @param skipApplicationKeys Skip importing Keys of the Application (optional) - * @param update Update if application exists (optional) - * @return ApiResponse<ApplicationInfoDTO> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Successful response with the updated object information as entity in the body. * Content-Type - The content type of the body.
207 Multi Status. Partially successful response with skipped APIs information object as entity in the body. -
400 Bad Request. Invalid request or validation error. -
406 Not Acceptable. The requested media type is not supported. -
- */ - public ApiResponse importApplicationsPostWithHttpInfo(File file, Boolean preserveOwner, Boolean skipSubscriptions, String appOwner, Boolean skipApplicationKeys, Boolean update) throws ApiException { - okhttp3.Call localVarCall = importApplicationsPostValidateBeforeCall(file, preserveOwner, skipSubscriptions, appOwner, skipApplicationKeys, update, null); - Type localVarReturnType = new TypeToken(){}.getType(); - return localVarApiClient.execute(localVarCall, localVarReturnType); - } - - /** - * Import an Application (asynchronously) - * This operation can be used to import an application. - * @param file Zip archive consisting of exported Application Configuration. (required) - * @param preserveOwner Preserve Original Creator of the Application (optional) - * @param skipSubscriptions Skip importing Subscriptions of the Application (optional) - * @param appOwner Expected Owner of the Application in the Import Environment (optional) - * @param skipApplicationKeys Skip importing Keys of the Application (optional) - * @param update Update if application exists (optional) - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Successful response with the updated object information as entity in the body. * Content-Type - The content type of the body.
207 Multi Status. Partially successful response with skipped APIs information object as entity in the body. -
400 Bad Request. Invalid request or validation error. -
406 Not Acceptable. The requested media type is not supported. -
- */ - public okhttp3.Call importApplicationsPostAsync(File file, Boolean preserveOwner, Boolean skipSubscriptions, String appOwner, Boolean skipApplicationKeys, Boolean update, final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = importApplicationsPostValidateBeforeCall(file, preserveOwner, skipSubscriptions, appOwner, skipApplicationKeys, update, _callback); - Type localVarReturnType = new TypeToken(){}.getType(); - localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); - return localVarCall; - } -} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationPolicyCollectionApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationPolicyCollectionApi.java index 0f07778da9..bc578f98fb 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationPolicyCollectionApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationPolicyCollectionApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -59,20 +59,17 @@ public void setApiClient(ApiClient apiClient) { /** * Build call for throttlingPoliciesApplicationGet * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingPoliciesApplicationGetCall(String accept, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesApplicationGetCall(String accept, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -85,14 +82,6 @@ public okhttp3.Call throttlingPoliciesApplicationGetCall(String accept, String i localVarHeaderParams.put("Accept", localVarApiClient.parameterToString(accept)); } - if (ifNoneMatch != null) { - localVarHeaderParams.put("If-None-Match", localVarApiClient.parameterToString(ifNoneMatch)); - } - - if (ifModifiedSince != null) { - localVarHeaderParams.put("If-Modified-Since", localVarApiClient.parameterToString(ifModifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -114,10 +103,10 @@ public okhttp3.Call throttlingPoliciesApplicationGetCall(String accept, String i } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingPoliciesApplicationGetValidateBeforeCall(String accept, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingPoliciesApplicationGetValidateBeforeCall(String accept, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesApplicationGetCall(accept, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesApplicationGetCall(accept, _callback); return localVarCall; } @@ -126,20 +115,17 @@ private okhttp3.Call throttlingPoliciesApplicationGetValidateBeforeCall(String a * Get all Application Throttling Policies * Retrieves all existing application throttling policies. * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return ApplicationThrottlePolicyListDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public ApplicationThrottlePolicyListDTO throttlingPoliciesApplicationGet(String accept, String ifNoneMatch, String ifModifiedSince) throws ApiException { - ApiResponse localVarResp = throttlingPoliciesApplicationGetWithHttpInfo(accept, ifNoneMatch, ifModifiedSince); + public ApplicationThrottlePolicyListDTO throttlingPoliciesApplicationGet(String accept) throws ApiException { + ApiResponse localVarResp = throttlingPoliciesApplicationGetWithHttpInfo(accept); return localVarResp.getData(); } @@ -147,20 +133,17 @@ public ApplicationThrottlePolicyListDTO throttlingPoliciesApplicationGet(String * Get all Application Throttling Policies * Retrieves all existing application throttling policies. * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return ApiResponse<ApplicationThrottlePolicyListDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public ApiResponse throttlingPoliciesApplicationGetWithHttpInfo(String accept, String ifNoneMatch, String ifModifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesApplicationGetValidateBeforeCall(accept, ifNoneMatch, ifModifiedSince, null); + public ApiResponse throttlingPoliciesApplicationGetWithHttpInfo(String accept) throws ApiException { + okhttp3.Call localVarCall = throttlingPoliciesApplicationGetValidateBeforeCall(accept, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -169,22 +152,19 @@ public ApiResponse throttlingPoliciesApplicati * Get all Application Throttling Policies (asynchronously) * Retrieves all existing application throttling policies. * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingPoliciesApplicationGetAsync(String accept, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesApplicationGetAsync(String accept, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesApplicationGetValidateBeforeCall(accept, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesApplicationGetValidateBeforeCall(accept, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; @@ -199,7 +179,7 @@ public okhttp3.Call throttlingPoliciesApplicationGetAsync(String accept, String * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created Policy object.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created Policy object.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
@@ -266,7 +246,7 @@ private okhttp3.Call throttlingPoliciesApplicationPostValidateBeforeCall(String * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created Policy object.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created Policy object.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
@@ -286,7 +266,7 @@ public ApplicationThrottlePolicyDTO throttlingPoliciesApplicationPost(String con * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created Policy object.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created Policy object.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
@@ -308,7 +288,7 @@ public ApiResponse throttlingPoliciesApplicationPo * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created Policy object.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created Policy object.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationPolicyIndividualApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationPolicyIndividualApi.java index 27a375dd4a..d039de16d7 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationPolicyIndividualApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationPolicyIndividualApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -58,8 +58,6 @@ public void setApiClient(ApiClient apiClient) { /** * Build call for throttlingPoliciesApplicationPolicyIdDelete * @param policyId Thorttle policy UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object @@ -68,10 +66,9 @@ public void setApiClient(ApiClient apiClient) { Status Code Description Response Headers 200 OK. Resource successfully deleted. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public okhttp3.Call throttlingPoliciesApplicationPolicyIdDeleteCall(String policyId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesApplicationPolicyIdDeleteCall(String policyId, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -81,14 +78,6 @@ public okhttp3.Call throttlingPoliciesApplicationPolicyIdDeleteCall(String polic List localVarQueryParams = new ArrayList(); List localVarCollectionQueryParams = new ArrayList(); Map localVarHeaderParams = new HashMap(); - if (ifMatch != null) { - localVarHeaderParams.put("If-Match", localVarApiClient.parameterToString(ifMatch)); - } - - if (ifUnmodifiedSince != null) { - localVarHeaderParams.put("If-Unmodified-Since", localVarApiClient.parameterToString(ifUnmodifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -110,7 +99,7 @@ public okhttp3.Call throttlingPoliciesApplicationPolicyIdDeleteCall(String polic } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingPoliciesApplicationPolicyIdDeleteValidateBeforeCall(String policyId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingPoliciesApplicationPolicyIdDeleteValidateBeforeCall(String policyId, final ApiCallback _callback) throws ApiException { // verify the required parameter 'policyId' is set if (policyId == null) { @@ -118,7 +107,7 @@ private okhttp3.Call throttlingPoliciesApplicationPolicyIdDeleteValidateBeforeCa } - okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdDeleteCall(policyId, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdDeleteCall(policyId, _callback); return localVarCall; } @@ -127,27 +116,22 @@ private okhttp3.Call throttlingPoliciesApplicationPolicyIdDeleteValidateBeforeCa * Delete an Application Throttling policy * Deletes an application level throttling policy. * @param policyId Thorttle policy UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details -
Status Code Description Response Headers
200 OK. Resource successfully deleted. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public void throttlingPoliciesApplicationPolicyIdDelete(String policyId, String ifMatch, String ifUnmodifiedSince) throws ApiException { - throttlingPoliciesApplicationPolicyIdDeleteWithHttpInfo(policyId, ifMatch, ifUnmodifiedSince); + public void throttlingPoliciesApplicationPolicyIdDelete(String policyId) throws ApiException { + throttlingPoliciesApplicationPolicyIdDeleteWithHttpInfo(policyId); } /** * Delete an Application Throttling policy * Deletes an application level throttling policy. * @param policyId Thorttle policy UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return ApiResponse<Void> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -155,11 +139,10 @@ public void throttlingPoliciesApplicationPolicyIdDelete(String policyId, String Status Code Description Response Headers 200 OK. Resource successfully deleted. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public ApiResponse throttlingPoliciesApplicationPolicyIdDeleteWithHttpInfo(String policyId, String ifMatch, String ifUnmodifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdDeleteValidateBeforeCall(policyId, ifMatch, ifUnmodifiedSince, null); + public ApiResponse throttlingPoliciesApplicationPolicyIdDeleteWithHttpInfo(String policyId) throws ApiException { + okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdDeleteValidateBeforeCall(policyId, null); return localVarApiClient.execute(localVarCall); } @@ -167,8 +150,6 @@ public ApiResponse throttlingPoliciesApplicationPolicyIdDeleteWithHttpInfo * Delete an Application Throttling policy (asynchronously) * Deletes an application level throttling policy. * @param policyId Thorttle policy UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object @@ -177,33 +158,29 @@ public ApiResponse throttlingPoliciesApplicationPolicyIdDeleteWithHttpInfo Status Code Description Response Headers 200 OK. Resource successfully deleted. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public okhttp3.Call throttlingPoliciesApplicationPolicyIdDeleteAsync(String policyId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesApplicationPolicyIdDeleteAsync(String policyId, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdDeleteValidateBeforeCall(policyId, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdDeleteValidateBeforeCall(policyId, _callback); localVarApiClient.executeAsync(localVarCall, _callback); return localVarCall; } /** * Build call for throttlingPoliciesApplicationPolicyIdGet * @param policyId Thorttle policy UUID (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policy returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policy returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingPoliciesApplicationPolicyIdGetCall(String policyId, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesApplicationPolicyIdGetCall(String policyId, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -213,14 +190,6 @@ public okhttp3.Call throttlingPoliciesApplicationPolicyIdGetCall(String policyId List localVarQueryParams = new ArrayList(); List localVarCollectionQueryParams = new ArrayList(); Map localVarHeaderParams = new HashMap(); - if (ifNoneMatch != null) { - localVarHeaderParams.put("If-None-Match", localVarApiClient.parameterToString(ifNoneMatch)); - } - - if (ifModifiedSince != null) { - localVarHeaderParams.put("If-Modified-Since", localVarApiClient.parameterToString(ifModifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -242,7 +211,7 @@ public okhttp3.Call throttlingPoliciesApplicationPolicyIdGetCall(String policyId } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingPoliciesApplicationPolicyIdGetValidateBeforeCall(String policyId, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingPoliciesApplicationPolicyIdGetValidateBeforeCall(String policyId, final ApiCallback _callback) throws ApiException { // verify the required parameter 'policyId' is set if (policyId == null) { @@ -250,7 +219,7 @@ private okhttp3.Call throttlingPoliciesApplicationPolicyIdGetValidateBeforeCall( } - okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdGetCall(policyId, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdGetCall(policyId, _callback); return localVarCall; } @@ -259,21 +228,18 @@ private okhttp3.Call throttlingPoliciesApplicationPolicyIdGetValidateBeforeCall( * Get an Application Throttling Policy * Retrieves an application throttling policy. * @param policyId Thorttle policy UUID (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return ApplicationThrottlePolicyDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policy returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policy returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public ApplicationThrottlePolicyDTO throttlingPoliciesApplicationPolicyIdGet(String policyId, String ifNoneMatch, String ifModifiedSince) throws ApiException { - ApiResponse localVarResp = throttlingPoliciesApplicationPolicyIdGetWithHttpInfo(policyId, ifNoneMatch, ifModifiedSince); + public ApplicationThrottlePolicyDTO throttlingPoliciesApplicationPolicyIdGet(String policyId) throws ApiException { + ApiResponse localVarResp = throttlingPoliciesApplicationPolicyIdGetWithHttpInfo(policyId); return localVarResp.getData(); } @@ -281,21 +247,18 @@ public ApplicationThrottlePolicyDTO throttlingPoliciesApplicationPolicyIdGet(Str * Get an Application Throttling Policy * Retrieves an application throttling policy. * @param policyId Thorttle policy UUID (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return ApiResponse<ApplicationThrottlePolicyDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policy returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policy returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public ApiResponse throttlingPoliciesApplicationPolicyIdGetWithHttpInfo(String policyId, String ifNoneMatch, String ifModifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdGetValidateBeforeCall(policyId, ifNoneMatch, ifModifiedSince, null); + public ApiResponse throttlingPoliciesApplicationPolicyIdGetWithHttpInfo(String policyId) throws ApiException { + okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdGetValidateBeforeCall(policyId, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -304,23 +267,20 @@ public ApiResponse throttlingPoliciesApplicationPo * Get an Application Throttling Policy (asynchronously) * Retrieves an application throttling policy. * @param policyId Thorttle policy UUID (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policy returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policy returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingPoliciesApplicationPolicyIdGetAsync(String policyId, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesApplicationPolicyIdGetAsync(String policyId, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdGetValidateBeforeCall(policyId, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdGetValidateBeforeCall(policyId, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; @@ -330,21 +290,18 @@ public okhttp3.Call throttlingPoliciesApplicationPolicyIdGetAsync(String policyI * @param policyId Thorttle policy UUID (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param applicationThrottlePolicyDTO Policy object that needs to be modified (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - + -
Status Code Description Response Headers
200 OK. Policy updated. * ETag - Entity Tag of the response resource. Used by caches, or in conditional request.
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional reuquests.
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
200 OK. Policy updated. * Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public okhttp3.Call throttlingPoliciesApplicationPolicyIdPutCall(String policyId, String contentType, ApplicationThrottlePolicyDTO applicationThrottlePolicyDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesApplicationPolicyIdPutCall(String policyId, String contentType, ApplicationThrottlePolicyDTO applicationThrottlePolicyDTO, final ApiCallback _callback) throws ApiException { Object localVarPostBody = applicationThrottlePolicyDTO; // create path and map variables @@ -358,14 +315,6 @@ public okhttp3.Call throttlingPoliciesApplicationPolicyIdPutCall(String policyId localVarHeaderParams.put("Content-Type", localVarApiClient.parameterToString(contentType)); } - if (ifMatch != null) { - localVarHeaderParams.put("If-Match", localVarApiClient.parameterToString(ifMatch)); - } - - if (ifUnmodifiedSince != null) { - localVarHeaderParams.put("If-Unmodified-Since", localVarApiClient.parameterToString(ifUnmodifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -387,7 +336,7 @@ public okhttp3.Call throttlingPoliciesApplicationPolicyIdPutCall(String policyId } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingPoliciesApplicationPolicyIdPutValidateBeforeCall(String policyId, String contentType, ApplicationThrottlePolicyDTO applicationThrottlePolicyDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingPoliciesApplicationPolicyIdPutValidateBeforeCall(String policyId, String contentType, ApplicationThrottlePolicyDTO applicationThrottlePolicyDTO, final ApiCallback _callback) throws ApiException { // verify the required parameter 'policyId' is set if (policyId == null) { @@ -405,7 +354,7 @@ private okhttp3.Call throttlingPoliciesApplicationPolicyIdPutValidateBeforeCall( } - okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdPutCall(policyId, contentType, applicationThrottlePolicyDTO, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdPutCall(policyId, contentType, applicationThrottlePolicyDTO, _callback); return localVarCall; } @@ -416,21 +365,18 @@ private okhttp3.Call throttlingPoliciesApplicationPolicyIdPutValidateBeforeCall( * @param policyId Thorttle policy UUID (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param applicationThrottlePolicyDTO Policy object that needs to be modified (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return ApplicationThrottlePolicyDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - + -
Status Code Description Response Headers
200 OK. Policy updated. * ETag - Entity Tag of the response resource. Used by caches, or in conditional request.
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional reuquests.
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
200 OK. Policy updated. * Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public ApplicationThrottlePolicyDTO throttlingPoliciesApplicationPolicyIdPut(String policyId, String contentType, ApplicationThrottlePolicyDTO applicationThrottlePolicyDTO, String ifMatch, String ifUnmodifiedSince) throws ApiException { - ApiResponse localVarResp = throttlingPoliciesApplicationPolicyIdPutWithHttpInfo(policyId, contentType, applicationThrottlePolicyDTO, ifMatch, ifUnmodifiedSince); + public ApplicationThrottlePolicyDTO throttlingPoliciesApplicationPolicyIdPut(String policyId, String contentType, ApplicationThrottlePolicyDTO applicationThrottlePolicyDTO) throws ApiException { + ApiResponse localVarResp = throttlingPoliciesApplicationPolicyIdPutWithHttpInfo(policyId, contentType, applicationThrottlePolicyDTO); return localVarResp.getData(); } @@ -440,21 +386,18 @@ public ApplicationThrottlePolicyDTO throttlingPoliciesApplicationPolicyIdPut(Str * @param policyId Thorttle policy UUID (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param applicationThrottlePolicyDTO Policy object that needs to be modified (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return ApiResponse<ApplicationThrottlePolicyDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - + -
Status Code Description Response Headers
200 OK. Policy updated. * ETag - Entity Tag of the response resource. Used by caches, or in conditional request.
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional reuquests.
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
200 OK. Policy updated. * Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public ApiResponse throttlingPoliciesApplicationPolicyIdPutWithHttpInfo(String policyId, String contentType, ApplicationThrottlePolicyDTO applicationThrottlePolicyDTO, String ifMatch, String ifUnmodifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdPutValidateBeforeCall(policyId, contentType, applicationThrottlePolicyDTO, ifMatch, ifUnmodifiedSince, null); + public ApiResponse throttlingPoliciesApplicationPolicyIdPutWithHttpInfo(String policyId, String contentType, ApplicationThrottlePolicyDTO applicationThrottlePolicyDTO) throws ApiException { + okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdPutValidateBeforeCall(policyId, contentType, applicationThrottlePolicyDTO, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -465,23 +408,20 @@ public ApiResponse throttlingPoliciesApplicationPo * @param policyId Thorttle policy UUID (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param applicationThrottlePolicyDTO Policy object that needs to be modified (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - + -
Status Code Description Response Headers
200 OK. Policy updated. * ETag - Entity Tag of the response resource. Used by caches, or in conditional request.
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional reuquests.
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
200 OK. Policy updated. * Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public okhttp3.Call throttlingPoliciesApplicationPolicyIdPutAsync(String policyId, String contentType, ApplicationThrottlePolicyDTO applicationThrottlePolicyDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesApplicationPolicyIdPutAsync(String policyId, String contentType, ApplicationThrottlePolicyDTO applicationThrottlePolicyDTO, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdPutValidateBeforeCall(policyId, contentType, applicationThrottlePolicyDTO, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesApplicationPolicyIdPutValidateBeforeCall(policyId, contentType, applicationThrottlePolicyDTO, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationsApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationsApi.java index 37a32e51d4..aad4ae6c7e 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationsApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ApplicationsApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -27,6 +27,7 @@ import java.io.IOException; +import org.wso2.am.integration.clients.admin.api.dto.ApplicationDTO; import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; import org.wso2.am.integration.clients.admin.api.dto.WorkflowResponseDTO; @@ -58,7 +59,6 @@ public void setApiClient(ApiClient apiClient) { /** * Build call for applicationsApplicationIdDelete * @param applicationId Application UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object @@ -68,10 +68,9 @@ public void setApiClient(ApiClient apiClient) { 200 OK. Resource successfully deleted. - 202 Accepted. The request has been accepted. * Location - Location of the existing Application.
404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public okhttp3.Call applicationsApplicationIdDeleteCall(String applicationId, String ifMatch, final ApiCallback _callback) throws ApiException { + public okhttp3.Call applicationsApplicationIdDeleteCall(String applicationId, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -81,10 +80,6 @@ public okhttp3.Call applicationsApplicationIdDeleteCall(String applicationId, St List localVarQueryParams = new ArrayList(); List localVarCollectionQueryParams = new ArrayList(); Map localVarHeaderParams = new HashMap(); - if (ifMatch != null) { - localVarHeaderParams.put("If-Match", localVarApiClient.parameterToString(ifMatch)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -106,7 +101,7 @@ public okhttp3.Call applicationsApplicationIdDeleteCall(String applicationId, St } @SuppressWarnings("rawtypes") - private okhttp3.Call applicationsApplicationIdDeleteValidateBeforeCall(String applicationId, String ifMatch, final ApiCallback _callback) throws ApiException { + private okhttp3.Call applicationsApplicationIdDeleteValidateBeforeCall(String applicationId, final ApiCallback _callback) throws ApiException { // verify the required parameter 'applicationId' is set if (applicationId == null) { @@ -114,7 +109,7 @@ private okhttp3.Call applicationsApplicationIdDeleteValidateBeforeCall(String ap } - okhttp3.Call localVarCall = applicationsApplicationIdDeleteCall(applicationId, ifMatch, _callback); + okhttp3.Call localVarCall = applicationsApplicationIdDeleteCall(applicationId, _callback); return localVarCall; } @@ -123,7 +118,6 @@ private okhttp3.Call applicationsApplicationIdDeleteValidateBeforeCall(String ap * Delete an Application * This operation can be used to delete an application by specifying its id. * @param applicationId Application UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -131,18 +125,16 @@ private okhttp3.Call applicationsApplicationIdDeleteValidateBeforeCall(String ap -
200 OK. Resource successfully deleted. -
202 Accepted. The request has been accepted. * Location - Location of the existing Application.
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public void applicationsApplicationIdDelete(String applicationId, String ifMatch) throws ApiException { - applicationsApplicationIdDeleteWithHttpInfo(applicationId, ifMatch); + public void applicationsApplicationIdDelete(String applicationId) throws ApiException { + applicationsApplicationIdDeleteWithHttpInfo(applicationId); } /** * Delete an Application * This operation can be used to delete an application by specifying its id. * @param applicationId Application UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) * @return ApiResponse<Void> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -151,11 +143,10 @@ public void applicationsApplicationIdDelete(String applicationId, String ifMatch 200 OK. Resource successfully deleted. - 202 Accepted. The request has been accepted. * Location - Location of the existing Application.
404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public ApiResponse applicationsApplicationIdDeleteWithHttpInfo(String applicationId, String ifMatch) throws ApiException { - okhttp3.Call localVarCall = applicationsApplicationIdDeleteValidateBeforeCall(applicationId, ifMatch, null); + public ApiResponse applicationsApplicationIdDeleteWithHttpInfo(String applicationId) throws ApiException { + okhttp3.Call localVarCall = applicationsApplicationIdDeleteValidateBeforeCall(applicationId, null); return localVarApiClient.execute(localVarCall); } @@ -163,7 +154,6 @@ public ApiResponse applicationsApplicationIdDeleteWithHttpInfo(String appl * Delete an Application (asynchronously) * This operation can be used to delete an application by specifying its id. * @param applicationId Application UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object @@ -173,13 +163,135 @@ public ApiResponse applicationsApplicationIdDeleteWithHttpInfo(String appl 200 OK. Resource successfully deleted. - 202 Accepted. The request has been accepted. * Location - Location of the existing Application.
404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public okhttp3.Call applicationsApplicationIdDeleteAsync(String applicationId, String ifMatch, final ApiCallback _callback) throws ApiException { + public okhttp3.Call applicationsApplicationIdDeleteAsync(String applicationId, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = applicationsApplicationIdDeleteValidateBeforeCall(applicationId, ifMatch, _callback); + okhttp3.Call localVarCall = applicationsApplicationIdDeleteValidateBeforeCall(applicationId, _callback); localVarApiClient.executeAsync(localVarCall, _callback); return localVarCall; } + /** + * Build call for applicationsApplicationIdGet + * @param applicationId Application UUID (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + + +
Status Code Description Response Headers
200 OK. Application details returned. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public okhttp3.Call applicationsApplicationIdGetCall(String applicationId, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/applications/{applicationId}" + .replaceAll("\\{" + "applicationId" + "\\}", localVarApiClient.escapeString(applicationId.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call applicationsApplicationIdGetValidateBeforeCall(String applicationId, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'applicationId' is set + if (applicationId == null) { + throw new ApiException("Missing the required parameter 'applicationId' when calling applicationsApplicationIdGet(Async)"); + } + + + okhttp3.Call localVarCall = applicationsApplicationIdGetCall(applicationId, _callback); + return localVarCall; + + } + + /** + * Get the details of an Application + * This operation can be used to get the details of an application by specifying its id. + * @param applicationId Application UUID (required) + * @return ApplicationDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + +
Status Code Description Response Headers
200 OK. Application details returned. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public ApplicationDTO applicationsApplicationIdGet(String applicationId) throws ApiException { + ApiResponse localVarResp = applicationsApplicationIdGetWithHttpInfo(applicationId); + return localVarResp.getData(); + } + + /** + * Get the details of an Application + * This operation can be used to get the details of an application by specifying its id. + * @param applicationId Application UUID (required) + * @return ApiResponse<ApplicationDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + +
Status Code Description Response Headers
200 OK. Application details returned. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public ApiResponse applicationsApplicationIdGetWithHttpInfo(String applicationId) throws ApiException { + okhttp3.Call localVarCall = applicationsApplicationIdGetValidateBeforeCall(applicationId, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Get the details of an Application (asynchronously) + * This operation can be used to get the details of an application by specifying its id. + * @param applicationId Application UUID (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + + +
Status Code Description Response Headers
200 OK. Application details returned. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public okhttp3.Call applicationsApplicationIdGetAsync(String applicationId, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = applicationsApplicationIdGetValidateBeforeCall(applicationId, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/BotDetectionAlertSubscriptionsApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/BotDetectionAlertSubscriptionsApi.java index 6b482f5ca0..c2fa1a6f3a 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/BotDetectionAlertSubscriptionsApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/BotDetectionAlertSubscriptionsApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/BotDetectionDataApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/BotDetectionDataApi.java index 05477ad523..febeebad2f 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/BotDetectionDataApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/BotDetectionDataApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ConsumptionApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ConsumptionApi.java new file mode 100644 index 0000000000..56b7bc9f59 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ConsumptionApi.java @@ -0,0 +1,201 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api; + +import org.wso2.am.integration.clients.admin.ApiCallback; +import org.wso2.am.integration.clients.admin.ApiClient; +import org.wso2.am.integration.clients.admin.ApiException; +import org.wso2.am.integration.clients.admin.ApiResponse; +import org.wso2.am.integration.clients.admin.Configuration; +import org.wso2.am.integration.clients.admin.Pair; +import org.wso2.am.integration.clients.admin.ProgressRequestBody; +import org.wso2.am.integration.clients.admin.ProgressResponseBody; + +import com.google.gson.reflect.TypeToken; + +import java.io.IOException; + + +import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; +import java.io.File; + +import java.lang.reflect.Type; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class ConsumptionApi { + private ApiClient localVarApiClient; + + public ConsumptionApi() { + this(Configuration.getDefaultApiClient()); + } + + public ConsumptionApi(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + public ApiClient getApiClient() { + return localVarApiClient; + } + + public void setApiClient(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + /** + * Build call for exportConsumptionData + * @param fromDate Start date of the export range (inclusive). Format: YYYY-MM-DD. (required) + * @param toDate End date of the export range (inclusive). Format: YYYY-MM-DD. (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 OK. Consumption data exported successfully as a ZIP file. * Content-Disposition - Indicates the filename for the download (e.g., consumption-report.zip).
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
401 Unauthorized. The user is not authorized. -
403 Forbidden. The request must be conditional but no condition has been specified. -
500 Internal Server Error. -
+ */ + public okhttp3.Call exportConsumptionDataCall(String fromDate, String toDate, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/export-consumption"; + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + if (fromDate != null) { + localVarQueryParams.addAll(localVarApiClient.parameterToPair("fromDate", fromDate)); + } + + if (toDate != null) { + localVarQueryParams.addAll(localVarApiClient.parameterToPair("toDate", toDate)); + } + + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/zip", "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call exportConsumptionDataValidateBeforeCall(String fromDate, String toDate, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'fromDate' is set + if (fromDate == null) { + throw new ApiException("Missing the required parameter 'fromDate' when calling exportConsumptionData(Async)"); + } + + // verify the required parameter 'toDate' is set + if (toDate == null) { + throw new ApiException("Missing the required parameter 'toDate' when calling exportConsumptionData(Async)"); + } + + + okhttp3.Call localVarCall = exportConsumptionDataCall(fromDate, toDate, _callback); + return localVarCall; + + } + + /** + * Export API Consumption Data + * This operation provides a ZIP archive containing API consumption/usage data for a given date range. + * @param fromDate Start date of the export range (inclusive). Format: YYYY-MM-DD. (required) + * @param toDate End date of the export range (inclusive). Format: YYYY-MM-DD. (required) + * @return File + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 OK. Consumption data exported successfully as a ZIP file. * Content-Disposition - Indicates the filename for the download (e.g., consumption-report.zip).
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
401 Unauthorized. The user is not authorized. -
403 Forbidden. The request must be conditional but no condition has been specified. -
500 Internal Server Error. -
+ */ + public File exportConsumptionData(String fromDate, String toDate) throws ApiException { + ApiResponse localVarResp = exportConsumptionDataWithHttpInfo(fromDate, toDate); + return localVarResp.getData(); + } + + /** + * Export API Consumption Data + * This operation provides a ZIP archive containing API consumption/usage data for a given date range. + * @param fromDate Start date of the export range (inclusive). Format: YYYY-MM-DD. (required) + * @param toDate End date of the export range (inclusive). Format: YYYY-MM-DD. (required) + * @return ApiResponse<File> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 OK. Consumption data exported successfully as a ZIP file. * Content-Disposition - Indicates the filename for the download (e.g., consumption-report.zip).
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
401 Unauthorized. The user is not authorized. -
403 Forbidden. The request must be conditional but no condition has been specified. -
500 Internal Server Error. -
+ */ + public ApiResponse exportConsumptionDataWithHttpInfo(String fromDate, String toDate) throws ApiException { + okhttp3.Call localVarCall = exportConsumptionDataValidateBeforeCall(fromDate, toDate, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Export API Consumption Data (asynchronously) + * This operation provides a ZIP archive containing API consumption/usage data for a given date range. + * @param fromDate Start date of the export range (inclusive). Format: YYYY-MM-DD. (required) + * @param toDate End date of the export range (inclusive). Format: YYYY-MM-DD. (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 OK. Consumption data exported successfully as a ZIP file. * Content-Disposition - Indicates the filename for the download (e.g., consumption-report.zip).
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
401 Unauthorized. The user is not authorized. -
403 Forbidden. The request must be conditional but no condition has been specified. -
500 Internal Server Error. -
+ */ + public okhttp3.Call exportConsumptionDataAsync(String fromDate, String toDate, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = exportConsumptionDataValidateBeforeCall(fromDate, toDate, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } +} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/CustomRulesCollectionApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/CustomRulesCollectionApi.java index d724480706..d7a5dd0548 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/CustomRulesCollectionApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/CustomRulesCollectionApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -59,20 +59,17 @@ public void setApiClient(ApiClient apiClient) { /** * Build call for throttlingPoliciesCustomGet * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingPoliciesCustomGetCall(String accept, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesCustomGetCall(String accept, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -85,14 +82,6 @@ public okhttp3.Call throttlingPoliciesCustomGetCall(String accept, String ifNone localVarHeaderParams.put("Accept", localVarApiClient.parameterToString(accept)); } - if (ifNoneMatch != null) { - localVarHeaderParams.put("If-None-Match", localVarApiClient.parameterToString(ifNoneMatch)); - } - - if (ifModifiedSince != null) { - localVarHeaderParams.put("If-Modified-Since", localVarApiClient.parameterToString(ifModifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -114,10 +103,10 @@ public okhttp3.Call throttlingPoliciesCustomGetCall(String accept, String ifNone } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingPoliciesCustomGetValidateBeforeCall(String accept, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingPoliciesCustomGetValidateBeforeCall(String accept, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesCustomGetCall(accept, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesCustomGetCall(accept, _callback); return localVarCall; } @@ -126,20 +115,17 @@ private okhttp3.Call throttlingPoliciesCustomGetValidateBeforeCall(String accept * Get all Custom Rules * Retrieves all custom rules. **NOTE:** * Only super tenant users are allowed for this operation. * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return CustomRuleListDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public CustomRuleListDTO throttlingPoliciesCustomGet(String accept, String ifNoneMatch, String ifModifiedSince) throws ApiException { - ApiResponse localVarResp = throttlingPoliciesCustomGetWithHttpInfo(accept, ifNoneMatch, ifModifiedSince); + public CustomRuleListDTO throttlingPoliciesCustomGet(String accept) throws ApiException { + ApiResponse localVarResp = throttlingPoliciesCustomGetWithHttpInfo(accept); return localVarResp.getData(); } @@ -147,20 +133,17 @@ public CustomRuleListDTO throttlingPoliciesCustomGet(String accept, String ifNon * Get all Custom Rules * Retrieves all custom rules. **NOTE:** * Only super tenant users are allowed for this operation. * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return ApiResponse<CustomRuleListDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public ApiResponse throttlingPoliciesCustomGetWithHttpInfo(String accept, String ifNoneMatch, String ifModifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesCustomGetValidateBeforeCall(accept, ifNoneMatch, ifModifiedSince, null); + public ApiResponse throttlingPoliciesCustomGetWithHttpInfo(String accept) throws ApiException { + okhttp3.Call localVarCall = throttlingPoliciesCustomGetValidateBeforeCall(accept, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -169,22 +152,19 @@ public ApiResponse throttlingPoliciesCustomGetWithHttpInfo(St * Get all Custom Rules (asynchronously) * Retrieves all custom rules. **NOTE:** * Only super tenant users are allowed for this operation. * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingPoliciesCustomGetAsync(String accept, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesCustomGetAsync(String accept, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesCustomGetValidateBeforeCall(accept, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesCustomGetValidateBeforeCall(accept, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; @@ -199,7 +179,7 @@ public okhttp3.Call throttlingPoliciesCustomGetAsync(String accept, String ifNon * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created resource.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
@@ -266,7 +246,7 @@ private okhttp3.Call throttlingPoliciesCustomPostValidateBeforeCall(String conte * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created resource.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
@@ -286,7 +266,7 @@ public CustomRuleDTO throttlingPoliciesCustomPost(String contentType, CustomRule * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created resource.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
@@ -308,7 +288,7 @@ public ApiResponse throttlingPoliciesCustomPostWithHttpInfo(Strin * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created resource.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/CustomRulesIndividualApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/CustomRulesIndividualApi.java index fd179245bd..fd9715179a 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/CustomRulesIndividualApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/CustomRulesIndividualApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -58,8 +58,6 @@ public void setApiClient(ApiClient apiClient) { /** * Build call for throttlingPoliciesCustomRuleIdDelete * @param ruleId Custom rule UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object @@ -68,10 +66,9 @@ public void setApiClient(ApiClient apiClient) { Status Code Description Response Headers 200 OK. Resource successfully deleted. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public okhttp3.Call throttlingPoliciesCustomRuleIdDeleteCall(String ruleId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesCustomRuleIdDeleteCall(String ruleId, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -81,14 +78,6 @@ public okhttp3.Call throttlingPoliciesCustomRuleIdDeleteCall(String ruleId, Stri List localVarQueryParams = new ArrayList(); List localVarCollectionQueryParams = new ArrayList(); Map localVarHeaderParams = new HashMap(); - if (ifMatch != null) { - localVarHeaderParams.put("If-Match", localVarApiClient.parameterToString(ifMatch)); - } - - if (ifUnmodifiedSince != null) { - localVarHeaderParams.put("If-Unmodified-Since", localVarApiClient.parameterToString(ifUnmodifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -110,7 +99,7 @@ public okhttp3.Call throttlingPoliciesCustomRuleIdDeleteCall(String ruleId, Stri } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingPoliciesCustomRuleIdDeleteValidateBeforeCall(String ruleId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingPoliciesCustomRuleIdDeleteValidateBeforeCall(String ruleId, final ApiCallback _callback) throws ApiException { // verify the required parameter 'ruleId' is set if (ruleId == null) { @@ -118,7 +107,7 @@ private okhttp3.Call throttlingPoliciesCustomRuleIdDeleteValidateBeforeCall(Stri } - okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdDeleteCall(ruleId, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdDeleteCall(ruleId, _callback); return localVarCall; } @@ -127,27 +116,22 @@ private okhttp3.Call throttlingPoliciesCustomRuleIdDeleteValidateBeforeCall(Stri * Delete a Custom Rule * Delete a custom rule. We need to provide the Id of the policy as a path parameter. **NOTE:** * Only super tenant users are allowed for this operation. * @param ruleId Custom rule UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details -
Status Code Description Response Headers
200 OK. Resource successfully deleted. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public void throttlingPoliciesCustomRuleIdDelete(String ruleId, String ifMatch, String ifUnmodifiedSince) throws ApiException { - throttlingPoliciesCustomRuleIdDeleteWithHttpInfo(ruleId, ifMatch, ifUnmodifiedSince); + public void throttlingPoliciesCustomRuleIdDelete(String ruleId) throws ApiException { + throttlingPoliciesCustomRuleIdDeleteWithHttpInfo(ruleId); } /** * Delete a Custom Rule * Delete a custom rule. We need to provide the Id of the policy as a path parameter. **NOTE:** * Only super tenant users are allowed for this operation. * @param ruleId Custom rule UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return ApiResponse<Void> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -155,11 +139,10 @@ public void throttlingPoliciesCustomRuleIdDelete(String ruleId, String ifMatch, Status Code Description Response Headers 200 OK. Resource successfully deleted. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public ApiResponse throttlingPoliciesCustomRuleIdDeleteWithHttpInfo(String ruleId, String ifMatch, String ifUnmodifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdDeleteValidateBeforeCall(ruleId, ifMatch, ifUnmodifiedSince, null); + public ApiResponse throttlingPoliciesCustomRuleIdDeleteWithHttpInfo(String ruleId) throws ApiException { + okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdDeleteValidateBeforeCall(ruleId, null); return localVarApiClient.execute(localVarCall); } @@ -167,8 +150,6 @@ public ApiResponse throttlingPoliciesCustomRuleIdDeleteWithHttpInfo(String * Delete a Custom Rule (asynchronously) * Delete a custom rule. We need to provide the Id of the policy as a path parameter. **NOTE:** * Only super tenant users are allowed for this operation. * @param ruleId Custom rule UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object @@ -177,33 +158,29 @@ public ApiResponse throttlingPoliciesCustomRuleIdDeleteWithHttpInfo(String Status Code Description Response Headers 200 OK. Resource successfully deleted. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public okhttp3.Call throttlingPoliciesCustomRuleIdDeleteAsync(String ruleId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesCustomRuleIdDeleteAsync(String ruleId, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdDeleteValidateBeforeCall(ruleId, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdDeleteValidateBeforeCall(ruleId, _callback); localVarApiClient.executeAsync(localVarCall, _callback); return localVarCall; } /** * Build call for throttlingPoliciesCustomRuleIdGet * @param ruleId Custom rule UUID (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policy returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policy returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingPoliciesCustomRuleIdGetCall(String ruleId, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesCustomRuleIdGetCall(String ruleId, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -213,14 +190,6 @@ public okhttp3.Call throttlingPoliciesCustomRuleIdGetCall(String ruleId, String List localVarQueryParams = new ArrayList(); List localVarCollectionQueryParams = new ArrayList(); Map localVarHeaderParams = new HashMap(); - if (ifNoneMatch != null) { - localVarHeaderParams.put("If-None-Match", localVarApiClient.parameterToString(ifNoneMatch)); - } - - if (ifModifiedSince != null) { - localVarHeaderParams.put("If-Modified-Since", localVarApiClient.parameterToString(ifModifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -242,7 +211,7 @@ public okhttp3.Call throttlingPoliciesCustomRuleIdGetCall(String ruleId, String } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingPoliciesCustomRuleIdGetValidateBeforeCall(String ruleId, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingPoliciesCustomRuleIdGetValidateBeforeCall(String ruleId, final ApiCallback _callback) throws ApiException { // verify the required parameter 'ruleId' is set if (ruleId == null) { @@ -250,7 +219,7 @@ private okhttp3.Call throttlingPoliciesCustomRuleIdGetValidateBeforeCall(String } - okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdGetCall(ruleId, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdGetCall(ruleId, _callback); return localVarCall; } @@ -259,21 +228,18 @@ private okhttp3.Call throttlingPoliciesCustomRuleIdGetValidateBeforeCall(String * Get a Custom Rule * Retrieves a custom rule. We need to provide the policy Id as a path parameter. **NOTE:** * Only super tenant users are allowed for this operation. * @param ruleId Custom rule UUID (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return CustomRuleDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policy returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policy returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public CustomRuleDTO throttlingPoliciesCustomRuleIdGet(String ruleId, String ifNoneMatch, String ifModifiedSince) throws ApiException { - ApiResponse localVarResp = throttlingPoliciesCustomRuleIdGetWithHttpInfo(ruleId, ifNoneMatch, ifModifiedSince); + public CustomRuleDTO throttlingPoliciesCustomRuleIdGet(String ruleId) throws ApiException { + ApiResponse localVarResp = throttlingPoliciesCustomRuleIdGetWithHttpInfo(ruleId); return localVarResp.getData(); } @@ -281,21 +247,18 @@ public CustomRuleDTO throttlingPoliciesCustomRuleIdGet(String ruleId, String ifN * Get a Custom Rule * Retrieves a custom rule. We need to provide the policy Id as a path parameter. **NOTE:** * Only super tenant users are allowed for this operation. * @param ruleId Custom rule UUID (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return ApiResponse<CustomRuleDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policy returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policy returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public ApiResponse throttlingPoliciesCustomRuleIdGetWithHttpInfo(String ruleId, String ifNoneMatch, String ifModifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdGetValidateBeforeCall(ruleId, ifNoneMatch, ifModifiedSince, null); + public ApiResponse throttlingPoliciesCustomRuleIdGetWithHttpInfo(String ruleId) throws ApiException { + okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdGetValidateBeforeCall(ruleId, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -304,23 +267,20 @@ public ApiResponse throttlingPoliciesCustomRuleIdGetWithHttpInfo( * Get a Custom Rule (asynchronously) * Retrieves a custom rule. We need to provide the policy Id as a path parameter. **NOTE:** * Only super tenant users are allowed for this operation. * @param ruleId Custom rule UUID (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policy returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policy returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingPoliciesCustomRuleIdGetAsync(String ruleId, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesCustomRuleIdGetAsync(String ruleId, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdGetValidateBeforeCall(ruleId, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdGetValidateBeforeCall(ruleId, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; @@ -330,21 +290,18 @@ public okhttp3.Call throttlingPoliciesCustomRuleIdGetAsync(String ruleId, String * @param ruleId Custom rule UUID (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param customRuleDTO Policy object that needs to be modified (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - + -
Status Code Description Response Headers
200 OK. Policy updated. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
200 OK. Policy updated. * Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public okhttp3.Call throttlingPoliciesCustomRuleIdPutCall(String ruleId, String contentType, CustomRuleDTO customRuleDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesCustomRuleIdPutCall(String ruleId, String contentType, CustomRuleDTO customRuleDTO, final ApiCallback _callback) throws ApiException { Object localVarPostBody = customRuleDTO; // create path and map variables @@ -358,14 +315,6 @@ public okhttp3.Call throttlingPoliciesCustomRuleIdPutCall(String ruleId, String localVarHeaderParams.put("Content-Type", localVarApiClient.parameterToString(contentType)); } - if (ifMatch != null) { - localVarHeaderParams.put("If-Match", localVarApiClient.parameterToString(ifMatch)); - } - - if (ifUnmodifiedSince != null) { - localVarHeaderParams.put("If-Unmodified-Since", localVarApiClient.parameterToString(ifUnmodifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -387,7 +336,7 @@ public okhttp3.Call throttlingPoliciesCustomRuleIdPutCall(String ruleId, String } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingPoliciesCustomRuleIdPutValidateBeforeCall(String ruleId, String contentType, CustomRuleDTO customRuleDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingPoliciesCustomRuleIdPutValidateBeforeCall(String ruleId, String contentType, CustomRuleDTO customRuleDTO, final ApiCallback _callback) throws ApiException { // verify the required parameter 'ruleId' is set if (ruleId == null) { @@ -405,7 +354,7 @@ private okhttp3.Call throttlingPoliciesCustomRuleIdPutValidateBeforeCall(String } - okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdPutCall(ruleId, contentType, customRuleDTO, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdPutCall(ruleId, contentType, customRuleDTO, _callback); return localVarCall; } @@ -416,21 +365,18 @@ private okhttp3.Call throttlingPoliciesCustomRuleIdPutValidateBeforeCall(String * @param ruleId Custom rule UUID (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param customRuleDTO Policy object that needs to be modified (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return CustomRuleDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - + -
Status Code Description Response Headers
200 OK. Policy updated. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
200 OK. Policy updated. * Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public CustomRuleDTO throttlingPoliciesCustomRuleIdPut(String ruleId, String contentType, CustomRuleDTO customRuleDTO, String ifMatch, String ifUnmodifiedSince) throws ApiException { - ApiResponse localVarResp = throttlingPoliciesCustomRuleIdPutWithHttpInfo(ruleId, contentType, customRuleDTO, ifMatch, ifUnmodifiedSince); + public CustomRuleDTO throttlingPoliciesCustomRuleIdPut(String ruleId, String contentType, CustomRuleDTO customRuleDTO) throws ApiException { + ApiResponse localVarResp = throttlingPoliciesCustomRuleIdPutWithHttpInfo(ruleId, contentType, customRuleDTO); return localVarResp.getData(); } @@ -440,21 +386,18 @@ public CustomRuleDTO throttlingPoliciesCustomRuleIdPut(String ruleId, String con * @param ruleId Custom rule UUID (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param customRuleDTO Policy object that needs to be modified (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return ApiResponse<CustomRuleDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - + -
Status Code Description Response Headers
200 OK. Policy updated. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
200 OK. Policy updated. * Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public ApiResponse throttlingPoliciesCustomRuleIdPutWithHttpInfo(String ruleId, String contentType, CustomRuleDTO customRuleDTO, String ifMatch, String ifUnmodifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdPutValidateBeforeCall(ruleId, contentType, customRuleDTO, ifMatch, ifUnmodifiedSince, null); + public ApiResponse throttlingPoliciesCustomRuleIdPutWithHttpInfo(String ruleId, String contentType, CustomRuleDTO customRuleDTO) throws ApiException { + okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdPutValidateBeforeCall(ruleId, contentType, customRuleDTO, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -465,23 +408,20 @@ public ApiResponse throttlingPoliciesCustomRuleIdPutWithHttpInfo( * @param ruleId Custom rule UUID (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param customRuleDTO Policy object that needs to be modified (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - + -
Status Code Description Response Headers
200 OK. Policy updated. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
200 OK. Policy updated. * Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public okhttp3.Call throttlingPoliciesCustomRuleIdPutAsync(String ruleId, String contentType, CustomRuleDTO customRuleDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesCustomRuleIdPutAsync(String ruleId, String contentType, CustomRuleDTO customRuleDTO, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdPutValidateBeforeCall(ruleId, contentType, customRuleDTO, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesCustomRuleIdPutValidateBeforeCall(ruleId, contentType, customRuleDTO, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/DefaultApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/DefaultApi.java new file mode 100644 index 0000000000..28b97738da --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/DefaultApi.java @@ -0,0 +1,697 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api; + +import org.wso2.am.integration.clients.admin.ApiCallback; +import org.wso2.am.integration.clients.admin.ApiClient; +import org.wso2.am.integration.clients.admin.ApiException; +import org.wso2.am.integration.clients.admin.ApiResponse; +import org.wso2.am.integration.clients.admin.Configuration; +import org.wso2.am.integration.clients.admin.Pair; +import org.wso2.am.integration.clients.admin.ProgressRequestBody; +import org.wso2.am.integration.clients.admin.ProgressResponseBody; + +import com.google.gson.reflect.TypeToken; + +import java.io.IOException; + + +import org.wso2.am.integration.clients.admin.api.dto.ContentPublishStatusDTO; +import org.wso2.am.integration.clients.admin.api.dto.ContentPublishStatusResponseDTO; +import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; +import java.io.File; + +import java.lang.reflect.Type; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class DefaultApi { + private ApiClient localVarApiClient; + + public DefaultApi() { + this(Configuration.getDefaultApiClient()); + } + + public DefaultApi(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + public ApiClient getApiClient() { + return localVarApiClient; + } + + public void setApiClient(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + /** + * Build call for deleteOrgTheme + * @param id (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 Successfully deleted -
404 Not Found. The specified resource does not exist. -
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
500 Internal Server Error. -
+ */ + public okhttp3.Call deleteOrgThemeCall(String id, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/org-themes/{id}" + .replaceAll("\\{" + "id" + "\\}", localVarApiClient.escapeString(id.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "DELETE", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call deleteOrgThemeValidateBeforeCall(String id, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'id' is set + if (id == null) { + throw new ApiException("Missing the required parameter 'id' when calling deleteOrgTheme(Async)"); + } + + + okhttp3.Call localVarCall = deleteOrgThemeCall(id, _callback); + return localVarCall; + + } + + /** + * Delete an org theme + * Deletes the org theme for the given ID. + * @param id (required) + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 Successfully deleted -
404 Not Found. The specified resource does not exist. -
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
500 Internal Server Error. -
+ */ + public void deleteOrgTheme(String id) throws ApiException { + deleteOrgThemeWithHttpInfo(id); + } + + /** + * Delete an org theme + * Deletes the org theme for the given ID. + * @param id (required) + * @return ApiResponse<Void> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 Successfully deleted -
404 Not Found. The specified resource does not exist. -
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
500 Internal Server Error. -
+ */ + public ApiResponse deleteOrgThemeWithHttpInfo(String id) throws ApiException { + okhttp3.Call localVarCall = deleteOrgThemeValidateBeforeCall(id, null); + return localVarApiClient.execute(localVarCall); + } + + /** + * Delete an org theme (asynchronously) + * Deletes the org theme for the given ID. + * @param id (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 Successfully deleted -
404 Not Found. The specified resource does not exist. -
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
500 Internal Server Error. -
+ */ + public okhttp3.Call deleteOrgThemeAsync(String id, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = deleteOrgThemeValidateBeforeCall(id, _callback); + localVarApiClient.executeAsync(localVarCall, _callback); + return localVarCall; + } + /** + * Build call for getOrgThemeContent + * @param id (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 Returns the org theme zip -
404 Not Found. The specified resource does not exist. -
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
500 Internal Server Error. -
+ */ + public okhttp3.Call getOrgThemeContentCall(String id, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/org-themes/{id}/content" + .replaceAll("\\{" + "id" + "\\}", localVarApiClient.escapeString(id.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/zip", "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call getOrgThemeContentValidateBeforeCall(String id, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'id' is set + if (id == null) { + throw new ApiException("Missing the required parameter 'id' when calling getOrgThemeContent(Async)"); + } + + + okhttp3.Call localVarCall = getOrgThemeContentCall(id, _callback); + return localVarCall; + + } + + /** + * Retrieve org theme as zip + * Returns the org theme as a zip file for the given ID. + * @param id (required) + * @return File + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 Returns the org theme zip -
404 Not Found. The specified resource does not exist. -
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
500 Internal Server Error. -
+ */ + public File getOrgThemeContent(String id) throws ApiException { + ApiResponse localVarResp = getOrgThemeContentWithHttpInfo(id); + return localVarResp.getData(); + } + + /** + * Retrieve org theme as zip + * Returns the org theme as a zip file for the given ID. + * @param id (required) + * @return ApiResponse<File> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 Returns the org theme zip -
404 Not Found. The specified resource does not exist. -
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
500 Internal Server Error. -
+ */ + public ApiResponse getOrgThemeContentWithHttpInfo(String id) throws ApiException { + okhttp3.Call localVarCall = getOrgThemeContentValidateBeforeCall(id, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Retrieve org theme as zip (asynchronously) + * Returns the org theme as a zip file for the given ID. + * @param id (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 Returns the org theme zip -
404 Not Found. The specified resource does not exist. -
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
500 Internal Server Error. -
+ */ + public okhttp3.Call getOrgThemeContentAsync(String id, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = getOrgThemeContentValidateBeforeCall(id, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } + /** + * Build call for getOrgThemes + * @param publish Filter themes based on published status (optional) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 List of org themes -
404 Not Found. The specified resource does not exist. -
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
500 Internal Server Error. -
+ */ + public okhttp3.Call getOrgThemesCall(Boolean publish, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/org-themes"; + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + if (publish != null) { + localVarQueryParams.addAll(localVarApiClient.parameterToPair("publish", publish)); + } + + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call getOrgThemesValidateBeforeCall(Boolean publish, final ApiCallback _callback) throws ApiException { + + + okhttp3.Call localVarCall = getOrgThemesCall(publish, _callback); + return localVarCall; + + } + + /** + * Retrieve UUIDs of org-theme contents + * Returns the UUIDs of org-theme contents and their publish status. + * @param publish Filter themes based on published status (optional) + * @return List<ContentPublishStatusResponseDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 List of org themes -
404 Not Found. The specified resource does not exist. -
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
500 Internal Server Error. -
+ */ + public List getOrgThemes(Boolean publish) throws ApiException { + ApiResponse> localVarResp = getOrgThemesWithHttpInfo(publish); + return localVarResp.getData(); + } + + /** + * Retrieve UUIDs of org-theme contents + * Returns the UUIDs of org-theme contents and their publish status. + * @param publish Filter themes based on published status (optional) + * @return ApiResponse<List<ContentPublishStatusResponseDTO>> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 List of org themes -
404 Not Found. The specified resource does not exist. -
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
500 Internal Server Error. -
+ */ + public ApiResponse> getOrgThemesWithHttpInfo(Boolean publish) throws ApiException { + okhttp3.Call localVarCall = getOrgThemesValidateBeforeCall(publish, null); + Type localVarReturnType = new TypeToken>(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Retrieve UUIDs of org-theme contents (asynchronously) + * Returns the UUIDs of org-theme contents and their publish status. + * @param publish Filter themes based on published status (optional) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 List of org themes -
404 Not Found. The specified resource does not exist. -
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
500 Internal Server Error. -
+ */ + public okhttp3.Call getOrgThemesAsync(Boolean publish, final ApiCallback> _callback) throws ApiException { + + okhttp3.Call localVarCall = getOrgThemesValidateBeforeCall(publish, _callback); + Type localVarReturnType = new TypeToken>(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } + /** + * Build call for importOrgTheme + * @param file The org-content.zip file (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + + + + +
Status Code Description Response Headers
200 Successfully imported -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
403 Forbidden. The request must be conditional but no condition has been specified. -
413 Payload Too Large. Request entity is larger than limits defined by server. -
500 Internal Server Error. -
+ */ + public okhttp3.Call importOrgThemeCall(File file, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/org-themes"; + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + if (file != null) { + localVarFormParams.put("file", file); + } + + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + "multipart/form-data" + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call importOrgThemeValidateBeforeCall(File file, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'file' is set + if (file == null) { + throw new ApiException("Missing the required parameter 'file' when calling importOrgTheme(Async)"); + } + + + okhttp3.Call localVarCall = importOrgThemeCall(file, _callback); + return localVarCall; + + } + + /** + * Import org theme + * Imports a drafted zip of an org theme to APIM. + * @param file The org-content.zip file (required) + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + + + +
Status Code Description Response Headers
200 Successfully imported -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
403 Forbidden. The request must be conditional but no condition has been specified. -
413 Payload Too Large. Request entity is larger than limits defined by server. -
500 Internal Server Error. -
+ */ + public void importOrgTheme(File file) throws ApiException { + importOrgThemeWithHttpInfo(file); + } + + /** + * Import org theme + * Imports a drafted zip of an org theme to APIM. + * @param file The org-content.zip file (required) + * @return ApiResponse<Void> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + + + +
Status Code Description Response Headers
200 Successfully imported -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
403 Forbidden. The request must be conditional but no condition has been specified. -
413 Payload Too Large. Request entity is larger than limits defined by server. -
500 Internal Server Error. -
+ */ + public ApiResponse importOrgThemeWithHttpInfo(File file) throws ApiException { + okhttp3.Call localVarCall = importOrgThemeValidateBeforeCall(file, null); + return localVarApiClient.execute(localVarCall); + } + + /** + * Import org theme (asynchronously) + * Imports a drafted zip of an org theme to APIM. + * @param file The org-content.zip file (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + + + + +
Status Code Description Response Headers
200 Successfully imported -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
403 Forbidden. The request must be conditional but no condition has been specified. -
413 Payload Too Large. Request entity is larger than limits defined by server. -
500 Internal Server Error. -
+ */ + public okhttp3.Call importOrgThemeAsync(File file, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = importOrgThemeValidateBeforeCall(file, _callback); + localVarApiClient.executeAsync(localVarCall, _callback); + return localVarCall; + } + /** + * Build call for updateOrgThemeStatus + * @param id (required) + * @param contentPublishStatusDTO (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 Successfully updated status -
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
500 Internal Server Error. -
+ */ + public okhttp3.Call updateOrgThemeStatusCall(String id, ContentPublishStatusDTO contentPublishStatusDTO, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = contentPublishStatusDTO; + + // create path and map variables + String localVarPath = "/org-themes/{id}/status" + .replaceAll("\\{" + "id" + "\\}", localVarApiClient.escapeString(id.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + "application/json" + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call updateOrgThemeStatusValidateBeforeCall(String id, ContentPublishStatusDTO contentPublishStatusDTO, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'id' is set + if (id == null) { + throw new ApiException("Missing the required parameter 'id' when calling updateOrgThemeStatus(Async)"); + } + + // verify the required parameter 'contentPublishStatusDTO' is set + if (contentPublishStatusDTO == null) { + throw new ApiException("Missing the required parameter 'contentPublishStatusDTO' when calling updateOrgThemeStatus(Async)"); + } + + + okhttp3.Call localVarCall = updateOrgThemeStatusCall(id, contentPublishStatusDTO, _callback); + return localVarCall; + + } + + /** + * Update publish status of an org theme + * Publishes or unpublishes an org theme to the dev portal. + * @param id (required) + * @param contentPublishStatusDTO (required) + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 Successfully updated status -
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
500 Internal Server Error. -
+ */ + public void updateOrgThemeStatus(String id, ContentPublishStatusDTO contentPublishStatusDTO) throws ApiException { + updateOrgThemeStatusWithHttpInfo(id, contentPublishStatusDTO); + } + + /** + * Update publish status of an org theme + * Publishes or unpublishes an org theme to the dev portal. + * @param id (required) + * @param contentPublishStatusDTO (required) + * @return ApiResponse<Void> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 Successfully updated status -
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
500 Internal Server Error. -
+ */ + public ApiResponse updateOrgThemeStatusWithHttpInfo(String id, ContentPublishStatusDTO contentPublishStatusDTO) throws ApiException { + okhttp3.Call localVarCall = updateOrgThemeStatusValidateBeforeCall(id, contentPublishStatusDTO, null); + return localVarApiClient.execute(localVarCall); + } + + /** + * Update publish status of an org theme (asynchronously) + * Publishes or unpublishes an org theme to the dev portal. + * @param id (required) + * @param contentPublishStatusDTO (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + + + +
Status Code Description Response Headers
200 Successfully updated status -
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
500 Internal Server Error. -
+ */ + public okhttp3.Call updateOrgThemeStatusAsync(String id, ContentPublishStatusDTO contentPublishStatusDTO, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = updateOrgThemeStatusValidateBeforeCall(id, contentPublishStatusDTO, _callback); + localVarApiClient.executeAsync(localVarCall, _callback); + return localVarCall; + } +} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/DenyPoliciesCollectionApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/DenyPoliciesCollectionApi.java index ad99a3b8a9..3b0d62d6ad 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/DenyPoliciesCollectionApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/DenyPoliciesCollectionApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -59,8 +59,6 @@ public void setApiClient(ApiClient apiClient) { /** * Build call for throttlingDenyPoliciesGet * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param query **Search condition**. You can search in attributes by using **\"conditionType:\"** modifier and **\"conditionValue:\"** modifier. Eg. The entry \"conditionType:API\" will result in a match with blocking conditions only if the conditionType is \"API\". Similarly, \"conditionValue:test/1.0.0\" will result in a match with blocking conditions only if the conditionValue is \"test/1.0.0\". When you use \"conditionType:API & conditionValue:test/1.0.0\" as a combination, it will result in a match with blocking conditions only if both the conditionType is \"API\" and the conditionValue is \"test/1.0.0\". If query attribute is provided, this returns the blocking conditions that match the specified attributes. Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) (optional) * @param _callback Callback for upload/download progress * @return Call to execute @@ -68,12 +66,11 @@ public void setApiClient(ApiClient apiClient) { * @http.response.details - - +
Status Code Description Response Headers
200 OK. Deny Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Deny Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingDenyPoliciesGetCall(String accept, String ifNoneMatch, String ifModifiedSince, String query, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingDenyPoliciesGetCall(String accept, String query, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -90,14 +87,6 @@ public okhttp3.Call throttlingDenyPoliciesGetCall(String accept, String ifNoneMa localVarHeaderParams.put("Accept", localVarApiClient.parameterToString(accept)); } - if (ifNoneMatch != null) { - localVarHeaderParams.put("If-None-Match", localVarApiClient.parameterToString(ifNoneMatch)); - } - - if (ifModifiedSince != null) { - localVarHeaderParams.put("If-Modified-Since", localVarApiClient.parameterToString(ifModifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -119,10 +108,10 @@ public okhttp3.Call throttlingDenyPoliciesGetCall(String accept, String ifNoneMa } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingDenyPoliciesGetValidateBeforeCall(String accept, String ifNoneMatch, String ifModifiedSince, String query, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingDenyPoliciesGetValidateBeforeCall(String accept, String query, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingDenyPoliciesGetCall(accept, ifNoneMatch, ifModifiedSince, query, _callback); + okhttp3.Call localVarCall = throttlingDenyPoliciesGetCall(accept, query, _callback); return localVarCall; } @@ -131,21 +120,18 @@ private okhttp3.Call throttlingDenyPoliciesGetValidateBeforeCall(String accept, * Get all Deny Policies * Retrieves all existing deny policies. * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param query **Search condition**. You can search in attributes by using **\"conditionType:\"** modifier and **\"conditionValue:\"** modifier. Eg. The entry \"conditionType:API\" will result in a match with blocking conditions only if the conditionType is \"API\". Similarly, \"conditionValue:test/1.0.0\" will result in a match with blocking conditions only if the conditionValue is \"test/1.0.0\". When you use \"conditionType:API & conditionValue:test/1.0.0\" as a combination, it will result in a match with blocking conditions only if both the conditionType is \"API\" and the conditionValue is \"test/1.0.0\". If query attribute is provided, this returns the blocking conditions that match the specified attributes. Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) (optional) * @return BlockingConditionListDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Deny Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Deny Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public BlockingConditionListDTO throttlingDenyPoliciesGet(String accept, String ifNoneMatch, String ifModifiedSince, String query) throws ApiException { - ApiResponse localVarResp = throttlingDenyPoliciesGetWithHttpInfo(accept, ifNoneMatch, ifModifiedSince, query); + public BlockingConditionListDTO throttlingDenyPoliciesGet(String accept, String query) throws ApiException { + ApiResponse localVarResp = throttlingDenyPoliciesGetWithHttpInfo(accept, query); return localVarResp.getData(); } @@ -153,21 +139,18 @@ public BlockingConditionListDTO throttlingDenyPoliciesGet(String accept, String * Get all Deny Policies * Retrieves all existing deny policies. * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param query **Search condition**. You can search in attributes by using **\"conditionType:\"** modifier and **\"conditionValue:\"** modifier. Eg. The entry \"conditionType:API\" will result in a match with blocking conditions only if the conditionType is \"API\". Similarly, \"conditionValue:test/1.0.0\" will result in a match with blocking conditions only if the conditionValue is \"test/1.0.0\". When you use \"conditionType:API & conditionValue:test/1.0.0\" as a combination, it will result in a match with blocking conditions only if both the conditionType is \"API\" and the conditionValue is \"test/1.0.0\". If query attribute is provided, this returns the blocking conditions that match the specified attributes. Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) (optional) * @return ApiResponse<BlockingConditionListDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Deny Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Deny Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public ApiResponse throttlingDenyPoliciesGetWithHttpInfo(String accept, String ifNoneMatch, String ifModifiedSince, String query) throws ApiException { - okhttp3.Call localVarCall = throttlingDenyPoliciesGetValidateBeforeCall(accept, ifNoneMatch, ifModifiedSince, query, null); + public ApiResponse throttlingDenyPoliciesGetWithHttpInfo(String accept, String query) throws ApiException { + okhttp3.Call localVarCall = throttlingDenyPoliciesGetValidateBeforeCall(accept, query, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -176,8 +159,6 @@ public ApiResponse throttlingDenyPoliciesGetWithHttpIn * Get all Deny Policies (asynchronously) * Retrieves all existing deny policies. * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param query **Search condition**. You can search in attributes by using **\"conditionType:\"** modifier and **\"conditionValue:\"** modifier. Eg. The entry \"conditionType:API\" will result in a match with blocking conditions only if the conditionType is \"API\". Similarly, \"conditionValue:test/1.0.0\" will result in a match with blocking conditions only if the conditionValue is \"test/1.0.0\". When you use \"conditionType:API & conditionValue:test/1.0.0\" as a combination, it will result in a match with blocking conditions only if both the conditionType is \"API\" and the conditionValue is \"test/1.0.0\". If query attribute is provided, this returns the blocking conditions that match the specified attributes. Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call @@ -185,14 +166,13 @@ public ApiResponse throttlingDenyPoliciesGetWithHttpIn * @http.response.details - - +
Status Code Description Response Headers
200 OK. Deny Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Deny Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingDenyPoliciesGetAsync(String accept, String ifNoneMatch, String ifModifiedSince, String query, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingDenyPoliciesGetAsync(String accept, String query, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingDenyPoliciesGetValidateBeforeCall(accept, ifNoneMatch, ifModifiedSince, query, _callback); + okhttp3.Call localVarCall = throttlingDenyPoliciesGetValidateBeforeCall(accept, query, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; @@ -207,7 +187,7 @@ public okhttp3.Call throttlingDenyPoliciesGetAsync(String accept, String ifNoneM * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created resource.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
@@ -274,7 +254,7 @@ private okhttp3.Call throttlingDenyPoliciesPostValidateBeforeCall(String content * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created resource.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
@@ -294,7 +274,7 @@ public BlockingConditionDTO throttlingDenyPoliciesPost(String contentType, Block * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created resource.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
@@ -316,7 +296,7 @@ public ApiResponse throttlingDenyPoliciesPostWithHttpInfo( * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created resource.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/DenyPolicyIndividualApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/DenyPolicyIndividualApi.java index eba61712aa..cc1c00d5b9 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/DenyPolicyIndividualApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/DenyPolicyIndividualApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -59,8 +59,6 @@ public void setApiClient(ApiClient apiClient) { /** * Build call for throttlingDenyPolicyConditionIdDelete * @param conditionId Blocking condition identifier (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object @@ -69,10 +67,9 @@ public void setApiClient(ApiClient apiClient) { Status Code Description Response Headers 200 OK. Resource successfully deleted. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public okhttp3.Call throttlingDenyPolicyConditionIdDeleteCall(String conditionId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingDenyPolicyConditionIdDeleteCall(String conditionId, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -82,14 +79,6 @@ public okhttp3.Call throttlingDenyPolicyConditionIdDeleteCall(String conditionId List localVarQueryParams = new ArrayList(); List localVarCollectionQueryParams = new ArrayList(); Map localVarHeaderParams = new HashMap(); - if (ifMatch != null) { - localVarHeaderParams.put("If-Match", localVarApiClient.parameterToString(ifMatch)); - } - - if (ifUnmodifiedSince != null) { - localVarHeaderParams.put("If-Unmodified-Since", localVarApiClient.parameterToString(ifUnmodifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -111,7 +100,7 @@ public okhttp3.Call throttlingDenyPolicyConditionIdDeleteCall(String conditionId } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingDenyPolicyConditionIdDeleteValidateBeforeCall(String conditionId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingDenyPolicyConditionIdDeleteValidateBeforeCall(String conditionId, final ApiCallback _callback) throws ApiException { // verify the required parameter 'conditionId' is set if (conditionId == null) { @@ -119,7 +108,7 @@ private okhttp3.Call throttlingDenyPolicyConditionIdDeleteValidateBeforeCall(Str } - okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdDeleteCall(conditionId, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdDeleteCall(conditionId, _callback); return localVarCall; } @@ -128,27 +117,22 @@ private okhttp3.Call throttlingDenyPolicyConditionIdDeleteValidateBeforeCall(Str * Delete a Deny Policy * Deletes an existing deny policy * @param conditionId Blocking condition identifier (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details -
Status Code Description Response Headers
200 OK. Resource successfully deleted. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public void throttlingDenyPolicyConditionIdDelete(String conditionId, String ifMatch, String ifUnmodifiedSince) throws ApiException { - throttlingDenyPolicyConditionIdDeleteWithHttpInfo(conditionId, ifMatch, ifUnmodifiedSince); + public void throttlingDenyPolicyConditionIdDelete(String conditionId) throws ApiException { + throttlingDenyPolicyConditionIdDeleteWithHttpInfo(conditionId); } /** * Delete a Deny Policy * Deletes an existing deny policy * @param conditionId Blocking condition identifier (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return ApiResponse<Void> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -156,11 +140,10 @@ public void throttlingDenyPolicyConditionIdDelete(String conditionId, String ifM Status Code Description Response Headers 200 OK. Resource successfully deleted. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public ApiResponse throttlingDenyPolicyConditionIdDeleteWithHttpInfo(String conditionId, String ifMatch, String ifUnmodifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdDeleteValidateBeforeCall(conditionId, ifMatch, ifUnmodifiedSince, null); + public ApiResponse throttlingDenyPolicyConditionIdDeleteWithHttpInfo(String conditionId) throws ApiException { + okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdDeleteValidateBeforeCall(conditionId, null); return localVarApiClient.execute(localVarCall); } @@ -168,8 +151,6 @@ public ApiResponse throttlingDenyPolicyConditionIdDeleteWithHttpInfo(Strin * Delete a Deny Policy (asynchronously) * Deletes an existing deny policy * @param conditionId Blocking condition identifier (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object @@ -178,33 +159,29 @@ public ApiResponse throttlingDenyPolicyConditionIdDeleteWithHttpInfo(Strin Status Code Description Response Headers 200 OK. Resource successfully deleted. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public okhttp3.Call throttlingDenyPolicyConditionIdDeleteAsync(String conditionId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingDenyPolicyConditionIdDeleteAsync(String conditionId, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdDeleteValidateBeforeCall(conditionId, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdDeleteValidateBeforeCall(conditionId, _callback); localVarApiClient.executeAsync(localVarCall, _callback); return localVarCall; } /** * Build call for throttlingDenyPolicyConditionIdGet * @param conditionId Blocking condition identifier (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Condition returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Condition returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingDenyPolicyConditionIdGetCall(String conditionId, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingDenyPolicyConditionIdGetCall(String conditionId, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -214,14 +191,6 @@ public okhttp3.Call throttlingDenyPolicyConditionIdGetCall(String conditionId, S List localVarQueryParams = new ArrayList(); List localVarCollectionQueryParams = new ArrayList(); Map localVarHeaderParams = new HashMap(); - if (ifNoneMatch != null) { - localVarHeaderParams.put("If-None-Match", localVarApiClient.parameterToString(ifNoneMatch)); - } - - if (ifModifiedSince != null) { - localVarHeaderParams.put("If-Modified-Since", localVarApiClient.parameterToString(ifModifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -243,7 +212,7 @@ public okhttp3.Call throttlingDenyPolicyConditionIdGetCall(String conditionId, S } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingDenyPolicyConditionIdGetValidateBeforeCall(String conditionId, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingDenyPolicyConditionIdGetValidateBeforeCall(String conditionId, final ApiCallback _callback) throws ApiException { // verify the required parameter 'conditionId' is set if (conditionId == null) { @@ -251,7 +220,7 @@ private okhttp3.Call throttlingDenyPolicyConditionIdGetValidateBeforeCall(String } - okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdGetCall(conditionId, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdGetCall(conditionId, _callback); return localVarCall; } @@ -260,21 +229,18 @@ private okhttp3.Call throttlingDenyPolicyConditionIdGetValidateBeforeCall(String * Get a Deny Policy * Retrieves a Deny policy providing the condition Id * @param conditionId Blocking condition identifier (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return BlockingConditionDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Condition returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Condition returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public BlockingConditionDTO throttlingDenyPolicyConditionIdGet(String conditionId, String ifNoneMatch, String ifModifiedSince) throws ApiException { - ApiResponse localVarResp = throttlingDenyPolicyConditionIdGetWithHttpInfo(conditionId, ifNoneMatch, ifModifiedSince); + public BlockingConditionDTO throttlingDenyPolicyConditionIdGet(String conditionId) throws ApiException { + ApiResponse localVarResp = throttlingDenyPolicyConditionIdGetWithHttpInfo(conditionId); return localVarResp.getData(); } @@ -282,21 +248,18 @@ public BlockingConditionDTO throttlingDenyPolicyConditionIdGet(String conditionI * Get a Deny Policy * Retrieves a Deny policy providing the condition Id * @param conditionId Blocking condition identifier (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return ApiResponse<BlockingConditionDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Condition returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Condition returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public ApiResponse throttlingDenyPolicyConditionIdGetWithHttpInfo(String conditionId, String ifNoneMatch, String ifModifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdGetValidateBeforeCall(conditionId, ifNoneMatch, ifModifiedSince, null); + public ApiResponse throttlingDenyPolicyConditionIdGetWithHttpInfo(String conditionId) throws ApiException { + okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdGetValidateBeforeCall(conditionId, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -305,23 +268,20 @@ public ApiResponse throttlingDenyPolicyConditionIdGetWithH * Get a Deny Policy (asynchronously) * Retrieves a Deny policy providing the condition Id * @param conditionId Blocking condition identifier (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Condition returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Condition returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingDenyPolicyConditionIdGetAsync(String conditionId, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingDenyPolicyConditionIdGetAsync(String conditionId, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdGetValidateBeforeCall(conditionId, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdGetValidateBeforeCall(conditionId, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; @@ -331,8 +291,6 @@ public okhttp3.Call throttlingDenyPolicyConditionIdGetAsync(String conditionId, * @param conditionId Blocking condition identifier (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param blockingConditionStatusDTO Blocking condition with updated status (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object @@ -344,7 +302,7 @@ public okhttp3.Call throttlingDenyPolicyConditionIdGetAsync(String conditionId, 404 Not Found. The specified resource does not exist. - */ - public okhttp3.Call throttlingDenyPolicyConditionIdPatchCall(String conditionId, String contentType, BlockingConditionStatusDTO blockingConditionStatusDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingDenyPolicyConditionIdPatchCall(String conditionId, String contentType, BlockingConditionStatusDTO blockingConditionStatusDTO, final ApiCallback _callback) throws ApiException { Object localVarPostBody = blockingConditionStatusDTO; // create path and map variables @@ -358,14 +316,6 @@ public okhttp3.Call throttlingDenyPolicyConditionIdPatchCall(String conditionId, localVarHeaderParams.put("Content-Type", localVarApiClient.parameterToString(contentType)); } - if (ifMatch != null) { - localVarHeaderParams.put("If-Match", localVarApiClient.parameterToString(ifMatch)); - } - - if (ifUnmodifiedSince != null) { - localVarHeaderParams.put("If-Unmodified-Since", localVarApiClient.parameterToString(ifUnmodifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -387,7 +337,7 @@ public okhttp3.Call throttlingDenyPolicyConditionIdPatchCall(String conditionId, } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingDenyPolicyConditionIdPatchValidateBeforeCall(String conditionId, String contentType, BlockingConditionStatusDTO blockingConditionStatusDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingDenyPolicyConditionIdPatchValidateBeforeCall(String conditionId, String contentType, BlockingConditionStatusDTO blockingConditionStatusDTO, final ApiCallback _callback) throws ApiException { // verify the required parameter 'conditionId' is set if (conditionId == null) { @@ -405,7 +355,7 @@ private okhttp3.Call throttlingDenyPolicyConditionIdPatchValidateBeforeCall(Stri } - okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdPatchCall(conditionId, contentType, blockingConditionStatusDTO, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdPatchCall(conditionId, contentType, blockingConditionStatusDTO, _callback); return localVarCall; } @@ -416,8 +366,6 @@ private okhttp3.Call throttlingDenyPolicyConditionIdPatchValidateBeforeCall(Stri * @param conditionId Blocking condition identifier (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param blockingConditionStatusDTO Blocking condition with updated status (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return BlockingConditionDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -428,8 +376,8 @@ private okhttp3.Call throttlingDenyPolicyConditionIdPatchValidateBeforeCall(Stri 404 Not Found. The specified resource does not exist. - */ - public BlockingConditionDTO throttlingDenyPolicyConditionIdPatch(String conditionId, String contentType, BlockingConditionStatusDTO blockingConditionStatusDTO, String ifMatch, String ifUnmodifiedSince) throws ApiException { - ApiResponse localVarResp = throttlingDenyPolicyConditionIdPatchWithHttpInfo(conditionId, contentType, blockingConditionStatusDTO, ifMatch, ifUnmodifiedSince); + public BlockingConditionDTO throttlingDenyPolicyConditionIdPatch(String conditionId, String contentType, BlockingConditionStatusDTO blockingConditionStatusDTO) throws ApiException { + ApiResponse localVarResp = throttlingDenyPolicyConditionIdPatchWithHttpInfo(conditionId, contentType, blockingConditionStatusDTO); return localVarResp.getData(); } @@ -439,8 +387,6 @@ public BlockingConditionDTO throttlingDenyPolicyConditionIdPatch(String conditio * @param conditionId Blocking condition identifier (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param blockingConditionStatusDTO Blocking condition with updated status (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return ApiResponse<BlockingConditionDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -451,8 +397,8 @@ public BlockingConditionDTO throttlingDenyPolicyConditionIdPatch(String conditio 404 Not Found. The specified resource does not exist. - */ - public ApiResponse throttlingDenyPolicyConditionIdPatchWithHttpInfo(String conditionId, String contentType, BlockingConditionStatusDTO blockingConditionStatusDTO, String ifMatch, String ifUnmodifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdPatchValidateBeforeCall(conditionId, contentType, blockingConditionStatusDTO, ifMatch, ifUnmodifiedSince, null); + public ApiResponse throttlingDenyPolicyConditionIdPatchWithHttpInfo(String conditionId, String contentType, BlockingConditionStatusDTO blockingConditionStatusDTO) throws ApiException { + okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdPatchValidateBeforeCall(conditionId, contentType, blockingConditionStatusDTO, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -463,8 +409,6 @@ public ApiResponse throttlingDenyPolicyConditionIdPatchWit * @param conditionId Blocking condition identifier (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param blockingConditionStatusDTO Blocking condition with updated status (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object @@ -476,9 +420,9 @@ public ApiResponse throttlingDenyPolicyConditionIdPatchWit 404 Not Found. The specified resource does not exist. - */ - public okhttp3.Call throttlingDenyPolicyConditionIdPatchAsync(String conditionId, String contentType, BlockingConditionStatusDTO blockingConditionStatusDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingDenyPolicyConditionIdPatchAsync(String conditionId, String contentType, BlockingConditionStatusDTO blockingConditionStatusDTO, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdPatchValidateBeforeCall(conditionId, contentType, blockingConditionStatusDTO, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingDenyPolicyConditionIdPatchValidateBeforeCall(conditionId, contentType, blockingConditionStatusDTO, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/EnvironmentApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/EnvironmentApi.java deleted file mode 100644 index e8f71ef419..0000000000 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/EnvironmentApi.java +++ /dev/null @@ -1,411 +0,0 @@ -/* - * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) - * - * The version of the OpenAPI document: v4 - * Contact: architecture@wso2.com - * - * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). - * https://openapi-generator.tech - * Do not edit the class manually. - */ - - -package org.wso2.am.integration.clients.admin.api; - -import org.wso2.am.integration.clients.admin.ApiCallback; -import org.wso2.am.integration.clients.admin.ApiClient; -import org.wso2.am.integration.clients.admin.ApiException; -import org.wso2.am.integration.clients.admin.ApiResponse; -import org.wso2.am.integration.clients.admin.Configuration; -import org.wso2.am.integration.clients.admin.Pair; -import org.wso2.am.integration.clients.admin.ProgressRequestBody; -import org.wso2.am.integration.clients.admin.ProgressResponseBody; - -import com.google.gson.reflect.TypeToken; - -import java.io.IOException; - - -import org.wso2.am.integration.clients.admin.api.dto.EnvironmentDTO; -import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; - -import java.lang.reflect.Type; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -public class EnvironmentApi { - private ApiClient localVarApiClient; - - public EnvironmentApi() { - this(Configuration.getDefaultApiClient()); - } - - public EnvironmentApi(ApiClient apiClient) { - this.localVarApiClient = apiClient; - } - - public ApiClient getApiClient() { - return localVarApiClient; - } - - public void setApiClient(ApiClient apiClient) { - this.localVarApiClient = apiClient; - } - - /** - * Build call for environmentsEnvironmentIdDelete - * @param environmentId Environment UUID (or Environment name defined in config) (required) - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - - -
Status Code Description Response Headers
200 OK. Environment successfully deleted. -
404 Not Found. The specified resource does not exist. -
- */ - public okhttp3.Call environmentsEnvironmentIdDeleteCall(String environmentId, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = null; - - // create path and map variables - String localVarPath = "/environments/{environmentId}" - .replaceAll("\\{" + "environmentId" + "\\}", localVarApiClient.escapeString(environmentId.toString())); - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - Map localVarHeaderParams = new HashMap(); - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - final String[] localVarAccepts = { - "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "DELETE", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call environmentsEnvironmentIdDeleteValidateBeforeCall(String environmentId, final ApiCallback _callback) throws ApiException { - - // verify the required parameter 'environmentId' is set - if (environmentId == null) { - throw new ApiException("Missing the required parameter 'environmentId' when calling environmentsEnvironmentIdDelete(Async)"); - } - - - okhttp3.Call localVarCall = environmentsEnvironmentIdDeleteCall(environmentId, _callback); - return localVarCall; - - } - - /** - * Delete an Environment - * Delete a Environment by Environment Id - * @param environmentId Environment UUID (or Environment name defined in config) (required) - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - -
Status Code Description Response Headers
200 OK. Environment successfully deleted. -
404 Not Found. The specified resource does not exist. -
- */ - public void environmentsEnvironmentIdDelete(String environmentId) throws ApiException { - environmentsEnvironmentIdDeleteWithHttpInfo(environmentId); - } - - /** - * Delete an Environment - * Delete a Environment by Environment Id - * @param environmentId Environment UUID (or Environment name defined in config) (required) - * @return ApiResponse<Void> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - -
Status Code Description Response Headers
200 OK. Environment successfully deleted. -
404 Not Found. The specified resource does not exist. -
- */ - public ApiResponse environmentsEnvironmentIdDeleteWithHttpInfo(String environmentId) throws ApiException { - okhttp3.Call localVarCall = environmentsEnvironmentIdDeleteValidateBeforeCall(environmentId, null); - return localVarApiClient.execute(localVarCall); - } - - /** - * Delete an Environment (asynchronously) - * Delete a Environment by Environment Id - * @param environmentId Environment UUID (or Environment name defined in config) (required) - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - - -
Status Code Description Response Headers
200 OK. Environment successfully deleted. -
404 Not Found. The specified resource does not exist. -
- */ - public okhttp3.Call environmentsEnvironmentIdDeleteAsync(String environmentId, final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = environmentsEnvironmentIdDeleteValidateBeforeCall(environmentId, _callback); - localVarApiClient.executeAsync(localVarCall, _callback); - return localVarCall; - } - /** - * Build call for environmentsEnvironmentIdPut - * @param environmentId Environment UUID (or Environment name defined in config) (required) - * @param environmentDTO Environment object with updated information (required) - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - - - -
Status Code Description Response Headers
200 OK. Environment updated. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
- */ - public okhttp3.Call environmentsEnvironmentIdPutCall(String environmentId, EnvironmentDTO environmentDTO, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = environmentDTO; - - // create path and map variables - String localVarPath = "/environments/{environmentId}" - .replaceAll("\\{" + "environmentId" + "\\}", localVarApiClient.escapeString(environmentId.toString())); - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - Map localVarHeaderParams = new HashMap(); - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - final String[] localVarAccepts = { - "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - "application/json" - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "PUT", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call environmentsEnvironmentIdPutValidateBeforeCall(String environmentId, EnvironmentDTO environmentDTO, final ApiCallback _callback) throws ApiException { - - // verify the required parameter 'environmentId' is set - if (environmentId == null) { - throw new ApiException("Missing the required parameter 'environmentId' when calling environmentsEnvironmentIdPut(Async)"); - } - - // verify the required parameter 'environmentDTO' is set - if (environmentDTO == null) { - throw new ApiException("Missing the required parameter 'environmentDTO' when calling environmentsEnvironmentIdPut(Async)"); - } - - - okhttp3.Call localVarCall = environmentsEnvironmentIdPutCall(environmentId, environmentDTO, _callback); - return localVarCall; - - } - - /** - * Update an Environment - * Update a gateway Environment by environment Id - * @param environmentId Environment UUID (or Environment name defined in config) (required) - * @param environmentDTO Environment object with updated information (required) - * @return EnvironmentDTO - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - -
Status Code Description Response Headers
200 OK. Environment updated. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
- */ - public EnvironmentDTO environmentsEnvironmentIdPut(String environmentId, EnvironmentDTO environmentDTO) throws ApiException { - ApiResponse localVarResp = environmentsEnvironmentIdPutWithHttpInfo(environmentId, environmentDTO); - return localVarResp.getData(); - } - - /** - * Update an Environment - * Update a gateway Environment by environment Id - * @param environmentId Environment UUID (or Environment name defined in config) (required) - * @param environmentDTO Environment object with updated information (required) - * @return ApiResponse<EnvironmentDTO> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - -
Status Code Description Response Headers
200 OK. Environment updated. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
- */ - public ApiResponse environmentsEnvironmentIdPutWithHttpInfo(String environmentId, EnvironmentDTO environmentDTO) throws ApiException { - okhttp3.Call localVarCall = environmentsEnvironmentIdPutValidateBeforeCall(environmentId, environmentDTO, null); - Type localVarReturnType = new TypeToken(){}.getType(); - return localVarApiClient.execute(localVarCall, localVarReturnType); - } - - /** - * Update an Environment (asynchronously) - * Update a gateway Environment by environment Id - * @param environmentId Environment UUID (or Environment name defined in config) (required) - * @param environmentDTO Environment object with updated information (required) - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - - - -
Status Code Description Response Headers
200 OK. Environment updated. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
- */ - public okhttp3.Call environmentsEnvironmentIdPutAsync(String environmentId, EnvironmentDTO environmentDTO, final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = environmentsEnvironmentIdPutValidateBeforeCall(environmentId, environmentDTO, _callback); - Type localVarReturnType = new TypeToken(){}.getType(); - localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); - return localVarCall; - } - /** - * Build call for environmentsPost - * @param environmentDTO Environment object that should to be added (required) - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - - -
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. -
400 Bad Request. Invalid request or validation error. -
- */ - public okhttp3.Call environmentsPostCall(EnvironmentDTO environmentDTO, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = environmentDTO; - - // create path and map variables - String localVarPath = "/environments"; - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - Map localVarHeaderParams = new HashMap(); - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - final String[] localVarAccepts = { - "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - "application/json" - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call environmentsPostValidateBeforeCall(EnvironmentDTO environmentDTO, final ApiCallback _callback) throws ApiException { - - // verify the required parameter 'environmentDTO' is set - if (environmentDTO == null) { - throw new ApiException("Missing the required parameter 'environmentDTO' when calling environmentsPost(Async)"); - } - - - okhttp3.Call localVarCall = environmentsPostCall(environmentDTO, _callback); - return localVarCall; - - } - - /** - * Add an Environment - * Add a new geteway environment - * @param environmentDTO Environment object that should to be added (required) - * @return EnvironmentDTO - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - -
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. -
400 Bad Request. Invalid request or validation error. -
- */ - public EnvironmentDTO environmentsPost(EnvironmentDTO environmentDTO) throws ApiException { - ApiResponse localVarResp = environmentsPostWithHttpInfo(environmentDTO); - return localVarResp.getData(); - } - - /** - * Add an Environment - * Add a new geteway environment - * @param environmentDTO Environment object that should to be added (required) - * @return ApiResponse<EnvironmentDTO> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - -
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. -
400 Bad Request. Invalid request or validation error. -
- */ - public ApiResponse environmentsPostWithHttpInfo(EnvironmentDTO environmentDTO) throws ApiException { - okhttp3.Call localVarCall = environmentsPostValidateBeforeCall(environmentDTO, null); - Type localVarReturnType = new TypeToken(){}.getType(); - return localVarApiClient.execute(localVarCall, localVarReturnType); - } - - /** - * Add an Environment (asynchronously) - * Add a new geteway environment - * @param environmentDTO Environment object that should to be added (required) - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - - -
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. -
400 Bad Request. Invalid request or validation error. -
- */ - public okhttp3.Call environmentsPostAsync(EnvironmentDTO environmentDTO, final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = environmentsPostValidateBeforeCall(environmentDTO, _callback); - Type localVarReturnType = new TypeToken(){}.getType(); - localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); - return localVarCall; - } -} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/EnvironmentCollectionApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/EnvironmentCollectionApi.java deleted file mode 100644 index d894d386d7..0000000000 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/EnvironmentCollectionApi.java +++ /dev/null @@ -1,158 +0,0 @@ -/* - * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) - * - * The version of the OpenAPI document: v4 - * Contact: architecture@wso2.com - * - * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). - * https://openapi-generator.tech - * Do not edit the class manually. - */ - - -package org.wso2.am.integration.clients.admin.api; - -import org.wso2.am.integration.clients.admin.ApiCallback; -import org.wso2.am.integration.clients.admin.ApiClient; -import org.wso2.am.integration.clients.admin.ApiException; -import org.wso2.am.integration.clients.admin.ApiResponse; -import org.wso2.am.integration.clients.admin.Configuration; -import org.wso2.am.integration.clients.admin.Pair; -import org.wso2.am.integration.clients.admin.ProgressRequestBody; -import org.wso2.am.integration.clients.admin.ProgressResponseBody; - -import com.google.gson.reflect.TypeToken; - -import java.io.IOException; - - -import org.wso2.am.integration.clients.admin.api.dto.EnvironmentListDTO; - -import java.lang.reflect.Type; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -public class EnvironmentCollectionApi { - private ApiClient localVarApiClient; - - public EnvironmentCollectionApi() { - this(Configuration.getDefaultApiClient()); - } - - public EnvironmentCollectionApi(ApiClient apiClient) { - this.localVarApiClient = apiClient; - } - - public ApiClient getApiClient() { - return localVarApiClient; - } - - public void setApiClient(ApiClient apiClient) { - this.localVarApiClient = apiClient; - } - - /** - * Build call for environmentsGet - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - -
Status Code Description Response Headers
200 OK. Environments returned -
- */ - public okhttp3.Call environmentsGetCall(final ApiCallback _callback) throws ApiException { - Object localVarPostBody = null; - - // create path and map variables - String localVarPath = "/environments"; - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - Map localVarHeaderParams = new HashMap(); - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - final String[] localVarAccepts = { - "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call environmentsGetValidateBeforeCall(final ApiCallback _callback) throws ApiException { - - - okhttp3.Call localVarCall = environmentsGetCall(_callback); - return localVarCall; - - } - - /** - * Get all registered Environments - * Get all Registered Environments - * @return EnvironmentListDTO - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - -
Status Code Description Response Headers
200 OK. Environments returned -
- */ - public EnvironmentListDTO environmentsGet() throws ApiException { - ApiResponse localVarResp = environmentsGetWithHttpInfo(); - return localVarResp.getData(); - } - - /** - * Get all registered Environments - * Get all Registered Environments - * @return ApiResponse<EnvironmentListDTO> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - -
Status Code Description Response Headers
200 OK. Environments returned -
- */ - public ApiResponse environmentsGetWithHttpInfo() throws ApiException { - okhttp3.Call localVarCall = environmentsGetValidateBeforeCall(null); - Type localVarReturnType = new TypeToken(){}.getType(); - return localVarApiClient.execute(localVarCall, localVarReturnType); - } - - /** - * Get all registered Environments (asynchronously) - * Get all Registered Environments - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - -
Status Code Description Response Headers
200 OK. Environments returned -
- */ - public okhttp3.Call environmentsGetAsync(final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = environmentsGetValidateBeforeCall(_callback); - Type localVarReturnType = new TypeToken(){}.getType(); - localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); - return localVarCall; - } -} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/EnvironmentsApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/EnvironmentsApi.java index 9651f94bfe..5a1b3584c3 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/EnvironmentsApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/EnvironmentsApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -27,6 +27,8 @@ import java.io.IOException; +import org.wso2.am.integration.clients.admin.api.dto.EnvironmentDTO; +import org.wso2.am.integration.clients.admin.api.dto.EnvironmentListDTO; import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; import org.wso2.am.integration.clients.admin.api.dto.GatewayInstanceListDTO; @@ -55,9 +57,120 @@ public void setApiClient(ApiClient apiClient) { this.localVarApiClient = apiClient; } + /** + * Build call for environmentsEnvironmentIdDelete + * @param environmentId Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + +
Status Code Description Response Headers
200 OK. Environment successfully deleted. -
404 Not Found. The specified resource does not exist. -
+ */ + public okhttp3.Call environmentsEnvironmentIdDeleteCall(String environmentId, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/environments/{environmentId}" + .replaceAll("\\{" + "environmentId" + "\\}", localVarApiClient.escapeString(environmentId.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "DELETE", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call environmentsEnvironmentIdDeleteValidateBeforeCall(String environmentId, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'environmentId' is set + if (environmentId == null) { + throw new ApiException("Missing the required parameter 'environmentId' when calling environmentsEnvironmentIdDelete(Async)"); + } + + + okhttp3.Call localVarCall = environmentsEnvironmentIdDeleteCall(environmentId, _callback); + return localVarCall; + + } + + /** + * Delete an Environment + * Delete a Environment by Environment Id + * @param environmentId Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded (required) + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + +
Status Code Description Response Headers
200 OK. Environment successfully deleted. -
404 Not Found. The specified resource does not exist. -
+ */ + public void environmentsEnvironmentIdDelete(String environmentId) throws ApiException { + environmentsEnvironmentIdDeleteWithHttpInfo(environmentId); + } + + /** + * Delete an Environment + * Delete a Environment by Environment Id + * @param environmentId Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded (required) + * @return ApiResponse<Void> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + +
Status Code Description Response Headers
200 OK. Environment successfully deleted. -
404 Not Found. The specified resource does not exist. -
+ */ + public ApiResponse environmentsEnvironmentIdDeleteWithHttpInfo(String environmentId) throws ApiException { + okhttp3.Call localVarCall = environmentsEnvironmentIdDeleteValidateBeforeCall(environmentId, null); + return localVarApiClient.execute(localVarCall); + } + + /** + * Delete an Environment (asynchronously) + * Delete a Environment by Environment Id + * @param environmentId Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + +
Status Code Description Response Headers
200 OK. Environment successfully deleted. -
404 Not Found. The specified resource does not exist. -
+ */ + public okhttp3.Call environmentsEnvironmentIdDeleteAsync(String environmentId, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = environmentsEnvironmentIdDeleteValidateBeforeCall(environmentId, _callback); + localVarApiClient.executeAsync(localVarCall, _callback); + return localVarCall; + } /** * Build call for environmentsEnvironmentIdGatewaysGet - * @param environmentId Environment UUID (or Environment name defined in config) (required) + * @param environmentId Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded (required) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object @@ -117,7 +230,7 @@ private okhttp3.Call environmentsEnvironmentIdGatewaysGetValidateBeforeCall(Stri /** * Get Gateway Instances in a Gateway Environment * Retrieve list of gateway Instances in the gateway environment. - * @param environmentId Environment UUID (or Environment name defined in config) (required) + * @param environmentId Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded (required) * @return GatewayInstanceListDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -137,7 +250,7 @@ public GatewayInstanceListDTO environmentsEnvironmentIdGatewaysGet(String enviro /** * Get Gateway Instances in a Gateway Environment * Retrieve list of gateway Instances in the gateway environment. - * @param environmentId Environment UUID (or Environment name defined in config) (required) + * @param environmentId Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded (required) * @return ApiResponse<GatewayInstanceListDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -158,7 +271,7 @@ public ApiResponse environmentsEnvironmentIdGatewaysGetW /** * Get Gateway Instances in a Gateway Environment (asynchronously) * Retrieve list of gateway Instances in the gateway environment. - * @param environmentId Environment UUID (or Environment name defined in config) (required) + * @param environmentId Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded (required) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object @@ -178,4 +291,466 @@ public okhttp3.Call environmentsEnvironmentIdGatewaysGetAsync(String environment localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; } + /** + * Build call for environmentsEnvironmentIdGet + * @param environmentId Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Gateway Environment Configuration returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public okhttp3.Call environmentsEnvironmentIdGetCall(String environmentId, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/environments/{environmentId}" + .replaceAll("\\{" + "environmentId" + "\\}", localVarApiClient.escapeString(environmentId.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call environmentsEnvironmentIdGetValidateBeforeCall(String environmentId, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'environmentId' is set + if (environmentId == null) { + throw new ApiException("Missing the required parameter 'environmentId' when calling environmentsEnvironmentIdGet(Async)"); + } + + + okhttp3.Call localVarCall = environmentsEnvironmentIdGetCall(environmentId, _callback); + return localVarCall; + + } + + /** + * Get a Gateway Environment Configuration + * Retrieve a single Gateway Environment Configuration. We should provide the Id of the Environment as a path parameter. + * @param environmentId Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded (required) + * @return EnvironmentDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Gateway Environment Configuration returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public EnvironmentDTO environmentsEnvironmentIdGet(String environmentId) throws ApiException { + ApiResponse localVarResp = environmentsEnvironmentIdGetWithHttpInfo(environmentId); + return localVarResp.getData(); + } + + /** + * Get a Gateway Environment Configuration + * Retrieve a single Gateway Environment Configuration. We should provide the Id of the Environment as a path parameter. + * @param environmentId Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded (required) + * @return ApiResponse<EnvironmentDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Gateway Environment Configuration returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public ApiResponse environmentsEnvironmentIdGetWithHttpInfo(String environmentId) throws ApiException { + okhttp3.Call localVarCall = environmentsEnvironmentIdGetValidateBeforeCall(environmentId, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Get a Gateway Environment Configuration (asynchronously) + * Retrieve a single Gateway Environment Configuration. We should provide the Id of the Environment as a path parameter. + * @param environmentId Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Gateway Environment Configuration returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public okhttp3.Call environmentsEnvironmentIdGetAsync(String environmentId, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = environmentsEnvironmentIdGetValidateBeforeCall(environmentId, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } + /** + * Build call for environmentsEnvironmentIdPut + * @param environmentId Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded (required) + * @param environmentDTO Environment object with updated information (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Environment updated. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public okhttp3.Call environmentsEnvironmentIdPutCall(String environmentId, EnvironmentDTO environmentDTO, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = environmentDTO; + + // create path and map variables + String localVarPath = "/environments/{environmentId}" + .replaceAll("\\{" + "environmentId" + "\\}", localVarApiClient.escapeString(environmentId.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + "application/json" + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "PUT", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call environmentsEnvironmentIdPutValidateBeforeCall(String environmentId, EnvironmentDTO environmentDTO, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'environmentId' is set + if (environmentId == null) { + throw new ApiException("Missing the required parameter 'environmentId' when calling environmentsEnvironmentIdPut(Async)"); + } + + // verify the required parameter 'environmentDTO' is set + if (environmentDTO == null) { + throw new ApiException("Missing the required parameter 'environmentDTO' when calling environmentsEnvironmentIdPut(Async)"); + } + + + okhttp3.Call localVarCall = environmentsEnvironmentIdPutCall(environmentId, environmentDTO, _callback); + return localVarCall; + + } + + /** + * Update an Environment + * Update a gateway Environment by environment Id + * @param environmentId Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded (required) + * @param environmentDTO Environment object with updated information (required) + * @return EnvironmentDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Environment updated. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public EnvironmentDTO environmentsEnvironmentIdPut(String environmentId, EnvironmentDTO environmentDTO) throws ApiException { + ApiResponse localVarResp = environmentsEnvironmentIdPutWithHttpInfo(environmentId, environmentDTO); + return localVarResp.getData(); + } + + /** + * Update an Environment + * Update a gateway Environment by environment Id + * @param environmentId Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded (required) + * @param environmentDTO Environment object with updated information (required) + * @return ApiResponse<EnvironmentDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Environment updated. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public ApiResponse environmentsEnvironmentIdPutWithHttpInfo(String environmentId, EnvironmentDTO environmentDTO) throws ApiException { + okhttp3.Call localVarCall = environmentsEnvironmentIdPutValidateBeforeCall(environmentId, environmentDTO, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Update an Environment (asynchronously) + * Update a gateway Environment by environment Id + * @param environmentId Environment UUID (or Environment name defined in config), in case the ID contains special characters it should be base64 encoded (required) + * @param environmentDTO Environment object with updated information (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Environment updated. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public okhttp3.Call environmentsEnvironmentIdPutAsync(String environmentId, EnvironmentDTO environmentDTO, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = environmentsEnvironmentIdPutValidateBeforeCall(environmentId, environmentDTO, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } + /** + * Build call for environmentsGet + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + +
Status Code Description Response Headers
200 OK. Environments returned -
+ */ + public okhttp3.Call environmentsGetCall(final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/environments"; + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call environmentsGetValidateBeforeCall(final ApiCallback _callback) throws ApiException { + + + okhttp3.Call localVarCall = environmentsGetCall(_callback); + return localVarCall; + + } + + /** + * Get all registered Environments + * Get all Registered Environments + * @return EnvironmentListDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + +
Status Code Description Response Headers
200 OK. Environments returned -
+ */ + public EnvironmentListDTO environmentsGet() throws ApiException { + ApiResponse localVarResp = environmentsGetWithHttpInfo(); + return localVarResp.getData(); + } + + /** + * Get all registered Environments + * Get all Registered Environments + * @return ApiResponse<EnvironmentListDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + +
Status Code Description Response Headers
200 OK. Environments returned -
+ */ + public ApiResponse environmentsGetWithHttpInfo() throws ApiException { + okhttp3.Call localVarCall = environmentsGetValidateBeforeCall(null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Get all registered Environments (asynchronously) + * Get all Registered Environments + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + +
Status Code Description Response Headers
200 OK. Environments returned -
+ */ + public okhttp3.Call environmentsGetAsync(final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = environmentsGetValidateBeforeCall(_callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } + /** + * Build call for environmentsPost + * @param environmentDTO Environment object that should to be added (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + +
Status Code Description Response Headers
201 Created. Successful response with the newly created environment as entity in the body. -
400 Bad Request. Invalid request or validation error. -
+ */ + public okhttp3.Call environmentsPostCall(EnvironmentDTO environmentDTO, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = environmentDTO; + + // create path and map variables + String localVarPath = "/environments"; + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + "application/json" + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call environmentsPostValidateBeforeCall(EnvironmentDTO environmentDTO, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'environmentDTO' is set + if (environmentDTO == null) { + throw new ApiException("Missing the required parameter 'environmentDTO' when calling environmentsPost(Async)"); + } + + + okhttp3.Call localVarCall = environmentsPostCall(environmentDTO, _callback); + return localVarCall; + + } + + /** + * Add an Environment + * Add a new gateway environment + * @param environmentDTO Environment object that should to be added (required) + * @return EnvironmentDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + +
Status Code Description Response Headers
201 Created. Successful response with the newly created environment as entity in the body. -
400 Bad Request. Invalid request or validation error. -
+ */ + public EnvironmentDTO environmentsPost(EnvironmentDTO environmentDTO) throws ApiException { + ApiResponse localVarResp = environmentsPostWithHttpInfo(environmentDTO); + return localVarResp.getData(); + } + + /** + * Add an Environment + * Add a new gateway environment + * @param environmentDTO Environment object that should to be added (required) + * @return ApiResponse<EnvironmentDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + +
Status Code Description Response Headers
201 Created. Successful response with the newly created environment as entity in the body. -
400 Bad Request. Invalid request or validation error. -
+ */ + public ApiResponse environmentsPostWithHttpInfo(EnvironmentDTO environmentDTO) throws ApiException { + okhttp3.Call localVarCall = environmentsPostValidateBeforeCall(environmentDTO, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Add an Environment (asynchronously) + * Add a new gateway environment + * @param environmentDTO Environment object that should to be added (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + +
Status Code Description Response Headers
201 Created. Successful response with the newly created environment as entity in the body. -
400 Bad Request. Invalid request or validation error. -
+ */ + public okhttp3.Call environmentsPostAsync(EnvironmentDTO environmentDTO, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = environmentsPostValidateBeforeCall(environmentDTO, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/GlobalKeyManagerCollectionApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/GlobalKeyManagerCollectionApi.java new file mode 100644 index 0000000000..0480795ad3 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/GlobalKeyManagerCollectionApi.java @@ -0,0 +1,274 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api; + +import org.wso2.am.integration.clients.admin.ApiCallback; +import org.wso2.am.integration.clients.admin.ApiClient; +import org.wso2.am.integration.clients.admin.ApiException; +import org.wso2.am.integration.clients.admin.ApiResponse; +import org.wso2.am.integration.clients.admin.Configuration; +import org.wso2.am.integration.clients.admin.Pair; +import org.wso2.am.integration.clients.admin.ProgressRequestBody; +import org.wso2.am.integration.clients.admin.ProgressResponseBody; + +import com.google.gson.reflect.TypeToken; + +import java.io.IOException; + + +import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; +import org.wso2.am.integration.clients.admin.api.dto.KeyManagerDTO; +import org.wso2.am.integration.clients.admin.api.dto.KeyManagerListDTO; + +import java.lang.reflect.Type; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class GlobalKeyManagerCollectionApi { + private ApiClient localVarApiClient; + + public GlobalKeyManagerCollectionApi() { + this(Configuration.getDefaultApiClient()); + } + + public GlobalKeyManagerCollectionApi(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + public ApiClient getApiClient() { + return localVarApiClient; + } + + public void setApiClient(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + /** + * Build call for globalKeyManagersGet + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + +
Status Code Description Response Headers
200 OK. KeyManagers returned -
+ */ + public okhttp3.Call globalKeyManagersGetCall(final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/global-key-managers"; + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call globalKeyManagersGetValidateBeforeCall(final ApiCallback _callback) throws ApiException { + + + okhttp3.Call localVarCall = globalKeyManagersGetCall(_callback); + return localVarCall; + + } + + /** + * Get all Global Key managers + * Get all Global Key managers + * @return KeyManagerListDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + +
Status Code Description Response Headers
200 OK. KeyManagers returned -
+ */ + public KeyManagerListDTO globalKeyManagersGet() throws ApiException { + ApiResponse localVarResp = globalKeyManagersGetWithHttpInfo(); + return localVarResp.getData(); + } + + /** + * Get all Global Key managers + * Get all Global Key managers + * @return ApiResponse<KeyManagerListDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + +
Status Code Description Response Headers
200 OK. KeyManagers returned -
+ */ + public ApiResponse globalKeyManagersGetWithHttpInfo() throws ApiException { + okhttp3.Call localVarCall = globalKeyManagersGetValidateBeforeCall(null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Get all Global Key managers (asynchronously) + * Get all Global Key managers + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + +
Status Code Description Response Headers
200 OK. KeyManagers returned -
+ */ + public okhttp3.Call globalKeyManagersGetAsync(final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = globalKeyManagersGetValidateBeforeCall(_callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } + /** + * Build call for globalKeyManagersPost + * @param keyManagerDTO Key Manager object that should to be added (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. -
400 Bad Request. Invalid request or validation error. -
+ */ + public okhttp3.Call globalKeyManagersPostCall(KeyManagerDTO keyManagerDTO, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = keyManagerDTO; + + // create path and map variables + String localVarPath = "/global-key-managers"; + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + "application/json" + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call globalKeyManagersPostValidateBeforeCall(KeyManagerDTO keyManagerDTO, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'keyManagerDTO' is set + if (keyManagerDTO == null) { + throw new ApiException("Missing the required parameter 'keyManagerDTO' when calling globalKeyManagersPost(Async)"); + } + + + okhttp3.Call localVarCall = globalKeyManagersPostCall(keyManagerDTO, _callback); + return localVarCall; + + } + + /** + * Add a new Global Key Manager + * Add a new Global Key Manager + * @param keyManagerDTO Key Manager object that should to be added (required) + * @return KeyManagerDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. -
400 Bad Request. Invalid request or validation error. -
+ */ + public KeyManagerDTO globalKeyManagersPost(KeyManagerDTO keyManagerDTO) throws ApiException { + ApiResponse localVarResp = globalKeyManagersPostWithHttpInfo(keyManagerDTO); + return localVarResp.getData(); + } + + /** + * Add a new Global Key Manager + * Add a new Global Key Manager + * @param keyManagerDTO Key Manager object that should to be added (required) + * @return ApiResponse<KeyManagerDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. -
400 Bad Request. Invalid request or validation error. -
+ */ + public ApiResponse globalKeyManagersPostWithHttpInfo(KeyManagerDTO keyManagerDTO) throws ApiException { + okhttp3.Call localVarCall = globalKeyManagersPostValidateBeforeCall(keyManagerDTO, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Add a new Global Key Manager (asynchronously) + * Add a new Global Key Manager + * @param keyManagerDTO Key Manager object that should to be added (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. -
400 Bad Request. Invalid request or validation error. -
+ */ + public okhttp3.Call globalKeyManagersPostAsync(KeyManagerDTO keyManagerDTO, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = globalKeyManagersPostValidateBeforeCall(keyManagerDTO, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } +} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/GlobalKeyManagerIndividualApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/GlobalKeyManagerIndividualApi.java new file mode 100644 index 0000000000..ec133c0ce1 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/GlobalKeyManagerIndividualApi.java @@ -0,0 +1,416 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api; + +import org.wso2.am.integration.clients.admin.ApiCallback; +import org.wso2.am.integration.clients.admin.ApiClient; +import org.wso2.am.integration.clients.admin.ApiException; +import org.wso2.am.integration.clients.admin.ApiResponse; +import org.wso2.am.integration.clients.admin.Configuration; +import org.wso2.am.integration.clients.admin.Pair; +import org.wso2.am.integration.clients.admin.ProgressRequestBody; +import org.wso2.am.integration.clients.admin.ProgressResponseBody; + +import com.google.gson.reflect.TypeToken; + +import java.io.IOException; + + +import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; +import org.wso2.am.integration.clients.admin.api.dto.KeyManagerDTO; + +import java.lang.reflect.Type; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class GlobalKeyManagerIndividualApi { + private ApiClient localVarApiClient; + + public GlobalKeyManagerIndividualApi() { + this(Configuration.getDefaultApiClient()); + } + + public GlobalKeyManagerIndividualApi(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + public ApiClient getApiClient() { + return localVarApiClient; + } + + public void setApiClient(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + /** + * Build call for globalKeyManagersKeyManagerIdDelete + * @param keyManagerId Key Manager UUID (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + +
Status Code Description Response Headers
200 OK. Key Manager successfully deleted. -
404 Not Found. The specified resource does not exist. -
+ */ + public okhttp3.Call globalKeyManagersKeyManagerIdDeleteCall(String keyManagerId, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/global-key-managers/{keyManagerId}" + .replaceAll("\\{" + "keyManagerId" + "\\}", localVarApiClient.escapeString(keyManagerId.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "DELETE", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call globalKeyManagersKeyManagerIdDeleteValidateBeforeCall(String keyManagerId, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'keyManagerId' is set + if (keyManagerId == null) { + throw new ApiException("Missing the required parameter 'keyManagerId' when calling globalKeyManagersKeyManagerIdDelete(Async)"); + } + + + okhttp3.Call localVarCall = globalKeyManagersKeyManagerIdDeleteCall(keyManagerId, _callback); + return localVarCall; + + } + + /** + * Delete a Global Key Manager + * Delete a Global Key Manager by keyManager id + * @param keyManagerId Key Manager UUID (required) + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + +
Status Code Description Response Headers
200 OK. Key Manager successfully deleted. -
404 Not Found. The specified resource does not exist. -
+ */ + public void globalKeyManagersKeyManagerIdDelete(String keyManagerId) throws ApiException { + globalKeyManagersKeyManagerIdDeleteWithHttpInfo(keyManagerId); + } + + /** + * Delete a Global Key Manager + * Delete a Global Key Manager by keyManager id + * @param keyManagerId Key Manager UUID (required) + * @return ApiResponse<Void> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + +
Status Code Description Response Headers
200 OK. Key Manager successfully deleted. -
404 Not Found. The specified resource does not exist. -
+ */ + public ApiResponse globalKeyManagersKeyManagerIdDeleteWithHttpInfo(String keyManagerId) throws ApiException { + okhttp3.Call localVarCall = globalKeyManagersKeyManagerIdDeleteValidateBeforeCall(keyManagerId, null); + return localVarApiClient.execute(localVarCall); + } + + /** + * Delete a Global Key Manager (asynchronously) + * Delete a Global Key Manager by keyManager id + * @param keyManagerId Key Manager UUID (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + +
Status Code Description Response Headers
200 OK. Key Manager successfully deleted. -
404 Not Found. The specified resource does not exist. -
+ */ + public okhttp3.Call globalKeyManagersKeyManagerIdDeleteAsync(String keyManagerId, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = globalKeyManagersKeyManagerIdDeleteValidateBeforeCall(keyManagerId, _callback); + localVarApiClient.executeAsync(localVarCall, _callback); + return localVarCall; + } + /** + * Build call for globalKeyManagersKeyManagerIdGet + * @param keyManagerId Key Manager UUID (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. KeyManager Configuration returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public okhttp3.Call globalKeyManagersKeyManagerIdGetCall(String keyManagerId, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/global-key-managers/{keyManagerId}" + .replaceAll("\\{" + "keyManagerId" + "\\}", localVarApiClient.escapeString(keyManagerId.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call globalKeyManagersKeyManagerIdGetValidateBeforeCall(String keyManagerId, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'keyManagerId' is set + if (keyManagerId == null) { + throw new ApiException("Missing the required parameter 'keyManagerId' when calling globalKeyManagersKeyManagerIdGet(Async)"); + } + + + okhttp3.Call localVarCall = globalKeyManagersKeyManagerIdGetCall(keyManagerId, _callback); + return localVarCall; + + } + + /** + * Get a Global Key Manager Configuration + * Retrieve a single Global Key Manager Configuration. We should provide the Id of the KeyManager as a path parameter. + * @param keyManagerId Key Manager UUID (required) + * @return KeyManagerDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. KeyManager Configuration returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public KeyManagerDTO globalKeyManagersKeyManagerIdGet(String keyManagerId) throws ApiException { + ApiResponse localVarResp = globalKeyManagersKeyManagerIdGetWithHttpInfo(keyManagerId); + return localVarResp.getData(); + } + + /** + * Get a Global Key Manager Configuration + * Retrieve a single Global Key Manager Configuration. We should provide the Id of the KeyManager as a path parameter. + * @param keyManagerId Key Manager UUID (required) + * @return ApiResponse<KeyManagerDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. KeyManager Configuration returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public ApiResponse globalKeyManagersKeyManagerIdGetWithHttpInfo(String keyManagerId) throws ApiException { + okhttp3.Call localVarCall = globalKeyManagersKeyManagerIdGetValidateBeforeCall(keyManagerId, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Get a Global Key Manager Configuration (asynchronously) + * Retrieve a single Global Key Manager Configuration. We should provide the Id of the KeyManager as a path parameter. + * @param keyManagerId Key Manager UUID (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. KeyManager Configuration returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public okhttp3.Call globalKeyManagersKeyManagerIdGetAsync(String keyManagerId, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = globalKeyManagersKeyManagerIdGetValidateBeforeCall(keyManagerId, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } + /** + * Build call for globalKeyManagersKeyManagerIdPut + * @param keyManagerId Key Manager UUID (required) + * @param keyManagerDTO Key Manager object with updated information (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Label updated. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public okhttp3.Call globalKeyManagersKeyManagerIdPutCall(String keyManagerId, KeyManagerDTO keyManagerDTO, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = keyManagerDTO; + + // create path and map variables + String localVarPath = "/global-key-managers/{keyManagerId}" + .replaceAll("\\{" + "keyManagerId" + "\\}", localVarApiClient.escapeString(keyManagerId.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + "application/json" + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "PUT", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call globalKeyManagersKeyManagerIdPutValidateBeforeCall(String keyManagerId, KeyManagerDTO keyManagerDTO, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'keyManagerId' is set + if (keyManagerId == null) { + throw new ApiException("Missing the required parameter 'keyManagerId' when calling globalKeyManagersKeyManagerIdPut(Async)"); + } + + // verify the required parameter 'keyManagerDTO' is set + if (keyManagerDTO == null) { + throw new ApiException("Missing the required parameter 'keyManagerDTO' when calling globalKeyManagersKeyManagerIdPut(Async)"); + } + + + okhttp3.Call localVarCall = globalKeyManagersKeyManagerIdPutCall(keyManagerId, keyManagerDTO, _callback); + return localVarCall; + + } + + /** + * Update a Global Key Manager + * Update a Global Key Manager by keyManager id + * @param keyManagerId Key Manager UUID (required) + * @param keyManagerDTO Key Manager object with updated information (required) + * @return KeyManagerDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Label updated. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public KeyManagerDTO globalKeyManagersKeyManagerIdPut(String keyManagerId, KeyManagerDTO keyManagerDTO) throws ApiException { + ApiResponse localVarResp = globalKeyManagersKeyManagerIdPutWithHttpInfo(keyManagerId, keyManagerDTO); + return localVarResp.getData(); + } + + /** + * Update a Global Key Manager + * Update a Global Key Manager by keyManager id + * @param keyManagerId Key Manager UUID (required) + * @param keyManagerDTO Key Manager object with updated information (required) + * @return ApiResponse<KeyManagerDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Label updated. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public ApiResponse globalKeyManagersKeyManagerIdPutWithHttpInfo(String keyManagerId, KeyManagerDTO keyManagerDTO) throws ApiException { + okhttp3.Call localVarCall = globalKeyManagersKeyManagerIdPutValidateBeforeCall(keyManagerId, keyManagerDTO, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Update a Global Key Manager (asynchronously) + * Update a Global Key Manager by keyManager id + * @param keyManagerId Key Manager UUID (required) + * @param keyManagerDTO Key Manager object with updated information (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Label updated. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public okhttp3.Call globalKeyManagersKeyManagerIdPutAsync(String keyManagerId, KeyManagerDTO keyManagerDTO, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = globalKeyManagersKeyManagerIdPutValidateBeforeCall(keyManagerId, keyManagerDTO, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } +} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ImportExportThrottlingPolicyApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ImportExportApi.java similarity index 77% rename from all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ImportExportThrottlingPolicyApi.java rename to all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ImportExportApi.java index 74a32fea6d..392e306e9f 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ImportExportThrottlingPolicyApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ImportExportApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -37,14 +37,14 @@ import java.util.List; import java.util.Map; -public class ImportExportThrottlingPolicyApi { +public class ImportExportApi { private ApiClient localVarApiClient; - public ImportExportThrottlingPolicyApi() { + public ImportExportApi() { this(Configuration.getDefaultApiClient()); } - public ImportExportThrottlingPolicyApi(ApiClient apiClient) { + public ImportExportApi(ApiClient apiClient) { this.localVarApiClient = apiClient; } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/KeyManagerCollectionApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/KeyManagerCollectionApi.java index 07f6ba62c3..98b37fcb10 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/KeyManagerCollectionApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/KeyManagerCollectionApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/KeyManagerIndividualApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/KeyManagerIndividualApi.java index 643e3160ba..09caa31b6a 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/KeyManagerIndividualApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/KeyManagerIndividualApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -28,6 +28,8 @@ import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; +import org.wso2.am.integration.clients.admin.api.dto.KeyManagerAPIUsagesDTO; +import org.wso2.am.integration.clients.admin.api.dto.KeyManagerAppUsagesDTO; import org.wso2.am.integration.clients.admin.api.dto.KeyManagerDTO; import java.lang.reflect.Type; @@ -55,6 +57,276 @@ public void setApiClient(ApiClient apiClient) { this.localVarApiClient = apiClient; } + /** + * Build call for keyManagersKeyManagerIdApiUsagesGet + * @param keyManagerId Key Manager UUID (required) + * @param offset Starting point within the complete list of items qualified. (optional, default to 0) + * @param limit Maximum size of resource array to return. (optional, default to 25) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. KeyManager API usages returned. * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public okhttp3.Call keyManagersKeyManagerIdApiUsagesGetCall(String keyManagerId, Integer offset, Integer limit, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/key-managers/{keyManagerId}/api-usages" + .replaceAll("\\{" + "keyManagerId" + "\\}", localVarApiClient.escapeString(keyManagerId.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + if (offset != null) { + localVarQueryParams.addAll(localVarApiClient.parameterToPair("offset", offset)); + } + + if (limit != null) { + localVarQueryParams.addAll(localVarApiClient.parameterToPair("limit", limit)); + } + + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call keyManagersKeyManagerIdApiUsagesGetValidateBeforeCall(String keyManagerId, Integer offset, Integer limit, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'keyManagerId' is set + if (keyManagerId == null) { + throw new ApiException("Missing the required parameter 'keyManagerId' when calling keyManagersKeyManagerIdApiUsagesGet(Async)"); + } + + + okhttp3.Call localVarCall = keyManagersKeyManagerIdApiUsagesGetCall(keyManagerId, offset, limit, _callback); + return localVarCall; + + } + + /** + * Retrieve Key Manager Usages (APIs) + * Retrieves a list of APIs that are specifically utilizing the Key Manager identified by the provided ID. The Key Manager ID should be provided as a path parameter. + * @param keyManagerId Key Manager UUID (required) + * @param offset Starting point within the complete list of items qualified. (optional, default to 0) + * @param limit Maximum size of resource array to return. (optional, default to 25) + * @return KeyManagerAPIUsagesDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. KeyManager API usages returned. * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public KeyManagerAPIUsagesDTO keyManagersKeyManagerIdApiUsagesGet(String keyManagerId, Integer offset, Integer limit) throws ApiException { + ApiResponse localVarResp = keyManagersKeyManagerIdApiUsagesGetWithHttpInfo(keyManagerId, offset, limit); + return localVarResp.getData(); + } + + /** + * Retrieve Key Manager Usages (APIs) + * Retrieves a list of APIs that are specifically utilizing the Key Manager identified by the provided ID. The Key Manager ID should be provided as a path parameter. + * @param keyManagerId Key Manager UUID (required) + * @param offset Starting point within the complete list of items qualified. (optional, default to 0) + * @param limit Maximum size of resource array to return. (optional, default to 25) + * @return ApiResponse<KeyManagerAPIUsagesDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. KeyManager API usages returned. * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public ApiResponse keyManagersKeyManagerIdApiUsagesGetWithHttpInfo(String keyManagerId, Integer offset, Integer limit) throws ApiException { + okhttp3.Call localVarCall = keyManagersKeyManagerIdApiUsagesGetValidateBeforeCall(keyManagerId, offset, limit, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Retrieve Key Manager Usages (APIs) (asynchronously) + * Retrieves a list of APIs that are specifically utilizing the Key Manager identified by the provided ID. The Key Manager ID should be provided as a path parameter. + * @param keyManagerId Key Manager UUID (required) + * @param offset Starting point within the complete list of items qualified. (optional, default to 0) + * @param limit Maximum size of resource array to return. (optional, default to 25) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. KeyManager API usages returned. * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public okhttp3.Call keyManagersKeyManagerIdApiUsagesGetAsync(String keyManagerId, Integer offset, Integer limit, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = keyManagersKeyManagerIdApiUsagesGetValidateBeforeCall(keyManagerId, offset, limit, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } + /** + * Build call for keyManagersKeyManagerIdAppUsagesGet + * @param keyManagerId Key Manager UUID (required) + * @param offset Starting point within the complete list of items qualified. (optional, default to 0) + * @param limit Maximum size of resource array to return. (optional, default to 25) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. KeyManager application usages returned. * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public okhttp3.Call keyManagersKeyManagerIdAppUsagesGetCall(String keyManagerId, Integer offset, Integer limit, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/key-managers/{keyManagerId}/app-usages" + .replaceAll("\\{" + "keyManagerId" + "\\}", localVarApiClient.escapeString(keyManagerId.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + if (offset != null) { + localVarQueryParams.addAll(localVarApiClient.parameterToPair("offset", offset)); + } + + if (limit != null) { + localVarQueryParams.addAll(localVarApiClient.parameterToPair("limit", limit)); + } + + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call keyManagersKeyManagerIdAppUsagesGetValidateBeforeCall(String keyManagerId, Integer offset, Integer limit, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'keyManagerId' is set + if (keyManagerId == null) { + throw new ApiException("Missing the required parameter 'keyManagerId' when calling keyManagersKeyManagerIdAppUsagesGet(Async)"); + } + + + okhttp3.Call localVarCall = keyManagersKeyManagerIdAppUsagesGetCall(keyManagerId, offset, limit, _callback); + return localVarCall; + + } + + /** + * Retrieve Key Manager Usages (Appilcations) + * Retrieves a list of Applications that are specifically utilizing the Key Manager identified by the provided ID. The Key Manager ID should be provided as a path parameter. + * @param keyManagerId Key Manager UUID (required) + * @param offset Starting point within the complete list of items qualified. (optional, default to 0) + * @param limit Maximum size of resource array to return. (optional, default to 25) + * @return KeyManagerAppUsagesDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. KeyManager application usages returned. * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public KeyManagerAppUsagesDTO keyManagersKeyManagerIdAppUsagesGet(String keyManagerId, Integer offset, Integer limit) throws ApiException { + ApiResponse localVarResp = keyManagersKeyManagerIdAppUsagesGetWithHttpInfo(keyManagerId, offset, limit); + return localVarResp.getData(); + } + + /** + * Retrieve Key Manager Usages (Appilcations) + * Retrieves a list of Applications that are specifically utilizing the Key Manager identified by the provided ID. The Key Manager ID should be provided as a path parameter. + * @param keyManagerId Key Manager UUID (required) + * @param offset Starting point within the complete list of items qualified. (optional, default to 0) + * @param limit Maximum size of resource array to return. (optional, default to 25) + * @return ApiResponse<KeyManagerAppUsagesDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. KeyManager application usages returned. * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public ApiResponse keyManagersKeyManagerIdAppUsagesGetWithHttpInfo(String keyManagerId, Integer offset, Integer limit) throws ApiException { + okhttp3.Call localVarCall = keyManagersKeyManagerIdAppUsagesGetValidateBeforeCall(keyManagerId, offset, limit, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Retrieve Key Manager Usages (Appilcations) (asynchronously) + * Retrieves a list of Applications that are specifically utilizing the Key Manager identified by the provided ID. The Key Manager ID should be provided as a path parameter. + * @param keyManagerId Key Manager UUID (required) + * @param offset Starting point within the complete list of items qualified. (optional, default to 0) + * @param limit Maximum size of resource array to return. (optional, default to 25) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. KeyManager application usages returned. * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
+ */ + public okhttp3.Call keyManagersKeyManagerIdAppUsagesGetAsync(String keyManagerId, Integer offset, Integer limit, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = keyManagersKeyManagerIdAppUsagesGetValidateBeforeCall(keyManagerId, offset, limit, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } /** * Build call for keyManagersKeyManagerIdDelete * @param keyManagerId Key Manager UUID (required) diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LabelCollectionApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LabelCollectionApi.java deleted file mode 100644 index e6e0351e89..0000000000 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LabelCollectionApi.java +++ /dev/null @@ -1,158 +0,0 @@ -/* - * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) - * - * The version of the OpenAPI document: v4 - * Contact: architecture@wso2.com - * - * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). - * https://openapi-generator.tech - * Do not edit the class manually. - */ - - -package org.wso2.am.integration.clients.admin.api; - -import org.wso2.am.integration.clients.admin.ApiCallback; -import org.wso2.am.integration.clients.admin.ApiClient; -import org.wso2.am.integration.clients.admin.ApiException; -import org.wso2.am.integration.clients.admin.ApiResponse; -import org.wso2.am.integration.clients.admin.Configuration; -import org.wso2.am.integration.clients.admin.Pair; -import org.wso2.am.integration.clients.admin.ProgressRequestBody; -import org.wso2.am.integration.clients.admin.ProgressResponseBody; - -import com.google.gson.reflect.TypeToken; - -import java.io.IOException; - - -import org.wso2.am.integration.clients.admin.api.dto.LabelListDTO; - -import java.lang.reflect.Type; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -public class LabelCollectionApi { - private ApiClient localVarApiClient; - - public LabelCollectionApi() { - this(Configuration.getDefaultApiClient()); - } - - public LabelCollectionApi(ApiClient apiClient) { - this.localVarApiClient = apiClient; - } - - public ApiClient getApiClient() { - return localVarApiClient; - } - - public void setApiClient(ApiClient apiClient) { - this.localVarApiClient = apiClient; - } - - /** - * Build call for labelsGet - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - -
Status Code Description Response Headers
200 OK. Labels returned -
- */ - public okhttp3.Call labelsGetCall(final ApiCallback _callback) throws ApiException { - Object localVarPostBody = null; - - // create path and map variables - String localVarPath = "/labels"; - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - Map localVarHeaderParams = new HashMap(); - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - final String[] localVarAccepts = { - "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call labelsGetValidateBeforeCall(final ApiCallback _callback) throws ApiException { - - - okhttp3.Call localVarCall = labelsGetCall(_callback); - return localVarCall; - - } - - /** - * Get all registered Labels - * Get all Registered Labels - * @return LabelListDTO - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - -
Status Code Description Response Headers
200 OK. Labels returned -
- */ - public LabelListDTO labelsGet() throws ApiException { - ApiResponse localVarResp = labelsGetWithHttpInfo(); - return localVarResp.getData(); - } - - /** - * Get all registered Labels - * Get all Registered Labels - * @return ApiResponse<LabelListDTO> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - -
Status Code Description Response Headers
200 OK. Labels returned -
- */ - public ApiResponse labelsGetWithHttpInfo() throws ApiException { - okhttp3.Call localVarCall = labelsGetValidateBeforeCall(null); - Type localVarReturnType = new TypeToken(){}.getType(); - return localVarApiClient.execute(localVarCall, localVarReturnType); - } - - /** - * Get all registered Labels (asynchronously) - * Get all Registered Labels - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - -
Status Code Description Response Headers
200 OK. Labels returned -
- */ - public okhttp3.Call labelsGetAsync(final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = labelsGetValidateBeforeCall(_callback); - Type localVarReturnType = new TypeToken(){}.getType(); - localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); - return localVarCall; - } -} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LabelApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LabelIndividualApi.java similarity index 51% rename from all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LabelApi.java rename to all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LabelIndividualApi.java index c978cff184..5c220f2ad3 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LabelApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LabelIndividualApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -29,6 +29,7 @@ import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; import org.wso2.am.integration.clients.admin.api.dto.LabelDTO; +import org.wso2.am.integration.clients.admin.api.dto.LabelUsageDTO; import java.lang.reflect.Type; import java.util.ArrayList; @@ -36,14 +37,14 @@ import java.util.List; import java.util.Map; -public class LabelApi { +public class LabelIndividualApi { private ApiClient localVarApiClient; - public LabelApi() { + public LabelIndividualApi() { this(Configuration.getDefaultApiClient()); } - public LabelApi(ApiClient apiClient) { + public LabelIndividualApi(ApiClient apiClient) { this.localVarApiClient = apiClient; } @@ -56,10 +57,126 @@ public void setApiClient(ApiClient apiClient) { } /** - * Build call for labelsLabelIdDelete + * Build call for createLabel + * @param labelDTO Label object that should to be added (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. -
400 Bad Request. Invalid request or validation error. -
409 Conflict. Specified resource already exists. -
+ */ + public okhttp3.Call createLabelCall(LabelDTO labelDTO, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = labelDTO; + + // create path and map variables + String localVarPath = "/labels"; + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + "application/json" + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call createLabelValidateBeforeCall(LabelDTO labelDTO, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'labelDTO' is set + if (labelDTO == null) { + throw new ApiException("Missing the required parameter 'labelDTO' when calling createLabel(Async)"); + } + + + okhttp3.Call localVarCall = createLabelCall(labelDTO, _callback); + return localVarCall; + + } + + /** + * Add a new Label + * Add a new Label + * @param labelDTO Label object that should to be added (required) + * @return LabelDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. -
400 Bad Request. Invalid request or validation error. -
409 Conflict. Specified resource already exists. -
+ */ + public LabelDTO createLabel(LabelDTO labelDTO) throws ApiException { + ApiResponse localVarResp = createLabelWithHttpInfo(labelDTO); + return localVarResp.getData(); + } + + /** + * Add a new Label + * Add a new Label + * @param labelDTO Label object that should to be added (required) + * @return ApiResponse<LabelDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. -
400 Bad Request. Invalid request or validation error. -
409 Conflict. Specified resource already exists. -
+ */ + public ApiResponse createLabelWithHttpInfo(LabelDTO labelDTO) throws ApiException { + okhttp3.Call localVarCall = createLabelValidateBeforeCall(labelDTO, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Add a new Label (asynchronously) + * Add a new Label + * @param labelDTO Label object that should to be added (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. -
400 Bad Request. Invalid request or validation error. -
409 Conflict. Specified resource already exists. -
+ */ + public okhttp3.Call createLabelAsync(LabelDTO labelDTO, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = createLabelValidateBeforeCall(labelDTO, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } + /** + * Build call for deleteLabel * @param labelId Label UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object @@ -67,10 +184,11 @@ public void setApiClient(ApiClient apiClient) { +
Status Code Description Response Headers
200 OK. Label successfully deleted. -
409 Conflict. Specified resource already exists. -
404 Not Found. The specified resource does not exist. -
*/ - public okhttp3.Call labelsLabelIdDeleteCall(String labelId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call deleteLabelCall(String labelId, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -80,14 +198,6 @@ public okhttp3.Call labelsLabelIdDeleteCall(String labelId, String ifMatch, Stri List localVarQueryParams = new ArrayList(); List localVarCollectionQueryParams = new ArrayList(); Map localVarHeaderParams = new HashMap(); - if (ifMatch != null) { - localVarHeaderParams.put("If-Match", localVarApiClient.parameterToString(ifMatch)); - } - - if (ifUnmodifiedSince != null) { - localVarHeaderParams.put("If-Unmodified-Since", localVarApiClient.parameterToString(ifUnmodifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -109,63 +219,59 @@ public okhttp3.Call labelsLabelIdDeleteCall(String labelId, String ifMatch, Stri } @SuppressWarnings("rawtypes") - private okhttp3.Call labelsLabelIdDeleteValidateBeforeCall(String labelId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call deleteLabelValidateBeforeCall(String labelId, final ApiCallback _callback) throws ApiException { // verify the required parameter 'labelId' is set if (labelId == null) { - throw new ApiException("Missing the required parameter 'labelId' when calling labelsLabelIdDelete(Async)"); + throw new ApiException("Missing the required parameter 'labelId' when calling deleteLabel(Async)"); } - okhttp3.Call localVarCall = labelsLabelIdDeleteCall(labelId, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = deleteLabelCall(labelId, _callback); return localVarCall; } /** * Delete a Label - * Delete a Label by label Id + * Delete a Label by label id * @param labelId Label UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details +
Status Code Description Response Headers
200 OK. Label successfully deleted. -
409 Conflict. Specified resource already exists. -
404 Not Found. The specified resource does not exist. -
*/ - public void labelsLabelIdDelete(String labelId, String ifMatch, String ifUnmodifiedSince) throws ApiException { - labelsLabelIdDeleteWithHttpInfo(labelId, ifMatch, ifUnmodifiedSince); + public void deleteLabel(String labelId) throws ApiException { + deleteLabelWithHttpInfo(labelId); } /** * Delete a Label - * Delete a Label by label Id + * Delete a Label by label id * @param labelId Label UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return ApiResponse<Void> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details +
Status Code Description Response Headers
200 OK. Label successfully deleted. -
409 Conflict. Specified resource already exists. -
404 Not Found. The specified resource does not exist. -
*/ - public ApiResponse labelsLabelIdDeleteWithHttpInfo(String labelId, String ifMatch, String ifUnmodifiedSince) throws ApiException { - okhttp3.Call localVarCall = labelsLabelIdDeleteValidateBeforeCall(labelId, ifMatch, ifUnmodifiedSince, null); + public ApiResponse deleteLabelWithHttpInfo(String labelId) throws ApiException { + okhttp3.Call localVarCall = deleteLabelValidateBeforeCall(labelId, null); return localVarApiClient.execute(localVarCall); } /** * Delete a Label (asynchronously) - * Delete a Label by label Id + * Delete a Label by label id * @param labelId Label UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object @@ -173,35 +279,34 @@ public ApiResponse labelsLabelIdDeleteWithHttpInfo(String labelId, String +
Status Code Description Response Headers
200 OK. Label successfully deleted. -
409 Conflict. Specified resource already exists. -
404 Not Found. The specified resource does not exist. -
*/ - public okhttp3.Call labelsLabelIdDeleteAsync(String labelId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call deleteLabelAsync(String labelId, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = labelsLabelIdDeleteValidateBeforeCall(labelId, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = deleteLabelValidateBeforeCall(labelId, _callback); localVarApiClient.executeAsync(localVarCall, _callback); return localVarCall; } /** - * Build call for labelsLabelIdPut + * Build call for getLabelUsage * @param labelId Label UUID (required) - * @param labelDTO Label object with updated information (required) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Label updated. -
400 Bad Request. Invalid request or validation error. -
200 OK. Label Usage returned -
404 Not Found. The specified resource does not exist. -
*/ - public okhttp3.Call labelsLabelIdPutCall(String labelId, LabelDTO labelDTO, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = labelDTO; + public okhttp3.Call getLabelUsageCall(String labelId, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; // create path and map variables - String localVarPath = "/labels/{labelId}" + String localVarPath = "/labels/{labelId}/usage" .replaceAll("\\{" + "labelId" + "\\}", localVarApiClient.escapeString(labelId.toString())); List localVarQueryParams = new ArrayList(); @@ -218,116 +323,109 @@ public okhttp3.Call labelsLabelIdPutCall(String labelId, LabelDTO labelDTO, fina } final String[] localVarContentTypes = { - "application/json" + }; final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); localVarHeaderParams.put("Content-Type", localVarContentType); String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "PUT", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); } @SuppressWarnings("rawtypes") - private okhttp3.Call labelsLabelIdPutValidateBeforeCall(String labelId, LabelDTO labelDTO, final ApiCallback _callback) throws ApiException { + private okhttp3.Call getLabelUsageValidateBeforeCall(String labelId, final ApiCallback _callback) throws ApiException { // verify the required parameter 'labelId' is set if (labelId == null) { - throw new ApiException("Missing the required parameter 'labelId' when calling labelsLabelIdPut(Async)"); - } - - // verify the required parameter 'labelDTO' is set - if (labelDTO == null) { - throw new ApiException("Missing the required parameter 'labelDTO' when calling labelsLabelIdPut(Async)"); + throw new ApiException("Missing the required parameter 'labelId' when calling getLabelUsage(Async)"); } - okhttp3.Call localVarCall = labelsLabelIdPutCall(labelId, labelDTO, _callback); + okhttp3.Call localVarCall = getLabelUsageCall(labelId, _callback); return localVarCall; } /** - * Update a Label - * Update a Label by label Id + * Get a Label Usage + * Retrieve a single Label Usage. We should provide the Id of the Label as a path parameter. * @param labelId Label UUID (required) - * @param labelDTO Label object with updated information (required) - * @return LabelDTO + * @return LabelUsageDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Label updated. -
400 Bad Request. Invalid request or validation error. -
200 OK. Label Usage returned -
404 Not Found. The specified resource does not exist. -
*/ - public LabelDTO labelsLabelIdPut(String labelId, LabelDTO labelDTO) throws ApiException { - ApiResponse localVarResp = labelsLabelIdPutWithHttpInfo(labelId, labelDTO); + public LabelUsageDTO getLabelUsage(String labelId) throws ApiException { + ApiResponse localVarResp = getLabelUsageWithHttpInfo(labelId); return localVarResp.getData(); } /** - * Update a Label - * Update a Label by label Id + * Get a Label Usage + * Retrieve a single Label Usage. We should provide the Id of the Label as a path parameter. * @param labelId Label UUID (required) - * @param labelDTO Label object with updated information (required) - * @return ApiResponse<LabelDTO> + * @return ApiResponse<LabelUsageDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Label updated. -
400 Bad Request. Invalid request or validation error. -
200 OK. Label Usage returned -
404 Not Found. The specified resource does not exist. -
*/ - public ApiResponse labelsLabelIdPutWithHttpInfo(String labelId, LabelDTO labelDTO) throws ApiException { - okhttp3.Call localVarCall = labelsLabelIdPutValidateBeforeCall(labelId, labelDTO, null); - Type localVarReturnType = new TypeToken(){}.getType(); + public ApiResponse getLabelUsageWithHttpInfo(String labelId) throws ApiException { + okhttp3.Call localVarCall = getLabelUsageValidateBeforeCall(labelId, null); + Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } /** - * Update a Label (asynchronously) - * Update a Label by label Id + * Get a Label Usage (asynchronously) + * Retrieve a single Label Usage. We should provide the Id of the Label as a path parameter. * @param labelId Label UUID (required) - * @param labelDTO Label object with updated information (required) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Label updated. -
400 Bad Request. Invalid request or validation error. -
200 OK. Label Usage returned -
404 Not Found. The specified resource does not exist. -
*/ - public okhttp3.Call labelsLabelIdPutAsync(String labelId, LabelDTO labelDTO, final ApiCallback _callback) throws ApiException { + public okhttp3.Call getLabelUsageAsync(String labelId, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = labelsLabelIdPutValidateBeforeCall(labelId, labelDTO, _callback); - Type localVarReturnType = new TypeToken(){}.getType(); + okhttp3.Call localVarCall = getLabelUsageValidateBeforeCall(labelId, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; } /** - * Build call for labelsPost - * @param labelDTO Label object that should to be added (required) + * Build call for updateLabel + * @param labelId Label UUID (required) + * @param labelDTO Label object with updated information (required) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - + + +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. -
200 OK. Label updated. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Specified resource already exists. -
*/ - public okhttp3.Call labelsPostCall(LabelDTO labelDTO, final ApiCallback _callback) throws ApiException { + public okhttp3.Call updateLabelCall(String labelId, LabelDTO labelDTO, final ApiCallback _callback) throws ApiException { Object localVarPostBody = labelDTO; // create path and map variables - String localVarPath = "/labels"; + String localVarPath = "/labels/{labelId}" + .replaceAll("\\{" + "labelId" + "\\}", localVarApiClient.escapeString(labelId.toString())); List localVarQueryParams = new ArrayList(); List localVarCollectionQueryParams = new ArrayList(); @@ -349,77 +447,91 @@ public okhttp3.Call labelsPostCall(LabelDTO labelDTO, final ApiCallback _callbac localVarHeaderParams.put("Content-Type", localVarContentType); String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + return localVarApiClient.buildCall(localVarPath, "PUT", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); } @SuppressWarnings("rawtypes") - private okhttp3.Call labelsPostValidateBeforeCall(LabelDTO labelDTO, final ApiCallback _callback) throws ApiException { + private okhttp3.Call updateLabelValidateBeforeCall(String labelId, LabelDTO labelDTO, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'labelId' is set + if (labelId == null) { + throw new ApiException("Missing the required parameter 'labelId' when calling updateLabel(Async)"); + } // verify the required parameter 'labelDTO' is set if (labelDTO == null) { - throw new ApiException("Missing the required parameter 'labelDTO' when calling labelsPost(Async)"); + throw new ApiException("Missing the required parameter 'labelDTO' when calling updateLabel(Async)"); } - okhttp3.Call localVarCall = labelsPostCall(labelDTO, _callback); + okhttp3.Call localVarCall = updateLabelCall(labelId, labelDTO, _callback); return localVarCall; } /** - * Add a Label - * Add a new gateway label - * @param labelDTO Label object that should to be added (required) + * Update a Label + * Update a Label by label id + * @param labelId Label UUID (required) + * @param labelDTO Label object with updated information (required) * @return LabelDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - + + +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. -
200 OK. Label updated. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Specified resource already exists. -
*/ - public LabelDTO labelsPost(LabelDTO labelDTO) throws ApiException { - ApiResponse localVarResp = labelsPostWithHttpInfo(labelDTO); + public LabelDTO updateLabel(String labelId, LabelDTO labelDTO) throws ApiException { + ApiResponse localVarResp = updateLabelWithHttpInfo(labelId, labelDTO); return localVarResp.getData(); } /** - * Add a Label - * Add a new gateway label - * @param labelDTO Label object that should to be added (required) + * Update a Label + * Update a Label by label id + * @param labelId Label UUID (required) + * @param labelDTO Label object with updated information (required) * @return ApiResponse<LabelDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - + + +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. -
200 OK. Label updated. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Specified resource already exists. -
*/ - public ApiResponse labelsPostWithHttpInfo(LabelDTO labelDTO) throws ApiException { - okhttp3.Call localVarCall = labelsPostValidateBeforeCall(labelDTO, null); + public ApiResponse updateLabelWithHttpInfo(String labelId, LabelDTO labelDTO) throws ApiException { + okhttp3.Call localVarCall = updateLabelValidateBeforeCall(labelId, labelDTO, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } /** - * Add a Label (asynchronously) - * Add a new gateway label - * @param labelDTO Label object that should to be added (required) + * Update a Label (asynchronously) + * Update a Label by label id + * @param labelId Label UUID (required) + * @param labelDTO Label object with updated information (required) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - + + +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. -
200 OK. Label updated. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Specified resource already exists. -
*/ - public okhttp3.Call labelsPostAsync(LabelDTO labelDTO, final ApiCallback _callback) throws ApiException { + public okhttp3.Call updateLabelAsync(String labelId, LabelDTO labelDTO, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = labelsPostValidateBeforeCall(labelDTO, _callback); + okhttp3.Call localVarCall = updateLabelValidateBeforeCall(labelId, labelDTO, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LabelsCollectionApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LabelsCollectionApi.java new file mode 100644 index 0000000000..07005d6f50 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LabelsCollectionApi.java @@ -0,0 +1,158 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api; + +import org.wso2.am.integration.clients.admin.ApiCallback; +import org.wso2.am.integration.clients.admin.ApiClient; +import org.wso2.am.integration.clients.admin.ApiException; +import org.wso2.am.integration.clients.admin.ApiResponse; +import org.wso2.am.integration.clients.admin.Configuration; +import org.wso2.am.integration.clients.admin.Pair; +import org.wso2.am.integration.clients.admin.ProgressRequestBody; +import org.wso2.am.integration.clients.admin.ProgressResponseBody; + +import com.google.gson.reflect.TypeToken; + +import java.io.IOException; + + +import org.wso2.am.integration.clients.admin.api.dto.LabelListDTO; + +import java.lang.reflect.Type; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class LabelsCollectionApi { + private ApiClient localVarApiClient; + + public LabelsCollectionApi() { + this(Configuration.getDefaultApiClient()); + } + + public LabelsCollectionApi(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + public ApiClient getApiClient() { + return localVarApiClient; + } + + public void setApiClient(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + /** + * Build call for getAllLabels + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + +
Status Code Description Response Headers
200 OK. Labels returned -
+ */ + public okhttp3.Call getAllLabelsCall(final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/labels"; + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call getAllLabelsValidateBeforeCall(final ApiCallback _callback) throws ApiException { + + + okhttp3.Call localVarCall = getAllLabelsCall(_callback); + return localVarCall; + + } + + /** + * Get all Labels + * Get all Labels + * @return LabelListDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + +
Status Code Description Response Headers
200 OK. Labels returned -
+ */ + public LabelListDTO getAllLabels() throws ApiException { + ApiResponse localVarResp = getAllLabelsWithHttpInfo(); + return localVarResp.getData(); + } + + /** + * Get all Labels + * Get all Labels + * @return ApiResponse<LabelListDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + +
Status Code Description Response Headers
200 OK. Labels returned -
+ */ + public ApiResponse getAllLabelsWithHttpInfo() throws ApiException { + okhttp3.Call localVarCall = getAllLabelsValidateBeforeCall(null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Get all Labels (asynchronously) + * Get all Labels + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + +
Status Code Description Response Headers
200 OK. Labels returned -
+ */ + public okhttp3.Call getAllLabelsAsync(final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = getAllLabelsValidateBeforeCall(_callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } +} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LlmProviderApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LlmProviderApi.java index 758b117ee9..858fe7973b 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LlmProviderApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LlmProviderApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -57,7 +57,7 @@ public void setApiClient(ApiClient apiClient) { } /** - * Build call for llmProvidersLlmProviderIdDelete + * Build call for deleteLLMProvider * @param llmProviderId LLM Provider UUID (required) * @param _callback Callback for upload/download progress * @return Call to execute @@ -68,8 +68,10 @@ public void setApiClient(ApiClient apiClient) { 200 OK. LLM provider successfully deleted. - 404 Not Found. The specified resource does not exist. - + * @deprecated */ - public okhttp3.Call llmProvidersLlmProviderIdDeleteCall(String llmProviderId, final ApiCallback _callback) throws ApiException { + @Deprecated + public okhttp3.Call deleteLLMProviderCall(String llmProviderId, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -99,16 +101,17 @@ public okhttp3.Call llmProvidersLlmProviderIdDeleteCall(String llmProviderId, fi return localVarApiClient.buildCall(localVarPath, "DELETE", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); } + @Deprecated @SuppressWarnings("rawtypes") - private okhttp3.Call llmProvidersLlmProviderIdDeleteValidateBeforeCall(String llmProviderId, final ApiCallback _callback) throws ApiException { + private okhttp3.Call deleteLLMProviderValidateBeforeCall(String llmProviderId, final ApiCallback _callback) throws ApiException { // verify the required parameter 'llmProviderId' is set if (llmProviderId == null) { - throw new ApiException("Missing the required parameter 'llmProviderId' when calling llmProvidersLlmProviderIdDelete(Async)"); + throw new ApiException("Missing the required parameter 'llmProviderId' when calling deleteLLMProvider(Async)"); } - okhttp3.Call localVarCall = llmProvidersLlmProviderIdDeleteCall(llmProviderId, _callback); + okhttp3.Call localVarCall = deleteLLMProviderCall(llmProviderId, _callback); return localVarCall; } @@ -124,9 +127,11 @@ private okhttp3.Call llmProvidersLlmProviderIdDeleteValidateBeforeCall(String ll 200 OK. LLM provider successfully deleted. - 404 Not Found. The specified resource does not exist. - + * @deprecated */ - public void llmProvidersLlmProviderIdDelete(String llmProviderId) throws ApiException { - llmProvidersLlmProviderIdDeleteWithHttpInfo(llmProviderId); + @Deprecated + public void deleteLLMProvider(String llmProviderId) throws ApiException { + deleteLLMProviderWithHttpInfo(llmProviderId); } /** @@ -141,9 +146,11 @@ public void llmProvidersLlmProviderIdDelete(String llmProviderId) throws ApiExce 200 OK. LLM provider successfully deleted. - 404 Not Found. The specified resource does not exist. - + * @deprecated */ - public ApiResponse llmProvidersLlmProviderIdDeleteWithHttpInfo(String llmProviderId) throws ApiException { - okhttp3.Call localVarCall = llmProvidersLlmProviderIdDeleteValidateBeforeCall(llmProviderId, null); + @Deprecated + public ApiResponse deleteLLMProviderWithHttpInfo(String llmProviderId) throws ApiException { + okhttp3.Call localVarCall = deleteLLMProviderValidateBeforeCall(llmProviderId, null); return localVarApiClient.execute(localVarCall); } @@ -160,15 +167,17 @@ public ApiResponse llmProvidersLlmProviderIdDeleteWithHttpInfo(String llmP 200 OK. LLM provider successfully deleted. - 404 Not Found. The specified resource does not exist. - + * @deprecated */ - public okhttp3.Call llmProvidersLlmProviderIdDeleteAsync(String llmProviderId, final ApiCallback _callback) throws ApiException { + @Deprecated + public okhttp3.Call deleteLLMProviderAsync(String llmProviderId, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = llmProvidersLlmProviderIdDeleteValidateBeforeCall(llmProviderId, _callback); + okhttp3.Call localVarCall = deleteLLMProviderValidateBeforeCall(llmProviderId, _callback); localVarApiClient.executeAsync(localVarCall, _callback); return localVarCall; } /** - * Build call for llmProvidersLlmProviderIdGet + * Build call for getLLMProvider * @param llmProviderId LLM Provider UUID (required) * @param _callback Callback for upload/download progress * @return Call to execute @@ -179,7 +188,7 @@ public okhttp3.Call llmProvidersLlmProviderIdDeleteAsync(String llmProviderId, f 200 OK. OpenAPI specification - */ - public okhttp3.Call llmProvidersLlmProviderIdGetCall(String llmProviderId, final ApiCallback _callback) throws ApiException { + public okhttp3.Call getLLMProviderCall(String llmProviderId, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -210,15 +219,15 @@ public okhttp3.Call llmProvidersLlmProviderIdGetCall(String llmProviderId, final } @SuppressWarnings("rawtypes") - private okhttp3.Call llmProvidersLlmProviderIdGetValidateBeforeCall(String llmProviderId, final ApiCallback _callback) throws ApiException { + private okhttp3.Call getLLMProviderValidateBeforeCall(String llmProviderId, final ApiCallback _callback) throws ApiException { // verify the required parameter 'llmProviderId' is set if (llmProviderId == null) { - throw new ApiException("Missing the required parameter 'llmProviderId' when calling llmProvidersLlmProviderIdGet(Async)"); + throw new ApiException("Missing the required parameter 'llmProviderId' when calling getLLMProvider(Async)"); } - okhttp3.Call localVarCall = llmProvidersLlmProviderIdGetCall(llmProviderId, _callback); + okhttp3.Call localVarCall = getLLMProviderCall(llmProviderId, _callback); return localVarCall; } @@ -235,8 +244,8 @@ private okhttp3.Call llmProvidersLlmProviderIdGetValidateBeforeCall(String llmPr 200 OK. OpenAPI specification - */ - public LLMProviderResponseDTO llmProvidersLlmProviderIdGet(String llmProviderId) throws ApiException { - ApiResponse localVarResp = llmProvidersLlmProviderIdGetWithHttpInfo(llmProviderId); + public LLMProviderResponseDTO getLLMProvider(String llmProviderId) throws ApiException { + ApiResponse localVarResp = getLLMProviderWithHttpInfo(llmProviderId); return localVarResp.getData(); } @@ -252,8 +261,8 @@ public LLMProviderResponseDTO llmProvidersLlmProviderIdGet(String llmProviderId) 200 OK. OpenAPI specification - */ - public ApiResponse llmProvidersLlmProviderIdGetWithHttpInfo(String llmProviderId) throws ApiException { - okhttp3.Call localVarCall = llmProvidersLlmProviderIdGetValidateBeforeCall(llmProviderId, null); + public ApiResponse getLLMProviderWithHttpInfo(String llmProviderId) throws ApiException { + okhttp3.Call localVarCall = getLLMProviderValidateBeforeCall(llmProviderId, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -271,15 +280,15 @@ public ApiResponse llmProvidersLlmProviderIdGetWithHttpI 200 OK. OpenAPI specification - */ - public okhttp3.Call llmProvidersLlmProviderIdGetAsync(String llmProviderId, final ApiCallback _callback) throws ApiException { + public okhttp3.Call getLLMProviderAsync(String llmProviderId, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = llmProvidersLlmProviderIdGetValidateBeforeCall(llmProviderId, _callback); + okhttp3.Call localVarCall = getLLMProviderValidateBeforeCall(llmProviderId, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; } /** - * Build call for llmProvidersLlmProviderIdPut + * Build call for updateLLMProvider * @param llmProviderId LLM Provider UUID (required) * @param name (optional) * @param apiVersion (optional) @@ -297,8 +306,10 @@ public okhttp3.Call llmProvidersLlmProviderIdGetAsync(String llmProviderId, fina 400 Bad Request. Invalid request or validation error. - 404 Not Found. The specified resource does not exist. - + * @deprecated */ - public okhttp3.Call llmProvidersLlmProviderIdPutCall(String llmProviderId, String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList, final ApiCallback _callback) throws ApiException { + @Deprecated + public okhttp3.Call updateLLMProviderCall(String llmProviderId, String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -352,16 +363,17 @@ public okhttp3.Call llmProvidersLlmProviderIdPutCall(String llmProviderId, Strin return localVarApiClient.buildCall(localVarPath, "PUT", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); } + @Deprecated @SuppressWarnings("rawtypes") - private okhttp3.Call llmProvidersLlmProviderIdPutValidateBeforeCall(String llmProviderId, String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList, final ApiCallback _callback) throws ApiException { + private okhttp3.Call updateLLMProviderValidateBeforeCall(String llmProviderId, String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList, final ApiCallback _callback) throws ApiException { // verify the required parameter 'llmProviderId' is set if (llmProviderId == null) { - throw new ApiException("Missing the required parameter 'llmProviderId' when calling llmProvidersLlmProviderIdPut(Async)"); + throw new ApiException("Missing the required parameter 'llmProviderId' when calling updateLLMProvider(Async)"); } - okhttp3.Call localVarCall = llmProvidersLlmProviderIdPutCall(llmProviderId, name, apiVersion, description, configurations, apiDefinition, modelList, _callback); + okhttp3.Call localVarCall = updateLLMProviderCall(llmProviderId, name, apiVersion, description, configurations, apiDefinition, modelList, _callback); return localVarCall; } @@ -385,9 +397,11 @@ private okhttp3.Call llmProvidersLlmProviderIdPutValidateBeforeCall(String llmPr 400 Bad Request. Invalid request or validation error. - 404 Not Found. The specified resource does not exist. - + * @deprecated */ - public LLMProviderResponseDTO llmProvidersLlmProviderIdPut(String llmProviderId, String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList) throws ApiException { - ApiResponse localVarResp = llmProvidersLlmProviderIdPutWithHttpInfo(llmProviderId, name, apiVersion, description, configurations, apiDefinition, modelList); + @Deprecated + public LLMProviderResponseDTO updateLLMProvider(String llmProviderId, String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList) throws ApiException { + ApiResponse localVarResp = updateLLMProviderWithHttpInfo(llmProviderId, name, apiVersion, description, configurations, apiDefinition, modelList); return localVarResp.getData(); } @@ -410,9 +424,11 @@ public LLMProviderResponseDTO llmProvidersLlmProviderIdPut(String llmProviderId, 400 Bad Request. Invalid request or validation error. - 404 Not Found. The specified resource does not exist. - + * @deprecated */ - public ApiResponse llmProvidersLlmProviderIdPutWithHttpInfo(String llmProviderId, String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList) throws ApiException { - okhttp3.Call localVarCall = llmProvidersLlmProviderIdPutValidateBeforeCall(llmProviderId, name, apiVersion, description, configurations, apiDefinition, modelList, null); + @Deprecated + public ApiResponse updateLLMProviderWithHttpInfo(String llmProviderId, String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList) throws ApiException { + okhttp3.Call localVarCall = updateLLMProviderValidateBeforeCall(llmProviderId, name, apiVersion, description, configurations, apiDefinition, modelList, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -437,10 +453,12 @@ public ApiResponse llmProvidersLlmProviderIdPutWithHttpI 400 Bad Request. Invalid request or validation error. - 404 Not Found. The specified resource does not exist. - + * @deprecated */ - public okhttp3.Call llmProvidersLlmProviderIdPutAsync(String llmProviderId, String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList, final ApiCallback _callback) throws ApiException { + @Deprecated + public okhttp3.Call updateLLMProviderAsync(String llmProviderId, String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = llmProvidersLlmProviderIdPutValidateBeforeCall(llmProviderId, name, apiVersion, description, configurations, apiDefinition, modelList, _callback); + okhttp3.Call localVarCall = updateLLMProviderValidateBeforeCall(llmProviderId, name, apiVersion, description, configurations, apiDefinition, modelList, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LlmProvidersApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LlmProvidersApi.java index 308d3e2294..9080b4e879 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LlmProvidersApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/LlmProvidersApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -58,17 +58,26 @@ public void setApiClient(ApiClient apiClient) { } /** - * Build call for llmProvidersGet + * Build call for addLLMProvider + * @param name (optional) + * @param apiVersion (optional) + * @param description (optional) + * @param configurations LLM Provider configurations (optional) + * @param apiDefinition OpenAPI specification (optional) + * @param modelList List of models supported by the LLM Provider as a stringified JSON array (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - + +
Status Code Description Response Headers
200 OK. LLM providers returned -
201 Created. Successful response with the newly created LLM provider as entity in the body. -
400 Bad Request. Invalid request or validation error. -
+ * @deprecated */ - public okhttp3.Call llmProvidersGetCall(final ApiCallback _callback) throws ApiException { + @Deprecated + public okhttp3.Call addLLMProviderCall(String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -79,6 +88,30 @@ public okhttp3.Call llmProvidersGetCall(final ApiCallback _callback) throws ApiE Map localVarHeaderParams = new HashMap(); Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); + if (name != null) { + localVarFormParams.put("name", name); + } + + if (apiVersion != null) { + localVarFormParams.put("apiVersion", apiVersion); + } + + if (description != null) { + localVarFormParams.put("description", description); + } + + if (configurations != null) { + localVarFormParams.put("configurations", configurations); + } + + if (apiDefinition != null) { + localVarFormParams.put("apiDefinition", apiDefinition); + } + + if (modelList != null) { + localVarFormParams.put("modelList", modelList); + } + final String[] localVarAccepts = { "application/json" }; @@ -88,95 +121,118 @@ public okhttp3.Call llmProvidersGetCall(final ApiCallback _callback) throws ApiE } final String[] localVarContentTypes = { - + "multipart/form-data" }; final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); localVarHeaderParams.put("Content-Type", localVarContentType); String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); } + @Deprecated @SuppressWarnings("rawtypes") - private okhttp3.Call llmProvidersGetValidateBeforeCall(final ApiCallback _callback) throws ApiException { + private okhttp3.Call addLLMProviderValidateBeforeCall(String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = llmProvidersGetCall(_callback); + okhttp3.Call localVarCall = addLLMProviderCall(name, apiVersion, description, configurations, apiDefinition, modelList, _callback); return localVarCall; } /** - * Get all LLM providers - * Get all LLM providers - * @return LLMProviderSummaryResponseListDTO + * Add a LLM provider + * Add a new LLM provider + * @param name (optional) + * @param apiVersion (optional) + * @param description (optional) + * @param configurations LLM Provider configurations (optional) + * @param apiDefinition OpenAPI specification (optional) + * @param modelList List of models supported by the LLM Provider as a stringified JSON array (optional) + * @return LLMProviderResponseDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - + +
Status Code Description Response Headers
200 OK. LLM providers returned -
201 Created. Successful response with the newly created LLM provider as entity in the body. -
400 Bad Request. Invalid request or validation error. -
+ * @deprecated */ - public LLMProviderSummaryResponseListDTO llmProvidersGet() throws ApiException { - ApiResponse localVarResp = llmProvidersGetWithHttpInfo(); + @Deprecated + public LLMProviderResponseDTO addLLMProvider(String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList) throws ApiException { + ApiResponse localVarResp = addLLMProviderWithHttpInfo(name, apiVersion, description, configurations, apiDefinition, modelList); return localVarResp.getData(); } /** - * Get all LLM providers - * Get all LLM providers - * @return ApiResponse<LLMProviderSummaryResponseListDTO> + * Add a LLM provider + * Add a new LLM provider + * @param name (optional) + * @param apiVersion (optional) + * @param description (optional) + * @param configurations LLM Provider configurations (optional) + * @param apiDefinition OpenAPI specification (optional) + * @param modelList List of models supported by the LLM Provider as a stringified JSON array (optional) + * @return ApiResponse<LLMProviderResponseDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - + +
Status Code Description Response Headers
200 OK. LLM providers returned -
201 Created. Successful response with the newly created LLM provider as entity in the body. -
400 Bad Request. Invalid request or validation error. -
+ * @deprecated */ - public ApiResponse llmProvidersGetWithHttpInfo() throws ApiException { - okhttp3.Call localVarCall = llmProvidersGetValidateBeforeCall(null); - Type localVarReturnType = new TypeToken(){}.getType(); + @Deprecated + public ApiResponse addLLMProviderWithHttpInfo(String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList) throws ApiException { + okhttp3.Call localVarCall = addLLMProviderValidateBeforeCall(name, apiVersion, description, configurations, apiDefinition, modelList, null); + Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } /** - * Get all LLM providers (asynchronously) - * Get all LLM providers + * Add a LLM provider (asynchronously) + * Add a new LLM provider + * @param name (optional) + * @param apiVersion (optional) + * @param description (optional) + * @param configurations LLM Provider configurations (optional) + * @param apiDefinition OpenAPI specification (optional) + * @param modelList List of models supported by the LLM Provider as a stringified JSON array (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - + +
Status Code Description Response Headers
200 OK. LLM providers returned -
201 Created. Successful response with the newly created LLM provider as entity in the body. -
400 Bad Request. Invalid request or validation error. -
+ * @deprecated */ - public okhttp3.Call llmProvidersGetAsync(final ApiCallback _callback) throws ApiException { + @Deprecated + public okhttp3.Call addLLMProviderAsync(String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = llmProvidersGetValidateBeforeCall(_callback); - Type localVarReturnType = new TypeToken(){}.getType(); + okhttp3.Call localVarCall = addLLMProviderValidateBeforeCall(name, apiVersion, description, configurations, apiDefinition, modelList, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; } /** - * Build call for llmProvidersPost - * @param name (optional) - * @param apiVersion (optional) - * @param description (optional) - * @param configurations LLM Provider configurations (optional) - * @param apiDefinition OpenAPI specification (optional) - * @param modelList List of models supported by the LLM Provider as a stringified JSON array (optional) + * Build call for getLLMProviders * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - - +
Status Code Description Response Headers
201 Created. Successful response with the newly created LLM provider as entity in the body. -
400 Bad Request. Invalid request or validation error. -
200 OK. LLM providers returned -
+ * @deprecated */ - public okhttp3.Call llmProvidersPostCall(String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList, final ApiCallback _callback) throws ApiException { + @Deprecated + public okhttp3.Call getLLMProvidersCall(final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -187,30 +243,6 @@ public okhttp3.Call llmProvidersPostCall(String name, String apiVersion, String Map localVarHeaderParams = new HashMap(); Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); - if (name != null) { - localVarFormParams.put("name", name); - } - - if (apiVersion != null) { - localVarFormParams.put("apiVersion", apiVersion); - } - - if (description != null) { - localVarFormParams.put("description", description); - } - - if (configurations != null) { - localVarFormParams.put("configurations", configurations); - } - - if (apiDefinition != null) { - localVarFormParams.put("apiDefinition", apiDefinition); - } - - if (modelList != null) { - localVarFormParams.put("modelList", modelList); - } - final String[] localVarAccepts = { "application/json" }; @@ -220,94 +252,80 @@ public okhttp3.Call llmProvidersPostCall(String name, String apiVersion, String } final String[] localVarContentTypes = { - "multipart/form-data" + }; final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); localVarHeaderParams.put("Content-Type", localVarContentType); String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); } + @Deprecated @SuppressWarnings("rawtypes") - private okhttp3.Call llmProvidersPostValidateBeforeCall(String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList, final ApiCallback _callback) throws ApiException { + private okhttp3.Call getLLMProvidersValidateBeforeCall(final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = llmProvidersPostCall(name, apiVersion, description, configurations, apiDefinition, modelList, _callback); + okhttp3.Call localVarCall = getLLMProvidersCall(_callback); return localVarCall; } /** - * Add a LLM provider - * Add a new LLM provider - * @param name (optional) - * @param apiVersion (optional) - * @param description (optional) - * @param configurations LLM Provider configurations (optional) - * @param apiDefinition OpenAPI specification (optional) - * @param modelList List of models supported by the LLM Provider as a stringified JSON array (optional) - * @return LLMProviderResponseDTO + * Get all LLM providers + * Get all LLM providers + * @return LLMProviderSummaryResponseListDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
201 Created. Successful response with the newly created LLM provider as entity in the body. -
400 Bad Request. Invalid request or validation error. -
200 OK. LLM providers returned -
+ * @deprecated */ - public LLMProviderResponseDTO llmProvidersPost(String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList) throws ApiException { - ApiResponse localVarResp = llmProvidersPostWithHttpInfo(name, apiVersion, description, configurations, apiDefinition, modelList); + @Deprecated + public LLMProviderSummaryResponseListDTO getLLMProviders() throws ApiException { + ApiResponse localVarResp = getLLMProvidersWithHttpInfo(); return localVarResp.getData(); } /** - * Add a LLM provider - * Add a new LLM provider - * @param name (optional) - * @param apiVersion (optional) - * @param description (optional) - * @param configurations LLM Provider configurations (optional) - * @param apiDefinition OpenAPI specification (optional) - * @param modelList List of models supported by the LLM Provider as a stringified JSON array (optional) - * @return ApiResponse<LLMProviderResponseDTO> + * Get all LLM providers + * Get all LLM providers + * @return ApiResponse<LLMProviderSummaryResponseListDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
201 Created. Successful response with the newly created LLM provider as entity in the body. -
400 Bad Request. Invalid request or validation error. -
200 OK. LLM providers returned -
+ * @deprecated */ - public ApiResponse llmProvidersPostWithHttpInfo(String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList) throws ApiException { - okhttp3.Call localVarCall = llmProvidersPostValidateBeforeCall(name, apiVersion, description, configurations, apiDefinition, modelList, null); - Type localVarReturnType = new TypeToken(){}.getType(); + @Deprecated + public ApiResponse getLLMProvidersWithHttpInfo() throws ApiException { + okhttp3.Call localVarCall = getLLMProvidersValidateBeforeCall(null); + Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } /** - * Add a LLM provider (asynchronously) - * Add a new LLM provider - * @param name (optional) - * @param apiVersion (optional) - * @param description (optional) - * @param configurations LLM Provider configurations (optional) - * @param apiDefinition OpenAPI specification (optional) - * @param modelList List of models supported by the LLM Provider as a stringified JSON array (optional) + * Get all LLM providers (asynchronously) + * Get all LLM providers * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - - +
Status Code Description Response Headers
201 Created. Successful response with the newly created LLM provider as entity in the body. -
400 Bad Request. Invalid request or validation error. -
200 OK. LLM providers returned -
+ * @deprecated */ - public okhttp3.Call llmProvidersPostAsync(String name, String apiVersion, String description, String configurations, File apiDefinition, String modelList, final ApiCallback _callback) throws ApiException { + @Deprecated + public okhttp3.Call getLLMProvidersAsync(final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = llmProvidersPostValidateBeforeCall(name, apiVersion, description, configurations, apiDefinition, modelList, _callback); - Type localVarReturnType = new TypeToken(){}.getType(); + okhttp3.Call localVarCall = getLLMProvidersValidateBeforeCall(_callback); + Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/MediationPolicyCollectionApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/MediationPolicyCollectionApi.java deleted file mode 100644 index 4aa3b098a2..0000000000 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/MediationPolicyCollectionApi.java +++ /dev/null @@ -1,359 +0,0 @@ -/* - * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) - * - * The version of the OpenAPI document: v4 - * Contact: architecture@wso2.com - * - * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). - * https://openapi-generator.tech - * Do not edit the class manually. - */ - - -package org.wso2.am.integration.clients.admin.api; - -import org.wso2.am.integration.clients.admin.ApiCallback; -import org.wso2.am.integration.clients.admin.ApiClient; -import org.wso2.am.integration.clients.admin.ApiException; -import org.wso2.am.integration.clients.admin.ApiResponse; -import org.wso2.am.integration.clients.admin.Configuration; -import org.wso2.am.integration.clients.admin.Pair; -import org.wso2.am.integration.clients.admin.ProgressRequestBody; -import org.wso2.am.integration.clients.admin.ProgressResponseBody; - -import com.google.gson.reflect.TypeToken; - -import java.io.IOException; - - -import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; -import org.wso2.am.integration.clients.admin.api.dto.MediationDTO; -import org.wso2.am.integration.clients.admin.api.dto.MediationListDTO; - -import java.lang.reflect.Type; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -public class MediationPolicyCollectionApi { - private ApiClient localVarApiClient; - - public MediationPolicyCollectionApi() { - this(Configuration.getDefaultApiClient()); - } - - public MediationPolicyCollectionApi(ApiClient apiClient) { - this.localVarApiClient = apiClient; - } - - public ApiClient getApiClient() { - return localVarApiClient; - } - - public void setApiClient(ApiClient apiClient) { - this.localVarApiClient = apiClient; - } - - /** - * Build call for policiesMediationGet - * @param limit Maximum size of resource array to return. (optional, default to 25) - * @param offset Starting point within the complete list of items qualified. (optional, default to 0) - * @param query -Not supported yet- (optional) - * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - - - -
Status Code Description Response Headers
200 OK. List of mediation policies is returned. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
406 Not Acceptable. The requested media type is not supported. -
- */ - public okhttp3.Call policiesMediationGetCall(Integer limit, Integer offset, String query, String accept, String ifNoneMatch, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = null; - - // create path and map variables - String localVarPath = "/policies/mediation"; - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - if (limit != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("limit", limit)); - } - - if (offset != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("offset", offset)); - } - - if (query != null) { - localVarQueryParams.addAll(localVarApiClient.parameterToPair("query", query)); - } - - Map localVarHeaderParams = new HashMap(); - if (accept != null) { - localVarHeaderParams.put("Accept", localVarApiClient.parameterToString(accept)); - } - - if (ifNoneMatch != null) { - localVarHeaderParams.put("If-None-Match", localVarApiClient.parameterToString(ifNoneMatch)); - } - - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - final String[] localVarAccepts = { - "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call policiesMediationGetValidateBeforeCall(Integer limit, Integer offset, String query, String accept, String ifNoneMatch, final ApiCallback _callback) throws ApiException { - - - okhttp3.Call localVarCall = policiesMediationGetCall(limit, offset, query, accept, ifNoneMatch, _callback); - return localVarCall; - - } - - /** - * Get all Global Mediation Policies - * This operation provides you a list of all available global mediation policies. - * @param limit Maximum size of resource array to return. (optional, default to 25) - * @param offset Starting point within the complete list of items qualified. (optional, default to 0) - * @param query -Not supported yet- (optional) - * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @return MediationListDTO - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - -
Status Code Description Response Headers
200 OK. List of mediation policies is returned. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
406 Not Acceptable. The requested media type is not supported. -
- */ - public MediationListDTO policiesMediationGet(Integer limit, Integer offset, String query, String accept, String ifNoneMatch) throws ApiException { - ApiResponse localVarResp = policiesMediationGetWithHttpInfo(limit, offset, query, accept, ifNoneMatch); - return localVarResp.getData(); - } - - /** - * Get all Global Mediation Policies - * This operation provides you a list of all available global mediation policies. - * @param limit Maximum size of resource array to return. (optional, default to 25) - * @param offset Starting point within the complete list of items qualified. (optional, default to 0) - * @param query -Not supported yet- (optional) - * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @return ApiResponse<MediationListDTO> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - -
Status Code Description Response Headers
200 OK. List of mediation policies is returned. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
406 Not Acceptable. The requested media type is not supported. -
- */ - public ApiResponse policiesMediationGetWithHttpInfo(Integer limit, Integer offset, String query, String accept, String ifNoneMatch) throws ApiException { - okhttp3.Call localVarCall = policiesMediationGetValidateBeforeCall(limit, offset, query, accept, ifNoneMatch, null); - Type localVarReturnType = new TypeToken(){}.getType(); - return localVarApiClient.execute(localVarCall, localVarReturnType); - } - - /** - * Get all Global Mediation Policies (asynchronously) - * This operation provides you a list of all available global mediation policies. - * @param limit Maximum size of resource array to return. (optional, default to 25) - * @param offset Starting point within the complete list of items qualified. (optional, default to 0) - * @param query -Not supported yet- (optional) - * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - - - -
Status Code Description Response Headers
200 OK. List of mediation policies is returned. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
406 Not Acceptable. The requested media type is not supported. -
- */ - public okhttp3.Call policiesMediationGetAsync(Integer limit, Integer offset, String query, String accept, String ifNoneMatch, final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = policiesMediationGetValidateBeforeCall(limit, offset, query, accept, ifNoneMatch, _callback); - Type localVarReturnType = new TypeToken(){}.getType(); - localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); - return localVarCall; - } - /** - * Build call for policiesMediationPost - * @param contentType Media type of the entity in the body. Default is application/json. (required) - * @param mediationDTO mediation policy to upload (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Mediation policy added successfully. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the uploaded thumbnail image of the API.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
- */ - public okhttp3.Call policiesMediationPostCall(String contentType, MediationDTO mediationDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = mediationDTO; - - // create path and map variables - String localVarPath = "/policies/mediation"; - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - Map localVarHeaderParams = new HashMap(); - if (contentType != null) { - localVarHeaderParams.put("Content-Type", localVarApiClient.parameterToString(contentType)); - } - - if (ifMatch != null) { - localVarHeaderParams.put("If-Match", localVarApiClient.parameterToString(ifMatch)); - } - - if (ifUnmodifiedSince != null) { - localVarHeaderParams.put("If-Unmodified-Since", localVarApiClient.parameterToString(ifUnmodifiedSince)); - } - - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - final String[] localVarAccepts = { - "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - "application/json" - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call policiesMediationPostValidateBeforeCall(String contentType, MediationDTO mediationDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { - - // verify the required parameter 'contentType' is set - if (contentType == null) { - throw new ApiException("Missing the required parameter 'contentType' when calling policiesMediationPost(Async)"); - } - - // verify the required parameter 'mediationDTO' is set - if (mediationDTO == null) { - throw new ApiException("Missing the required parameter 'mediationDTO' when calling policiesMediationPost(Async)"); - } - - - okhttp3.Call localVarCall = policiesMediationPostCall(contentType, mediationDTO, ifMatch, ifUnmodifiedSince, _callback); - return localVarCall; - - } - - /** - * Add a Global Mediation Policy - * This operation can be used to add a new global mediation policy. - * @param contentType Media type of the entity in the body. Default is application/json. (required) - * @param mediationDTO mediation policy to upload (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) - * @return MediationDTO - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Mediation policy added successfully. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the uploaded thumbnail image of the API.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
- */ - public MediationDTO policiesMediationPost(String contentType, MediationDTO mediationDTO, String ifMatch, String ifUnmodifiedSince) throws ApiException { - ApiResponse localVarResp = policiesMediationPostWithHttpInfo(contentType, mediationDTO, ifMatch, ifUnmodifiedSince); - return localVarResp.getData(); - } - - /** - * Add a Global Mediation Policy - * This operation can be used to add a new global mediation policy. - * @param contentType Media type of the entity in the body. Default is application/json. (required) - * @param mediationDTO mediation policy to upload (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) - * @return ApiResponse<MediationDTO> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Mediation policy added successfully. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the uploaded thumbnail image of the API.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
- */ - public ApiResponse policiesMediationPostWithHttpInfo(String contentType, MediationDTO mediationDTO, String ifMatch, String ifUnmodifiedSince) throws ApiException { - okhttp3.Call localVarCall = policiesMediationPostValidateBeforeCall(contentType, mediationDTO, ifMatch, ifUnmodifiedSince, null); - Type localVarReturnType = new TypeToken(){}.getType(); - return localVarApiClient.execute(localVarCall, localVarReturnType); - } - - /** - * Add a Global Mediation Policy (asynchronously) - * This operation can be used to add a new global mediation policy. - * @param contentType Media type of the entity in the body. Default is application/json. (required) - * @param mediationDTO mediation policy to upload (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Mediation policy added successfully. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the uploaded thumbnail image of the API.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
- */ - public okhttp3.Call policiesMediationPostAsync(String contentType, MediationDTO mediationDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = policiesMediationPostValidateBeforeCall(contentType, mediationDTO, ifMatch, ifUnmodifiedSince, _callback); - Type localVarReturnType = new TypeToken(){}.getType(); - localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); - return localVarCall; - } -} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/MediationPolicyIndividualApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/MediationPolicyIndividualApi.java deleted file mode 100644 index 06bae5f2e8..0000000000 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/MediationPolicyIndividualApi.java +++ /dev/null @@ -1,505 +0,0 @@ -/* - * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) - * - * The version of the OpenAPI document: v4 - * Contact: architecture@wso2.com - * - * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). - * https://openapi-generator.tech - * Do not edit the class manually. - */ - - -package org.wso2.am.integration.clients.admin.api; - -import org.wso2.am.integration.clients.admin.ApiCallback; -import org.wso2.am.integration.clients.admin.ApiClient; -import org.wso2.am.integration.clients.admin.ApiException; -import org.wso2.am.integration.clients.admin.ApiResponse; -import org.wso2.am.integration.clients.admin.Configuration; -import org.wso2.am.integration.clients.admin.Pair; -import org.wso2.am.integration.clients.admin.ProgressRequestBody; -import org.wso2.am.integration.clients.admin.ProgressResponseBody; - -import com.google.gson.reflect.TypeToken; - -import java.io.IOException; - - -import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; -import org.wso2.am.integration.clients.admin.api.dto.MediationDTO; - -import java.lang.reflect.Type; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -public class MediationPolicyIndividualApi { - private ApiClient localVarApiClient; - - public MediationPolicyIndividualApi() { - this(Configuration.getDefaultApiClient()); - } - - public MediationPolicyIndividualApi(ApiClient apiClient) { - this.localVarApiClient = apiClient; - } - - public ApiClient getApiClient() { - return localVarApiClient; - } - - public void setApiClient(ApiClient apiClient) { - this.localVarApiClient = apiClient; - } - - /** - * Build call for policiesMediationMediationPolicyIdDelete - * @param mediationPolicyId Mediation policy Id (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Mediation policy successfully deleted. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
- */ - public okhttp3.Call policiesMediationMediationPolicyIdDeleteCall(String mediationPolicyId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = null; - - // create path and map variables - String localVarPath = "/policies/mediation/{mediationPolicyId}" - .replaceAll("\\{" + "mediationPolicyId" + "\\}", localVarApiClient.escapeString(mediationPolicyId.toString())); - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - Map localVarHeaderParams = new HashMap(); - if (ifMatch != null) { - localVarHeaderParams.put("If-Match", localVarApiClient.parameterToString(ifMatch)); - } - - if (ifUnmodifiedSince != null) { - localVarHeaderParams.put("If-Unmodified-Since", localVarApiClient.parameterToString(ifUnmodifiedSince)); - } - - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - final String[] localVarAccepts = { - "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "DELETE", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call policiesMediationMediationPolicyIdDeleteValidateBeforeCall(String mediationPolicyId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { - - // verify the required parameter 'mediationPolicyId' is set - if (mediationPolicyId == null) { - throw new ApiException("Missing the required parameter 'mediationPolicyId' when calling policiesMediationMediationPolicyIdDelete(Async)"); - } - - - okhttp3.Call localVarCall = policiesMediationMediationPolicyIdDeleteCall(mediationPolicyId, ifMatch, ifUnmodifiedSince, _callback); - return localVarCall; - - } - - /** - * Delete a Global Mediation Policy - * This operation can be used to delete an existing global mediation policy providing the Id of the mediation policy. - * @param mediationPolicyId Mediation policy Id (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Mediation policy successfully deleted. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
- */ - public void policiesMediationMediationPolicyIdDelete(String mediationPolicyId, String ifMatch, String ifUnmodifiedSince) throws ApiException { - policiesMediationMediationPolicyIdDeleteWithHttpInfo(mediationPolicyId, ifMatch, ifUnmodifiedSince); - } - - /** - * Delete a Global Mediation Policy - * This operation can be used to delete an existing global mediation policy providing the Id of the mediation policy. - * @param mediationPolicyId Mediation policy Id (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) - * @return ApiResponse<Void> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Mediation policy successfully deleted. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
- */ - public ApiResponse policiesMediationMediationPolicyIdDeleteWithHttpInfo(String mediationPolicyId, String ifMatch, String ifUnmodifiedSince) throws ApiException { - okhttp3.Call localVarCall = policiesMediationMediationPolicyIdDeleteValidateBeforeCall(mediationPolicyId, ifMatch, ifUnmodifiedSince, null); - return localVarApiClient.execute(localVarCall); - } - - /** - * Delete a Global Mediation Policy (asynchronously) - * This operation can be used to delete an existing global mediation policy providing the Id of the mediation policy. - * @param mediationPolicyId Mediation policy Id (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Mediation policy successfully deleted. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
- */ - public okhttp3.Call policiesMediationMediationPolicyIdDeleteAsync(String mediationPolicyId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = policiesMediationMediationPolicyIdDeleteValidateBeforeCall(mediationPolicyId, ifMatch, ifUnmodifiedSince, _callback); - localVarApiClient.executeAsync(localVarCall, _callback); - return localVarCall; - } - /** - * Build call for policiesMediationMediationPolicyIdGet - * @param mediationPolicyId Mediation policy Id (required) - * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Mediation Policy returned. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
- */ - public okhttp3.Call policiesMediationMediationPolicyIdGetCall(String mediationPolicyId, String accept, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = null; - - // create path and map variables - String localVarPath = "/policies/mediation/{mediationPolicyId}" - .replaceAll("\\{" + "mediationPolicyId" + "\\}", localVarApiClient.escapeString(mediationPolicyId.toString())); - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - Map localVarHeaderParams = new HashMap(); - if (accept != null) { - localVarHeaderParams.put("Accept", localVarApiClient.parameterToString(accept)); - } - - if (ifNoneMatch != null) { - localVarHeaderParams.put("If-None-Match", localVarApiClient.parameterToString(ifNoneMatch)); - } - - if (ifModifiedSince != null) { - localVarHeaderParams.put("If-Modified-Since", localVarApiClient.parameterToString(ifModifiedSince)); - } - - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - final String[] localVarAccepts = { - "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call policiesMediationMediationPolicyIdGetValidateBeforeCall(String mediationPolicyId, String accept, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { - - // verify the required parameter 'mediationPolicyId' is set - if (mediationPolicyId == null) { - throw new ApiException("Missing the required parameter 'mediationPolicyId' when calling policiesMediationMediationPolicyIdGet(Async)"); - } - - - okhttp3.Call localVarCall = policiesMediationMediationPolicyIdGetCall(mediationPolicyId, accept, ifNoneMatch, ifModifiedSince, _callback); - return localVarCall; - - } - - /** - * Get a Global Mediation Policy - * This operation can be used to retrieve a particular global mediation policy. - * @param mediationPolicyId Mediation policy Id (required) - * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @return MediationDTO - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Mediation Policy returned. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
- */ - public MediationDTO policiesMediationMediationPolicyIdGet(String mediationPolicyId, String accept, String ifNoneMatch, String ifModifiedSince) throws ApiException { - ApiResponse localVarResp = policiesMediationMediationPolicyIdGetWithHttpInfo(mediationPolicyId, accept, ifNoneMatch, ifModifiedSince); - return localVarResp.getData(); - } - - /** - * Get a Global Mediation Policy - * This operation can be used to retrieve a particular global mediation policy. - * @param mediationPolicyId Mediation policy Id (required) - * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @return ApiResponse<MediationDTO> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Mediation Policy returned. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
- */ - public ApiResponse policiesMediationMediationPolicyIdGetWithHttpInfo(String mediationPolicyId, String accept, String ifNoneMatch, String ifModifiedSince) throws ApiException { - okhttp3.Call localVarCall = policiesMediationMediationPolicyIdGetValidateBeforeCall(mediationPolicyId, accept, ifNoneMatch, ifModifiedSince, null); - Type localVarReturnType = new TypeToken(){}.getType(); - return localVarApiClient.execute(localVarCall, localVarReturnType); - } - - /** - * Get a Global Mediation Policy (asynchronously) - * This operation can be used to retrieve a particular global mediation policy. - * @param mediationPolicyId Mediation policy Id (required) - * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - - - - -
Status Code Description Response Headers
200 OK. Mediation Policy returned. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
- */ - public okhttp3.Call policiesMediationMediationPolicyIdGetAsync(String mediationPolicyId, String accept, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = policiesMediationMediationPolicyIdGetValidateBeforeCall(mediationPolicyId, accept, ifNoneMatch, ifModifiedSince, _callback); - Type localVarReturnType = new TypeToken(){}.getType(); - localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); - return localVarCall; - } - /** - * Build call for policiesMediationMediationPolicyIdPut - * @param mediationPolicyId Mediation policy Id (required) - * @param contentType Media type of the entity in the body. Default is application/json. (required) - * @param mediationDTO Mediation policy object that needs to be updated (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) - * @param _callback Callback for upload/download progress - * @return Call to execute - * @throws ApiException If fail to serialize the request body object - * @http.response.details - - - - - - - -
Status Code Description Response Headers
200 OK. Successful response with updated mediation policy object * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
- */ - public okhttp3.Call policiesMediationMediationPolicyIdPutCall(String mediationPolicyId, String contentType, MediationDTO mediationDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { - Object localVarPostBody = mediationDTO; - - // create path and map variables - String localVarPath = "/policies/mediation/{mediationPolicyId}" - .replaceAll("\\{" + "mediationPolicyId" + "\\}", localVarApiClient.escapeString(mediationPolicyId.toString())); - - List localVarQueryParams = new ArrayList(); - List localVarCollectionQueryParams = new ArrayList(); - Map localVarHeaderParams = new HashMap(); - if (contentType != null) { - localVarHeaderParams.put("Content-Type", localVarApiClient.parameterToString(contentType)); - } - - if (ifMatch != null) { - localVarHeaderParams.put("If-Match", localVarApiClient.parameterToString(ifMatch)); - } - - if (ifUnmodifiedSince != null) { - localVarHeaderParams.put("If-Unmodified-Since", localVarApiClient.parameterToString(ifUnmodifiedSince)); - } - - Map localVarCookieParams = new HashMap(); - Map localVarFormParams = new HashMap(); - final String[] localVarAccepts = { - "application/json" - }; - final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); - if (localVarAccept != null) { - localVarHeaderParams.put("Accept", localVarAccept); - } - - final String[] localVarContentTypes = { - "application/json" - }; - final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); - localVarHeaderParams.put("Content-Type", localVarContentType); - - String[] localVarAuthNames = new String[] { "OAuth2Security" }; - return localVarApiClient.buildCall(localVarPath, "PUT", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); - } - - @SuppressWarnings("rawtypes") - private okhttp3.Call policiesMediationMediationPolicyIdPutValidateBeforeCall(String mediationPolicyId, String contentType, MediationDTO mediationDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { - - // verify the required parameter 'mediationPolicyId' is set - if (mediationPolicyId == null) { - throw new ApiException("Missing the required parameter 'mediationPolicyId' when calling policiesMediationMediationPolicyIdPut(Async)"); - } - - // verify the required parameter 'contentType' is set - if (contentType == null) { - throw new ApiException("Missing the required parameter 'contentType' when calling policiesMediationMediationPolicyIdPut(Async)"); - } - - // verify the required parameter 'mediationDTO' is set - if (mediationDTO == null) { - throw new ApiException("Missing the required parameter 'mediationDTO' when calling policiesMediationMediationPolicyIdPut(Async)"); - } - - - okhttp3.Call localVarCall = policiesMediationMediationPolicyIdPutCall(mediationPolicyId, contentType, mediationDTO, ifMatch, ifUnmodifiedSince, _callback); - return localVarCall; - - } - - /** - * Update a Global Mediation Policy - * This operation can be used to update an existing global mediation policy. - * @param mediationPolicyId Mediation policy Id (required) - * @param contentType Media type of the entity in the body. Default is application/json. (required) - * @param mediationDTO Mediation policy object that needs to be updated (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) - * @return MediationDTO - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - - - -
Status Code Description Response Headers
200 OK. Successful response with updated mediation policy object * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
- */ - public MediationDTO policiesMediationMediationPolicyIdPut(String mediationPolicyId, String contentType, MediationDTO mediationDTO, String ifMatch, String ifUnmodifiedSince) throws ApiException { - ApiResponse localVarResp = policiesMediationMediationPolicyIdPutWithHttpInfo(mediationPolicyId, contentType, mediationDTO, ifMatch, ifUnmodifiedSince); - return localVarResp.getData(); - } - - /** - * Update a Global Mediation Policy - * This operation can be used to update an existing global mediation policy. - * @param mediationPolicyId Mediation policy Id (required) - * @param contentType Media type of the entity in the body. Default is application/json. (required) - * @param mediationDTO Mediation policy object that needs to be updated (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) - * @return ApiResponse<MediationDTO> - * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body - * @http.response.details - - - - - - - -
Status Code Description Response Headers
200 OK. Successful response with updated mediation policy object * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
- */ - public ApiResponse policiesMediationMediationPolicyIdPutWithHttpInfo(String mediationPolicyId, String contentType, MediationDTO mediationDTO, String ifMatch, String ifUnmodifiedSince) throws ApiException { - okhttp3.Call localVarCall = policiesMediationMediationPolicyIdPutValidateBeforeCall(mediationPolicyId, contentType, mediationDTO, ifMatch, ifUnmodifiedSince, null); - Type localVarReturnType = new TypeToken(){}.getType(); - return localVarApiClient.execute(localVarCall, localVarReturnType); - } - - /** - * Update a Global Mediation Policy (asynchronously) - * This operation can be used to update an existing global mediation policy. - * @param mediationPolicyId Mediation policy Id (required) - * @param contentType Media type of the entity in the body. Default is application/json. (required) - * @param mediationDTO Mediation policy object that needs to be updated (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) - * @param _callback The callback to be executed when the API call finishes - * @return The request call - * @throws ApiException If fail to process the API call, e.g. serializing the request body object - * @http.response.details - - - - - - - -
Status Code Description Response Headers
200 OK. Successful response with updated mediation policy object * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
403 Forbidden. The request must be conditional but no condition has been specified. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
- */ - public okhttp3.Call policiesMediationMediationPolicyIdPutAsync(String mediationPolicyId, String contentType, MediationDTO mediationDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { - - okhttp3.Call localVarCall = policiesMediationMediationPolicyIdPutValidateBeforeCall(mediationPolicyId, contentType, mediationDTO, ifMatch, ifUnmodifiedSince, _callback); - Type localVarReturnType = new TypeToken(){}.getType(); - localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); - return localVarCall; - } -} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/MonetizationCollectionApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/MonetizationCollectionApi.java index 89d59d7a8a..181d137ae7 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/MonetizationCollectionApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/MonetizationCollectionApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/OrganizationsApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/OrganizationsApi.java index 065c90ebd9..23a65f9f88 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/OrganizationsApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/OrganizationsApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/PlatformGatewaysApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/PlatformGatewaysApi.java new file mode 100644 index 0000000000..bf65f230c9 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/PlatformGatewaysApi.java @@ -0,0 +1,651 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api; + +import org.wso2.am.integration.clients.admin.ApiCallback; +import org.wso2.am.integration.clients.admin.ApiClient; +import org.wso2.am.integration.clients.admin.ApiException; +import org.wso2.am.integration.clients.admin.ApiResponse; +import org.wso2.am.integration.clients.admin.Configuration; +import org.wso2.am.integration.clients.admin.Pair; +import org.wso2.am.integration.clients.admin.ProgressRequestBody; +import org.wso2.am.integration.clients.admin.ProgressResponseBody; + +import com.google.gson.reflect.TypeToken; + +import java.io.IOException; + + +import org.wso2.am.integration.clients.admin.api.dto.CreatePlatformGatewayRequestDTO; +import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; +import org.wso2.am.integration.clients.admin.api.dto.GatewayListDTO; +import org.wso2.am.integration.clients.admin.api.dto.GatewayResponseWithTokenDTO; +import org.wso2.am.integration.clients.admin.api.dto.PlatformGatewayResponseDTO; +import org.wso2.am.integration.clients.admin.api.dto.UpdatePlatformGatewayRequestDTO; + +import java.lang.reflect.Type; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class PlatformGatewaysApi { + private ApiClient localVarApiClient; + + public PlatformGatewaysApi() { + this(Configuration.getDefaultApiClient()); + } + + public PlatformGatewaysApi(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + public ApiClient getApiClient() { + return localVarApiClient; + } + + public void setApiClient(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + /** + * Build call for createPlatformGateway + * @param createPlatformGatewayRequestDTO (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + + +
Status Code Description Response Headers
201 Created. Gateway and registration token (returned once) in the response body. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Specified resource already exists. -
+ */ + public okhttp3.Call createPlatformGatewayCall(CreatePlatformGatewayRequestDTO createPlatformGatewayRequestDTO, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = createPlatformGatewayRequestDTO; + + // create path and map variables + String localVarPath = "/gateways"; + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + "application/json" + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call createPlatformGatewayValidateBeforeCall(CreatePlatformGatewayRequestDTO createPlatformGatewayRequestDTO, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'createPlatformGatewayRequestDTO' is set + if (createPlatformGatewayRequestDTO == null) { + throw new ApiException("Missing the required parameter 'createPlatformGatewayRequestDTO' when calling createPlatformGateway(Async)"); + } + + + okhttp3.Call localVarCall = createPlatformGatewayCall(createPlatformGatewayRequestDTO, _callback); + return localVarCall; + + } + + /** + * Register a platform gateway + * Register a new platform gateway. A registration token is generated and returned once in the response; store it (e.g. as GATEWAY_CONTROL_PLANE_TOKEN in Docker Compose) for the gateway to connect to the control plane WebSocket. The token is stored hashed and cannot be retrieved later. + * @param createPlatformGatewayRequestDTO (required) + * @return GatewayResponseWithTokenDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + +
Status Code Description Response Headers
201 Created. Gateway and registration token (returned once) in the response body. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Specified resource already exists. -
+ */ + public GatewayResponseWithTokenDTO createPlatformGateway(CreatePlatformGatewayRequestDTO createPlatformGatewayRequestDTO) throws ApiException { + ApiResponse localVarResp = createPlatformGatewayWithHttpInfo(createPlatformGatewayRequestDTO); + return localVarResp.getData(); + } + + /** + * Register a platform gateway + * Register a new platform gateway. A registration token is generated and returned once in the response; store it (e.g. as GATEWAY_CONTROL_PLANE_TOKEN in Docker Compose) for the gateway to connect to the control plane WebSocket. The token is stored hashed and cannot be retrieved later. + * @param createPlatformGatewayRequestDTO (required) + * @return ApiResponse<GatewayResponseWithTokenDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + + +
Status Code Description Response Headers
201 Created. Gateway and registration token (returned once) in the response body. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Specified resource already exists. -
+ */ + public ApiResponse createPlatformGatewayWithHttpInfo(CreatePlatformGatewayRequestDTO createPlatformGatewayRequestDTO) throws ApiException { + okhttp3.Call localVarCall = createPlatformGatewayValidateBeforeCall(createPlatformGatewayRequestDTO, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Register a platform gateway (asynchronously) + * Register a new platform gateway. A registration token is generated and returned once in the response; store it (e.g. as GATEWAY_CONTROL_PLANE_TOKEN in Docker Compose) for the gateway to connect to the control plane WebSocket. The token is stored hashed and cannot be retrieved later. + * @param createPlatformGatewayRequestDTO (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + + +
Status Code Description Response Headers
201 Created. Gateway and registration token (returned once) in the response body. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Specified resource already exists. -
+ */ + public okhttp3.Call createPlatformGatewayAsync(CreatePlatformGatewayRequestDTO createPlatformGatewayRequestDTO, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = createPlatformGatewayValidateBeforeCall(createPlatformGatewayRequestDTO, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } + /** + * Build call for deletePlatformGateway + * @param gatewayId Gateway UUID (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Gateway and all references removed. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Cannot delete gateway while API revisions are deployed to it. -
+ */ + public okhttp3.Call deletePlatformGatewayCall(String gatewayId, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/gateways/{gatewayId}" + .replaceAll("\\{" + "gatewayId" + "\\}", localVarApiClient.escapeString(gatewayId.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "DELETE", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call deletePlatformGatewayValidateBeforeCall(String gatewayId, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'gatewayId' is set + if (gatewayId == null) { + throw new ApiException("Missing the required parameter 'gatewayId' when calling deletePlatformGateway(Async)"); + } + + + okhttp3.Call localVarCall = deletePlatformGatewayCall(gatewayId, _callback); + return localVarCall; + + } + + /** + * Delete a platform gateway + * Delete a platform gateway and all its references (tokens, instance mappings, revision deployment records, gateway environment, permissions). Fails with 409 if any API revisions are currently deployed to this gateway; undeploy all APIs from the gateway first. + * @param gatewayId Gateway UUID (required) + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Gateway and all references removed. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Cannot delete gateway while API revisions are deployed to it. -
+ */ + public void deletePlatformGateway(String gatewayId) throws ApiException { + deletePlatformGatewayWithHttpInfo(gatewayId); + } + + /** + * Delete a platform gateway + * Delete a platform gateway and all its references (tokens, instance mappings, revision deployment records, gateway environment, permissions). Fails with 409 if any API revisions are currently deployed to this gateway; undeploy all APIs from the gateway first. + * @param gatewayId Gateway UUID (required) + * @return ApiResponse<Void> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Gateway and all references removed. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Cannot delete gateway while API revisions are deployed to it. -
+ */ + public ApiResponse deletePlatformGatewayWithHttpInfo(String gatewayId) throws ApiException { + okhttp3.Call localVarCall = deletePlatformGatewayValidateBeforeCall(gatewayId, null); + return localVarApiClient.execute(localVarCall); + } + + /** + * Delete a platform gateway (asynchronously) + * Delete a platform gateway and all its references (tokens, instance mappings, revision deployment records, gateway environment, permissions). Fails with 409 if any API revisions are currently deployed to this gateway; undeploy all APIs from the gateway first. + * @param gatewayId Gateway UUID (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Gateway and all references removed. -
404 Not Found. The specified resource does not exist. -
409 Conflict. Cannot delete gateway while API revisions are deployed to it. -
+ */ + public okhttp3.Call deletePlatformGatewayAsync(String gatewayId, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = deletePlatformGatewayValidateBeforeCall(gatewayId, _callback); + localVarApiClient.executeAsync(localVarCall, _callback); + return localVarCall; + } + /** + * Build call for getPlatformGateways + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + +
Status Code Description Response Headers
200 OK. List of platform gateways returned (without registration tokens). -
404 Not Found. The specified resource does not exist. -
+ */ + public okhttp3.Call getPlatformGatewaysCall(final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/gateways"; + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call getPlatformGatewaysValidateBeforeCall(final ApiCallback _callback) throws ApiException { + + + okhttp3.Call localVarCall = getPlatformGatewaysCall(_callback); + return localVarCall; + + } + + /** + * Get all platform gateways + * Get all registered platform gateways for the organization. + * @return GatewayListDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + +
Status Code Description Response Headers
200 OK. List of platform gateways returned (without registration tokens). -
404 Not Found. The specified resource does not exist. -
+ */ + public GatewayListDTO getPlatformGateways() throws ApiException { + ApiResponse localVarResp = getPlatformGatewaysWithHttpInfo(); + return localVarResp.getData(); + } + + /** + * Get all platform gateways + * Get all registered platform gateways for the organization. + * @return ApiResponse<GatewayListDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + +
Status Code Description Response Headers
200 OK. List of platform gateways returned (without registration tokens). -
404 Not Found. The specified resource does not exist. -
+ */ + public ApiResponse getPlatformGatewaysWithHttpInfo() throws ApiException { + okhttp3.Call localVarCall = getPlatformGatewaysValidateBeforeCall(null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Get all platform gateways (asynchronously) + * Get all registered platform gateways for the organization. + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + +
Status Code Description Response Headers
200 OK. List of platform gateways returned (without registration tokens). -
404 Not Found. The specified resource does not exist. -
+ */ + public okhttp3.Call getPlatformGatewaysAsync(final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = getPlatformGatewaysValidateBeforeCall(_callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } + /** + * Build call for regeneratePlatformGatewayToken + * @param gatewayId Gateway UUID (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Gateway and new registration token (returned once) in the response body. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public okhttp3.Call regeneratePlatformGatewayTokenCall(String gatewayId, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/gateways/{gatewayId}/regenerate-token" + .replaceAll("\\{" + "gatewayId" + "\\}", localVarApiClient.escapeString(gatewayId.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call regeneratePlatformGatewayTokenValidateBeforeCall(String gatewayId, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'gatewayId' is set + if (gatewayId == null) { + throw new ApiException("Missing the required parameter 'gatewayId' when calling regeneratePlatformGatewayToken(Async)"); + } + + + okhttp3.Call localVarCall = regeneratePlatformGatewayTokenCall(gatewayId, _callback); + return localVarCall; + + } + + /** + * Regenerate registration token for a platform gateway + * Regenerate the registration token for an existing platform gateway. The old token is revoked and a new one is generated. Store the new token (e.g. as GATEWAY_CONTROL_PLANE_TOKEN in Docker Compose) for the gateway to reconnect to the control plane WebSocket. The token is returned only once. + * @param gatewayId Gateway UUID (required) + * @return GatewayResponseWithTokenDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Gateway and new registration token (returned once) in the response body. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public GatewayResponseWithTokenDTO regeneratePlatformGatewayToken(String gatewayId) throws ApiException { + ApiResponse localVarResp = regeneratePlatformGatewayTokenWithHttpInfo(gatewayId); + return localVarResp.getData(); + } + + /** + * Regenerate registration token for a platform gateway + * Regenerate the registration token for an existing platform gateway. The old token is revoked and a new one is generated. Store the new token (e.g. as GATEWAY_CONTROL_PLANE_TOKEN in Docker Compose) for the gateway to reconnect to the control plane WebSocket. The token is returned only once. + * @param gatewayId Gateway UUID (required) + * @return ApiResponse<GatewayResponseWithTokenDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Gateway and new registration token (returned once) in the response body. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public ApiResponse regeneratePlatformGatewayTokenWithHttpInfo(String gatewayId) throws ApiException { + okhttp3.Call localVarCall = regeneratePlatformGatewayTokenValidateBeforeCall(gatewayId, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Regenerate registration token for a platform gateway (asynchronously) + * Regenerate the registration token for an existing platform gateway. The old token is revoked and a new one is generated. Store the new token (e.g. as GATEWAY_CONTROL_PLANE_TOKEN in Docker Compose) for the gateway to reconnect to the control plane WebSocket. The token is returned only once. + * @param gatewayId Gateway UUID (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Gateway and new registration token (returned once) in the response body. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public okhttp3.Call regeneratePlatformGatewayTokenAsync(String gatewayId, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = regeneratePlatformGatewayTokenValidateBeforeCall(gatewayId, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } + /** + * Build call for updatePlatformGateway + * @param gatewayId Gateway UUID (required) + * @param updatePlatformGatewayRequestDTO (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Updated platform gateway in the response body. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public okhttp3.Call updatePlatformGatewayCall(String gatewayId, UpdatePlatformGatewayRequestDTO updatePlatformGatewayRequestDTO, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = updatePlatformGatewayRequestDTO; + + // create path and map variables + String localVarPath = "/gateways/{gatewayId}" + .replaceAll("\\{" + "gatewayId" + "\\}", localVarApiClient.escapeString(gatewayId.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + "application/json" + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "PUT", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call updatePlatformGatewayValidateBeforeCall(String gatewayId, UpdatePlatformGatewayRequestDTO updatePlatformGatewayRequestDTO, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'gatewayId' is set + if (gatewayId == null) { + throw new ApiException("Missing the required parameter 'gatewayId' when calling updatePlatformGateway(Async)"); + } + + // verify the required parameter 'updatePlatformGatewayRequestDTO' is set + if (updatePlatformGatewayRequestDTO == null) { + throw new ApiException("Missing the required parameter 'updatePlatformGatewayRequestDTO' when calling updatePlatformGateway(Async)"); + } + + + okhttp3.Call localVarCall = updatePlatformGatewayCall(gatewayId, updatePlatformGatewayRequestDTO, _callback); + return localVarCall; + + } + + /** + * Update a platform gateway + * Update platform gateway metadata. Request body must include all updatable fields (displayName, description, properties, permissions). Name and vhost cannot be changed. UI should send the full resource representation to align with PUT semantics. + * @param gatewayId Gateway UUID (required) + * @param updatePlatformGatewayRequestDTO (required) + * @return PlatformGatewayResponseDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Updated platform gateway in the response body. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public PlatformGatewayResponseDTO updatePlatformGateway(String gatewayId, UpdatePlatformGatewayRequestDTO updatePlatformGatewayRequestDTO) throws ApiException { + ApiResponse localVarResp = updatePlatformGatewayWithHttpInfo(gatewayId, updatePlatformGatewayRequestDTO); + return localVarResp.getData(); + } + + /** + * Update a platform gateway + * Update platform gateway metadata. Request body must include all updatable fields (displayName, description, properties, permissions). Name and vhost cannot be changed. UI should send the full resource representation to align with PUT semantics. + * @param gatewayId Gateway UUID (required) + * @param updatePlatformGatewayRequestDTO (required) + * @return ApiResponse<PlatformGatewayResponseDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Updated platform gateway in the response body. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public ApiResponse updatePlatformGatewayWithHttpInfo(String gatewayId, UpdatePlatformGatewayRequestDTO updatePlatformGatewayRequestDTO) throws ApiException { + okhttp3.Call localVarCall = updatePlatformGatewayValidateBeforeCall(gatewayId, updatePlatformGatewayRequestDTO, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Update a platform gateway (asynchronously) + * Update platform gateway metadata. Request body must include all updatable fields (displayName, description, properties, permissions). Name and vhost cannot be changed. UI should send the full resource representation to align with PUT semantics. + * @param gatewayId Gateway UUID (required) + * @param updatePlatformGatewayRequestDTO (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Updated platform gateway in the response body. -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
+ */ + public okhttp3.Call updatePlatformGatewayAsync(String gatewayId, UpdatePlatformGatewayRequestDTO updatePlatformGatewayRequestDTO, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = updatePlatformGatewayValidateBeforeCall(gatewayId, updatePlatformGatewayRequestDTO, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } +} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/RolesApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/RolesApi.java new file mode 100644 index 0000000000..04efd62156 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/RolesApi.java @@ -0,0 +1,172 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api; + +import org.wso2.am.integration.clients.admin.ApiCallback; +import org.wso2.am.integration.clients.admin.ApiClient; +import org.wso2.am.integration.clients.admin.ApiException; +import org.wso2.am.integration.clients.admin.ApiResponse; +import org.wso2.am.integration.clients.admin.Configuration; +import org.wso2.am.integration.clients.admin.Pair; +import org.wso2.am.integration.clients.admin.ProgressRequestBody; +import org.wso2.am.integration.clients.admin.ProgressResponseBody; + +import com.google.gson.reflect.TypeToken; + +import java.io.IOException; + + +import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; + +import java.lang.reflect.Type; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class RolesApi { + private ApiClient localVarApiClient; + + public RolesApi() { + this(Configuration.getDefaultApiClient()); + } + + public RolesApi(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + public ApiClient getApiClient() { + return localVarApiClient; + } + + public void setApiClient(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + /** + * Build call for validateSystemRole + * @param roleId The Base 64 URL encoded role name with domain. If the given role is in PRIMARY user-store, role ID should be derived as Base64URLEncode(role-name). If the given role is in secondary user-store, role ID should be derived as Base64URLEncode({user-store-name}/{role-name}). (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Requested role name exists. -
404 Not Found. The specified resource does not exist. -
500 Internal Server Error. -
+ */ + public okhttp3.Call validateSystemRoleCall(String roleId, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/roles/{roleId}" + .replaceAll("\\{" + "roleId" + "\\}", localVarApiClient.escapeString(roleId.toString())); + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "HEAD", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call validateSystemRoleValidateBeforeCall(String roleId, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'roleId' is set + if (roleId == null) { + throw new ApiException("Missing the required parameter 'roleId' when calling validateSystemRole(Async)"); + } + + + okhttp3.Call localVarCall = validateSystemRoleCall(roleId, _callback); + return localVarCall; + + } + + /** + * Check Whether Given Role Name already Exist + * Using this operation, user can check a given role name exists or not. + * @param roleId The Base 64 URL encoded role name with domain. If the given role is in PRIMARY user-store, role ID should be derived as Base64URLEncode(role-name). If the given role is in secondary user-store, role ID should be derived as Base64URLEncode({user-store-name}/{role-name}). (required) + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Requested role name exists. -
404 Not Found. The specified resource does not exist. -
500 Internal Server Error. -
+ */ + public void validateSystemRole(String roleId) throws ApiException { + validateSystemRoleWithHttpInfo(roleId); + } + + /** + * Check Whether Given Role Name already Exist + * Using this operation, user can check a given role name exists or not. + * @param roleId The Base 64 URL encoded role name with domain. If the given role is in PRIMARY user-store, role ID should be derived as Base64URLEncode(role-name). If the given role is in secondary user-store, role ID should be derived as Base64URLEncode({user-store-name}/{role-name}). (required) + * @return ApiResponse<Void> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Requested role name exists. -
404 Not Found. The specified resource does not exist. -
500 Internal Server Error. -
+ */ + public ApiResponse validateSystemRoleWithHttpInfo(String roleId) throws ApiException { + okhttp3.Call localVarCall = validateSystemRoleValidateBeforeCall(roleId, null); + return localVarApiClient.execute(localVarCall); + } + + /** + * Check Whether Given Role Name already Exist (asynchronously) + * Using this operation, user can check a given role name exists or not. + * @param roleId The Base 64 URL encoded role name with domain. If the given role is in PRIMARY user-store, role ID should be derived as Base64URLEncode(role-name). If the given role is in secondary user-store, role ID should be derived as Base64URLEncode({user-store-name}/{role-name}). (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + + +
Status Code Description Response Headers
200 OK. Requested role name exists. -
404 Not Found. The specified resource does not exist. -
500 Internal Server Error. -
+ */ + public okhttp3.Call validateSystemRoleAsync(String roleId, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = validateSystemRoleValidateBeforeCall(roleId, _callback); + localVarApiClient.executeAsync(localVarCall, _callback); + return localVarCall; + } +} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/SettingsApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/SettingsApi.java index f8ec279e96..3981cc5d0d 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/SettingsApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/SettingsApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/SubscriptionPolicyCollectionApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/SubscriptionPolicyCollectionApi.java index fc21eefe7b..00cf3c1b53 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/SubscriptionPolicyCollectionApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/SubscriptionPolicyCollectionApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -59,20 +59,17 @@ public void setApiClient(ApiClient apiClient) { /** * Build call for throttlingPoliciesSubscriptionGet * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingPoliciesSubscriptionGetCall(String accept, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesSubscriptionGetCall(String accept, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -85,14 +82,6 @@ public okhttp3.Call throttlingPoliciesSubscriptionGetCall(String accept, String localVarHeaderParams.put("Accept", localVarApiClient.parameterToString(accept)); } - if (ifNoneMatch != null) { - localVarHeaderParams.put("If-None-Match", localVarApiClient.parameterToString(ifNoneMatch)); - } - - if (ifModifiedSince != null) { - localVarHeaderParams.put("If-Modified-Since", localVarApiClient.parameterToString(ifModifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -114,10 +103,10 @@ public okhttp3.Call throttlingPoliciesSubscriptionGetCall(String accept, String } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingPoliciesSubscriptionGetValidateBeforeCall(String accept, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingPoliciesSubscriptionGetValidateBeforeCall(String accept, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesSubscriptionGetCall(accept, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesSubscriptionGetCall(accept, _callback); return localVarCall; } @@ -126,20 +115,17 @@ private okhttp3.Call throttlingPoliciesSubscriptionGetValidateBeforeCall(String * Get all Subscription Throttling Policies * This operation can be used to retrieve all Subscription level throttling policies. * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return SubscriptionThrottlePolicyListDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public SubscriptionThrottlePolicyListDTO throttlingPoliciesSubscriptionGet(String accept, String ifNoneMatch, String ifModifiedSince) throws ApiException { - ApiResponse localVarResp = throttlingPoliciesSubscriptionGetWithHttpInfo(accept, ifNoneMatch, ifModifiedSince); + public SubscriptionThrottlePolicyListDTO throttlingPoliciesSubscriptionGet(String accept) throws ApiException { + ApiResponse localVarResp = throttlingPoliciesSubscriptionGetWithHttpInfo(accept); return localVarResp.getData(); } @@ -147,20 +133,17 @@ public SubscriptionThrottlePolicyListDTO throttlingPoliciesSubscriptionGet(Strin * Get all Subscription Throttling Policies * This operation can be used to retrieve all Subscription level throttling policies. * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return ApiResponse<SubscriptionThrottlePolicyListDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public ApiResponse throttlingPoliciesSubscriptionGetWithHttpInfo(String accept, String ifNoneMatch, String ifModifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesSubscriptionGetValidateBeforeCall(accept, ifNoneMatch, ifModifiedSince, null); + public ApiResponse throttlingPoliciesSubscriptionGetWithHttpInfo(String accept) throws ApiException { + okhttp3.Call localVarCall = throttlingPoliciesSubscriptionGetValidateBeforeCall(accept, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -169,22 +152,19 @@ public ApiResponse throttlingPoliciesSubscrip * Get all Subscription Throttling Policies (asynchronously) * This operation can be used to retrieve all Subscription level throttling policies. * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policies returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policies returned * Content-Type - The content type of the body.
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingPoliciesSubscriptionGetAsync(String accept, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesSubscriptionGetAsync(String accept, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesSubscriptionGetValidateBeforeCall(accept, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesSubscriptionGetValidateBeforeCall(accept, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; @@ -199,7 +179,7 @@ public okhttp3.Call throttlingPoliciesSubscriptionGetAsync(String accept, String * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created Policy object.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created Policy object.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
@@ -266,7 +246,7 @@ private okhttp3.Call throttlingPoliciesSubscriptionPostValidateBeforeCall(String * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created Policy object.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created Policy object.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
@@ -286,7 +266,7 @@ public SubscriptionThrottlePolicyDTO throttlingPoliciesSubscriptionPost(String c * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created Policy object.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created Policy object.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
@@ -308,7 +288,7 @@ public ApiResponse throttlingPoliciesSubscription * @http.response.details - +
Status Code Description Response Headers
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Location - Location of the newly created Policy object.
* Content-Type - The content type of the body.
201 Created. Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. * Location - Location of the newly created Policy object.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
415 Unsupported Media Type. The entity of the request was not in a supported format. -
diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/SubscriptionPolicyIndividualApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/SubscriptionPolicyIndividualApi.java index b6a73dace1..49918f2067 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/SubscriptionPolicyIndividualApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/SubscriptionPolicyIndividualApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -58,8 +58,6 @@ public void setApiClient(ApiClient apiClient) { /** * Build call for throttlingPoliciesSubscriptionPolicyIdDelete * @param policyId Thorttle policy UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object @@ -68,10 +66,9 @@ public void setApiClient(ApiClient apiClient) { Status Code Description Response Headers 200 OK. Resource successfully deleted. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdDeleteCall(String policyId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdDeleteCall(String policyId, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -81,14 +78,6 @@ public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdDeleteCall(String poli List localVarQueryParams = new ArrayList(); List localVarCollectionQueryParams = new ArrayList(); Map localVarHeaderParams = new HashMap(); - if (ifMatch != null) { - localVarHeaderParams.put("If-Match", localVarApiClient.parameterToString(ifMatch)); - } - - if (ifUnmodifiedSince != null) { - localVarHeaderParams.put("If-Unmodified-Since", localVarApiClient.parameterToString(ifUnmodifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -110,7 +99,7 @@ public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdDeleteCall(String poli } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingPoliciesSubscriptionPolicyIdDeleteValidateBeforeCall(String policyId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingPoliciesSubscriptionPolicyIdDeleteValidateBeforeCall(String policyId, final ApiCallback _callback) throws ApiException { // verify the required parameter 'policyId' is set if (policyId == null) { @@ -118,7 +107,7 @@ private okhttp3.Call throttlingPoliciesSubscriptionPolicyIdDeleteValidateBeforeC } - okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdDeleteCall(policyId, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdDeleteCall(policyId, _callback); return localVarCall; } @@ -127,27 +116,22 @@ private okhttp3.Call throttlingPoliciesSubscriptionPolicyIdDeleteValidateBeforeC * Delete a Subscription Policy * This operation can be used to delete a subscription level throttling policy by specifying the Id of the policy as a path paramter. * @param policyId Thorttle policy UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details -
Status Code Description Response Headers
200 OK. Resource successfully deleted. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public void throttlingPoliciesSubscriptionPolicyIdDelete(String policyId, String ifMatch, String ifUnmodifiedSince) throws ApiException { - throttlingPoliciesSubscriptionPolicyIdDeleteWithHttpInfo(policyId, ifMatch, ifUnmodifiedSince); + public void throttlingPoliciesSubscriptionPolicyIdDelete(String policyId) throws ApiException { + throttlingPoliciesSubscriptionPolicyIdDeleteWithHttpInfo(policyId); } /** * Delete a Subscription Policy * This operation can be used to delete a subscription level throttling policy by specifying the Id of the policy as a path paramter. * @param policyId Thorttle policy UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return ApiResponse<Void> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -155,11 +139,10 @@ public void throttlingPoliciesSubscriptionPolicyIdDelete(String policyId, String Status Code Description Response Headers 200 OK. Resource successfully deleted. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public ApiResponse throttlingPoliciesSubscriptionPolicyIdDeleteWithHttpInfo(String policyId, String ifMatch, String ifUnmodifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdDeleteValidateBeforeCall(policyId, ifMatch, ifUnmodifiedSince, null); + public ApiResponse throttlingPoliciesSubscriptionPolicyIdDeleteWithHttpInfo(String policyId) throws ApiException { + okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdDeleteValidateBeforeCall(policyId, null); return localVarApiClient.execute(localVarCall); } @@ -167,8 +150,6 @@ public ApiResponse throttlingPoliciesSubscriptionPolicyIdDeleteWithHttpInf * Delete a Subscription Policy (asynchronously) * This operation can be used to delete a subscription level throttling policy by specifying the Id of the policy as a path paramter. * @param policyId Thorttle policy UUID (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object @@ -177,33 +158,29 @@ public ApiResponse throttlingPoliciesSubscriptionPolicyIdDeleteWithHttpInf Status Code Description Response Headers 200 OK. Resource successfully deleted. - 404 Not Found. The specified resource does not exist. - - 412 Precondition Failed. The request has not been performed because one of the preconditions is not met. - */ - public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdDeleteAsync(String policyId, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdDeleteAsync(String policyId, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdDeleteValidateBeforeCall(policyId, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdDeleteValidateBeforeCall(policyId, _callback); localVarApiClient.executeAsync(localVarCall, _callback); return localVarCall; } /** * Build call for throttlingPoliciesSubscriptionPolicyIdGet * @param policyId Thorttle policy UUID (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policy returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policy returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdGetCall(String policyId, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdGetCall(String policyId, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -213,14 +190,6 @@ public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdGetCall(String policyI List localVarQueryParams = new ArrayList(); List localVarCollectionQueryParams = new ArrayList(); Map localVarHeaderParams = new HashMap(); - if (ifNoneMatch != null) { - localVarHeaderParams.put("If-None-Match", localVarApiClient.parameterToString(ifNoneMatch)); - } - - if (ifModifiedSince != null) { - localVarHeaderParams.put("If-Modified-Since", localVarApiClient.parameterToString(ifModifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -242,7 +211,7 @@ public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdGetCall(String policyI } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingPoliciesSubscriptionPolicyIdGetValidateBeforeCall(String policyId, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingPoliciesSubscriptionPolicyIdGetValidateBeforeCall(String policyId, final ApiCallback _callback) throws ApiException { // verify the required parameter 'policyId' is set if (policyId == null) { @@ -250,7 +219,7 @@ private okhttp3.Call throttlingPoliciesSubscriptionPolicyIdGetValidateBeforeCall } - okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdGetCall(policyId, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdGetCall(policyId, _callback); return localVarCall; } @@ -259,21 +228,18 @@ private okhttp3.Call throttlingPoliciesSubscriptionPolicyIdGetValidateBeforeCall * Get a Subscription Policy * This operation can be used to retrieves subscription level throttling policy by specifying the Id of the policy as a path paramter * @param policyId Thorttle policy UUID (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return SubscriptionThrottlePolicyDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policy returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policy returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public SubscriptionThrottlePolicyDTO throttlingPoliciesSubscriptionPolicyIdGet(String policyId, String ifNoneMatch, String ifModifiedSince) throws ApiException { - ApiResponse localVarResp = throttlingPoliciesSubscriptionPolicyIdGetWithHttpInfo(policyId, ifNoneMatch, ifModifiedSince); + public SubscriptionThrottlePolicyDTO throttlingPoliciesSubscriptionPolicyIdGet(String policyId) throws ApiException { + ApiResponse localVarResp = throttlingPoliciesSubscriptionPolicyIdGetWithHttpInfo(policyId); return localVarResp.getData(); } @@ -281,21 +247,18 @@ public SubscriptionThrottlePolicyDTO throttlingPoliciesSubscriptionPolicyIdGet(S * Get a Subscription Policy * This operation can be used to retrieves subscription level throttling policy by specifying the Id of the policy as a path paramter * @param policyId Thorttle policy UUID (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return ApiResponse<SubscriptionThrottlePolicyDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policy returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policy returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public ApiResponse throttlingPoliciesSubscriptionPolicyIdGetWithHttpInfo(String policyId, String ifNoneMatch, String ifModifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdGetValidateBeforeCall(policyId, ifNoneMatch, ifModifiedSince, null); + public ApiResponse throttlingPoliciesSubscriptionPolicyIdGetWithHttpInfo(String policyId) throws ApiException { + okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdGetValidateBeforeCall(policyId, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -304,23 +267,20 @@ public ApiResponse throttlingPoliciesSubscription * Get a Subscription Policy (asynchronously) * This operation can be used to retrieves subscription level throttling policy by specifying the Id of the policy as a path paramter * @param policyId Thorttle policy UUID (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param ifModifiedSince Validator for conditional requests; based on Last Modified header of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - - +
Status Code Description Response Headers
200 OK. Policy returned * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
200 OK. Policy returned * Content-Type - The content type of the body.
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdGetAsync(String policyId, String ifNoneMatch, String ifModifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdGetAsync(String policyId, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdGetValidateBeforeCall(policyId, ifNoneMatch, ifModifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdGetValidateBeforeCall(policyId, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; @@ -330,21 +290,18 @@ public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdGetAsync(String policy * @param policyId Thorttle policy UUID (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param subscriptionThrottlePolicyDTO Policy object that needs to be modified (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object * @http.response.details - + -
Status Code Description Response Headers
200 OK. Policy updated. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
200 OK. Policy updated. * Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdPutCall(String policyId, String contentType, SubscriptionThrottlePolicyDTO subscriptionThrottlePolicyDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdPutCall(String policyId, String contentType, SubscriptionThrottlePolicyDTO subscriptionThrottlePolicyDTO, final ApiCallback _callback) throws ApiException { Object localVarPostBody = subscriptionThrottlePolicyDTO; // create path and map variables @@ -358,14 +315,6 @@ public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdPutCall(String policyI localVarHeaderParams.put("Content-Type", localVarApiClient.parameterToString(contentType)); } - if (ifMatch != null) { - localVarHeaderParams.put("If-Match", localVarApiClient.parameterToString(ifMatch)); - } - - if (ifUnmodifiedSince != null) { - localVarHeaderParams.put("If-Unmodified-Since", localVarApiClient.parameterToString(ifUnmodifiedSince)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -387,7 +336,7 @@ public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdPutCall(String policyI } @SuppressWarnings("rawtypes") - private okhttp3.Call throttlingPoliciesSubscriptionPolicyIdPutValidateBeforeCall(String policyId, String contentType, SubscriptionThrottlePolicyDTO subscriptionThrottlePolicyDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + private okhttp3.Call throttlingPoliciesSubscriptionPolicyIdPutValidateBeforeCall(String policyId, String contentType, SubscriptionThrottlePolicyDTO subscriptionThrottlePolicyDTO, final ApiCallback _callback) throws ApiException { // verify the required parameter 'policyId' is set if (policyId == null) { @@ -405,7 +354,7 @@ private okhttp3.Call throttlingPoliciesSubscriptionPolicyIdPutValidateBeforeCall } - okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdPutCall(policyId, contentType, subscriptionThrottlePolicyDTO, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdPutCall(policyId, contentType, subscriptionThrottlePolicyDTO, _callback); return localVarCall; } @@ -416,21 +365,18 @@ private okhttp3.Call throttlingPoliciesSubscriptionPolicyIdPutValidateBeforeCall * @param policyId Thorttle policy UUID (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param subscriptionThrottlePolicyDTO Policy object that needs to be modified (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return SubscriptionThrottlePolicyDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - + -
Status Code Description Response Headers
200 OK. Policy updated. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
200 OK. Policy updated. * Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public SubscriptionThrottlePolicyDTO throttlingPoliciesSubscriptionPolicyIdPut(String policyId, String contentType, SubscriptionThrottlePolicyDTO subscriptionThrottlePolicyDTO, String ifMatch, String ifUnmodifiedSince) throws ApiException { - ApiResponse localVarResp = throttlingPoliciesSubscriptionPolicyIdPutWithHttpInfo(policyId, contentType, subscriptionThrottlePolicyDTO, ifMatch, ifUnmodifiedSince); + public SubscriptionThrottlePolicyDTO throttlingPoliciesSubscriptionPolicyIdPut(String policyId, String contentType, SubscriptionThrottlePolicyDTO subscriptionThrottlePolicyDTO) throws ApiException { + ApiResponse localVarResp = throttlingPoliciesSubscriptionPolicyIdPutWithHttpInfo(policyId, contentType, subscriptionThrottlePolicyDTO); return localVarResp.getData(); } @@ -440,21 +386,18 @@ public SubscriptionThrottlePolicyDTO throttlingPoliciesSubscriptionPolicyIdPut(S * @param policyId Thorttle policy UUID (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param subscriptionThrottlePolicyDTO Policy object that needs to be modified (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @return ApiResponse<SubscriptionThrottlePolicyDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details - + -
Status Code Description Response Headers
200 OK. Policy updated. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
200 OK. Policy updated. * Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public ApiResponse throttlingPoliciesSubscriptionPolicyIdPutWithHttpInfo(String policyId, String contentType, SubscriptionThrottlePolicyDTO subscriptionThrottlePolicyDTO, String ifMatch, String ifUnmodifiedSince) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdPutValidateBeforeCall(policyId, contentType, subscriptionThrottlePolicyDTO, ifMatch, ifUnmodifiedSince, null); + public ApiResponse throttlingPoliciesSubscriptionPolicyIdPutWithHttpInfo(String policyId, String contentType, SubscriptionThrottlePolicyDTO subscriptionThrottlePolicyDTO) throws ApiException { + okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdPutValidateBeforeCall(policyId, contentType, subscriptionThrottlePolicyDTO, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -465,23 +408,20 @@ public ApiResponse throttlingPoliciesSubscription * @param policyId Thorttle policy UUID (required) * @param contentType Media type of the entity in the body. Default is application/json. (required) * @param subscriptionThrottlePolicyDTO Policy object that needs to be modified (required) - * @param ifMatch Validator for conditional requests; based on ETag (Will be supported in future). (optional) - * @param ifUnmodifiedSince Validator for conditional requests; based on Last Modified header (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object * @http.response.details - + -
Status Code Description Response Headers
200 OK. Policy updated. * ETag - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future).
* Last-Modified - Date and time the resource has been modifed the last time. Used by caches, or in conditional requests (Will be supported in future).
* Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
200 OK. Policy updated. * Location - The URL of the newly created resource.
* Content-Type - The content type of the body.
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
412 Precondition Failed. The request has not been performed because one of the preconditions is not met. -
*/ - public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdPutAsync(String policyId, String contentType, SubscriptionThrottlePolicyDTO subscriptionThrottlePolicyDTO, String ifMatch, String ifUnmodifiedSince, final ApiCallback _callback) throws ApiException { + public okhttp3.Call throttlingPoliciesSubscriptionPolicyIdPutAsync(String policyId, String contentType, SubscriptionThrottlePolicyDTO subscriptionThrottlePolicyDTO, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdPutValidateBeforeCall(policyId, contentType, subscriptionThrottlePolicyDTO, ifMatch, ifUnmodifiedSince, _callback); + okhttp3.Call localVarCall = throttlingPoliciesSubscriptionPolicyIdPutValidateBeforeCall(policyId, contentType, subscriptionThrottlePolicyDTO, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/SystemScopesApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/SystemScopesApi.java index 2e5eef3562..e8a7c6ca40 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/SystemScopesApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/SystemScopesApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -387,7 +387,7 @@ public okhttp3.Call systemScopesRoleAliasesPutAsync(RoleAliasListDTO roleAliasLi } /** * Build call for systemScopesScopeNameGet - * @param scopeName scope name to be validated (required) + * @param scopeName Base64 URL encoded value of the scope name to be validated (required) * @param username (optional) * @param _callback Callback for upload/download progress * @return Call to execute @@ -451,7 +451,7 @@ private okhttp3.Call systemScopesScopeNameGetValidateBeforeCall(String scopeName /** * Retrieve Scopes for a Particular User * This operation will return the scope list of particular user In order to get it, we need to pass the userId as a query parameter - * @param scopeName scope name to be validated (required) + * @param scopeName Base64 URL encoded value of the scope name to be validated (required) * @param username (optional) * @return ScopeSettingsDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body @@ -471,7 +471,7 @@ public ScopeSettingsDTO systemScopesScopeNameGet(String scopeName, String userna /** * Retrieve Scopes for a Particular User * This operation will return the scope list of particular user In order to get it, we need to pass the userId as a query parameter - * @param scopeName scope name to be validated (required) + * @param scopeName Base64 URL encoded value of the scope name to be validated (required) * @param username (optional) * @return ApiResponse<ScopeSettingsDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body @@ -492,7 +492,7 @@ public ApiResponse systemScopesScopeNameGetWithHttpInfo(String /** * Retrieve Scopes for a Particular User (asynchronously) * This operation will return the scope list of particular user In order to get it, we need to pass the userId as a query parameter - * @param scopeName scope name to be validated (required) + * @param scopeName Base64 URL encoded value of the scope name to be validated (required) * @param username (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TenantConfigApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TenantConfigApi.java index 2da3540d49..dce6eee80f 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TenantConfigApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TenantConfigApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -182,7 +182,7 @@ public okhttp3.Call exportTenantConfigAsync(final ApiCallback _callback) 500 Internal Server Error. - */ - public okhttp3.Call updateTenantConfigCall(Object body, final ApiCallback _callback) throws ApiException { + public okhttp3.Call updateTenantConfigCall(String body, final ApiCallback _callback) throws ApiException { Object localVarPostBody = body; // create path and map variables @@ -212,7 +212,7 @@ public okhttp3.Call updateTenantConfigCall(Object body, final ApiCallback _callb } @SuppressWarnings("rawtypes") - private okhttp3.Call updateTenantConfigValidateBeforeCall(Object body, final ApiCallback _callback) throws ApiException { + private okhttp3.Call updateTenantConfigValidateBeforeCall(String body, final ApiCallback _callback) throws ApiException { // verify the required parameter 'body' is set if (body == null) { @@ -240,7 +240,7 @@ private okhttp3.Call updateTenantConfigValidateBeforeCall(Object body, final Api 500 Internal Server Error. - */ - public Object updateTenantConfig(Object body) throws ApiException { + public Object updateTenantConfig(String body) throws ApiException { ApiResponse localVarResp = updateTenantConfigWithHttpInfo(body); return localVarResp.getData(); } @@ -260,7 +260,7 @@ public Object updateTenantConfig(Object body) throws ApiException { 500 Internal Server Error. - */ - public ApiResponse updateTenantConfigWithHttpInfo(Object body) throws ApiException { + public ApiResponse updateTenantConfigWithHttpInfo(String body) throws ApiException { okhttp3.Call localVarCall = updateTenantConfigValidateBeforeCall(body, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); @@ -282,7 +282,7 @@ public ApiResponse updateTenantConfigWithHttpInfo(Object body) throws Ap 500 Internal Server Error. - */ - public okhttp3.Call updateTenantConfigAsync(Object body, final ApiCallback _callback) throws ApiException { + public okhttp3.Call updateTenantConfigAsync(String body, final ApiCallback _callback) throws ApiException { okhttp3.Call localVarCall = updateTenantConfigValidateBeforeCall(body, _callback); Type localVarReturnType = new TypeToken(){}.getType(); diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TenantConfigSchemaApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TenantConfigSchemaApi.java index b66c51acf2..18fe140e3b 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TenantConfigSchemaApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TenantConfigSchemaApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -109,7 +109,7 @@ private okhttp3.Call exportTenantConfigSchemaValidateBeforeCall(final ApiCallbac /** * Export a tenant-Config-Schema. * This operation can be used to export a tenant-config-schema.json used in deployment. - * @return Object + * @return String * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -120,15 +120,15 @@ private okhttp3.Call exportTenantConfigSchemaValidateBeforeCall(final ApiCallbac
500 Internal Server Error. -
*/ - public Object exportTenantConfigSchema() throws ApiException { - ApiResponse localVarResp = exportTenantConfigSchemaWithHttpInfo(); + public String exportTenantConfigSchema() throws ApiException { + ApiResponse localVarResp = exportTenantConfigSchemaWithHttpInfo(); return localVarResp.getData(); } /** * Export a tenant-Config-Schema. * This operation can be used to export a tenant-config-schema.json used in deployment. - * @return ApiResponse<Object> + * @return ApiResponse<String> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -139,9 +139,9 @@ public Object exportTenantConfigSchema() throws ApiException {
500 Internal Server Error. -
*/ - public ApiResponse exportTenantConfigSchemaWithHttpInfo() throws ApiException { + public ApiResponse exportTenantConfigSchemaWithHttpInfo() throws ApiException { okhttp3.Call localVarCall = exportTenantConfigSchemaValidateBeforeCall(null); - Type localVarReturnType = new TypeToken(){}.getType(); + Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -160,10 +160,10 @@ public ApiResponse exportTenantConfigSchemaWithHttpInfo() throws ApiExce 500 Internal Server Error. - */ - public okhttp3.Call exportTenantConfigSchemaAsync(final ApiCallback _callback) throws ApiException { + public okhttp3.Call exportTenantConfigSchemaAsync(final ApiCallback _callback) throws ApiException { okhttp3.Call localVarCall = exportTenantConfigSchemaValidateBeforeCall(_callback); - Type localVarReturnType = new TypeToken(){}.getType(); + Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TenantThemeApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TenantThemeApi.java index ab18fad795..b9c324e6a3 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TenantThemeApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TenantThemeApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TenantsApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TenantsApi.java index a7f4c0cf35..8855c4c4b4 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TenantsApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TenantsApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TransactionRecordsApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TransactionRecordsApi.java new file mode 100644 index 0000000000..a0eda75eee --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/TransactionRecordsApi.java @@ -0,0 +1,189 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api; + +import org.wso2.am.integration.clients.admin.ApiCallback; +import org.wso2.am.integration.clients.admin.ApiClient; +import org.wso2.am.integration.clients.admin.ApiException; +import org.wso2.am.integration.clients.admin.ApiResponse; +import org.wso2.am.integration.clients.admin.Configuration; +import org.wso2.am.integration.clients.admin.Pair; +import org.wso2.am.integration.clients.admin.ProgressRequestBody; +import org.wso2.am.integration.clients.admin.ProgressResponseBody; + +import com.google.gson.reflect.TypeToken; + +import java.io.IOException; + + +import org.wso2.am.integration.clients.admin.api.dto.ErrorDTO; +import org.wso2.am.integration.clients.admin.api.dto.TransactionCountDTO; + +import java.lang.reflect.Type; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +public class TransactionRecordsApi { + private ApiClient localVarApiClient; + + public TransactionRecordsApi() { + this(Configuration.getDefaultApiClient()); + } + + public TransactionRecordsApi(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + public ApiClient getApiClient() { + return localVarApiClient; + } + + public void setApiClient(ApiClient apiClient) { + this.localVarApiClient = apiClient; + } + + /** + * Build call for transactionCountGet + * @param startTime Start time for the transaction count retrieval (required) + * @param endTime End time for the transaction count retrieval (required) + * @param _callback Callback for upload/download progress + * @return Call to execute + * @throws ApiException If fail to serialize the request body object + * @http.response.details + + + + +
Status Code Description Response Headers
200 Transaction count retrieved successfully -
0 Unexpected error -
+ */ + public okhttp3.Call transactionCountGetCall(String startTime, String endTime, final ApiCallback _callback) throws ApiException { + Object localVarPostBody = null; + + // create path and map variables + String localVarPath = "/transaction-count"; + + List localVarQueryParams = new ArrayList(); + List localVarCollectionQueryParams = new ArrayList(); + if (startTime != null) { + localVarQueryParams.addAll(localVarApiClient.parameterToPair("startTime", startTime)); + } + + if (endTime != null) { + localVarQueryParams.addAll(localVarApiClient.parameterToPair("endTime", endTime)); + } + + Map localVarHeaderParams = new HashMap(); + Map localVarCookieParams = new HashMap(); + Map localVarFormParams = new HashMap(); + final String[] localVarAccepts = { + "application/json" + }; + final String localVarAccept = localVarApiClient.selectHeaderAccept(localVarAccepts); + if (localVarAccept != null) { + localVarHeaderParams.put("Accept", localVarAccept); + } + + final String[] localVarContentTypes = { + + }; + final String localVarContentType = localVarApiClient.selectHeaderContentType(localVarContentTypes); + localVarHeaderParams.put("Content-Type", localVarContentType); + + String[] localVarAuthNames = new String[] { "OAuth2Security" }; + return localVarApiClient.buildCall(localVarPath, "GET", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback); + } + + @SuppressWarnings("rawtypes") + private okhttp3.Call transactionCountGetValidateBeforeCall(String startTime, String endTime, final ApiCallback _callback) throws ApiException { + + // verify the required parameter 'startTime' is set + if (startTime == null) { + throw new ApiException("Missing the required parameter 'startTime' when calling transactionCountGet(Async)"); + } + + // verify the required parameter 'endTime' is set + if (endTime == null) { + throw new ApiException("Missing the required parameter 'endTime' when calling transactionCountGet(Async)"); + } + + + okhttp3.Call localVarCall = transactionCountGetCall(startTime, endTime, _callback); + return localVarCall; + + } + + /** + * Get transaction count + * This endpoint retrieves the transaction count based on various filter parameters. + * @param startTime Start time for the transaction count retrieval (required) + * @param endTime End time for the transaction count retrieval (required) + * @return TransactionCountDTO + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + +
Status Code Description Response Headers
200 Transaction count retrieved successfully -
0 Unexpected error -
+ */ + public TransactionCountDTO transactionCountGet(String startTime, String endTime) throws ApiException { + ApiResponse localVarResp = transactionCountGetWithHttpInfo(startTime, endTime); + return localVarResp.getData(); + } + + /** + * Get transaction count + * This endpoint retrieves the transaction count based on various filter parameters. + * @param startTime Start time for the transaction count retrieval (required) + * @param endTime End time for the transaction count retrieval (required) + * @return ApiResponse<TransactionCountDTO> + * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body + * @http.response.details + + + + +
Status Code Description Response Headers
200 Transaction count retrieved successfully -
0 Unexpected error -
+ */ + public ApiResponse transactionCountGetWithHttpInfo(String startTime, String endTime) throws ApiException { + okhttp3.Call localVarCall = transactionCountGetValidateBeforeCall(startTime, endTime, null); + Type localVarReturnType = new TypeToken(){}.getType(); + return localVarApiClient.execute(localVarCall, localVarReturnType); + } + + /** + * Get transaction count (asynchronously) + * This endpoint retrieves the transaction count based on various filter parameters. + * @param startTime Start time for the transaction count retrieval (required) + * @param endTime End time for the transaction count retrieval (required) + * @param _callback The callback to be executed when the API call finishes + * @return The request call + * @throws ApiException If fail to process the API call, e.g. serializing the request body object + * @http.response.details + + + + +
Status Code Description Response Headers
200 Transaction count retrieved successfully -
0 Unexpected error -
+ */ + public okhttp3.Call transactionCountGetAsync(String startTime, String endTime, final ApiCallback _callback) throws ApiException { + + okhttp3.Call localVarCall = transactionCountGetValidateBeforeCall(startTime, endTime, _callback); + Type localVarReturnType = new TypeToken(){}.getType(); + localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); + return localVarCall; + } +} diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ThrottlingPolicySearchApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/UnifiedSearchApi.java similarity index 59% rename from all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ThrottlingPolicySearchApi.java rename to all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/UnifiedSearchApi.java index 54d315d839..cab3a9f247 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/ThrottlingPolicySearchApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/UnifiedSearchApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -35,14 +35,14 @@ import java.util.List; import java.util.Map; -public class ThrottlingPolicySearchApi { +public class UnifiedSearchApi { private ApiClient localVarApiClient; - public ThrottlingPolicySearchApi() { + public UnifiedSearchApi() { this(Configuration.getDefaultApiClient()); } - public ThrottlingPolicySearchApi(ApiClient apiClient) { + public UnifiedSearchApi(ApiClient apiClient) { this.localVarApiClient = apiClient; } @@ -56,7 +56,7 @@ public void setApiClient(ApiClient apiClient) { /** * Build call for throttlingPolicySearch - * @param query **Search**. You can search by providing a keyword. Allowed to search by type only. (optional) + * @param query **Search**. You can search by providing a keyword. Allowed to search by type and name only. (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object @@ -111,7 +111,7 @@ private okhttp3.Call throttlingPolicySearchValidateBeforeCall(String query, fina /** * Retrieve/Search Throttling Policies * This operation provides you a list of available Throttling Policies qualifying the given keyword match. - * @param query **Search**. You can search by providing a keyword. Allowed to search by type only. (optional) + * @param query **Search**. You can search by providing a keyword. Allowed to search by type and name only. (optional) * @return ThrottlePolicyDetailsListDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -128,7 +128,7 @@ public ThrottlePolicyDetailsListDTO throttlingPolicySearch(String query) throws /** * Retrieve/Search Throttling Policies * This operation provides you a list of available Throttling Policies qualifying the given keyword match. - * @param query **Search**. You can search by providing a keyword. Allowed to search by type only. (optional) + * @param query **Search**. You can search by providing a keyword. Allowed to search by type and name only. (optional) * @return ApiResponse<ThrottlePolicyDetailsListDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -146,7 +146,7 @@ public ApiResponse throttlingPolicySearchWithHttpI /** * Retrieve/Search Throttling Policies (asynchronously) * This operation provides you a list of available Throttling Policies qualifying the given keyword match. - * @param query **Search**. You can search by providing a keyword. Allowed to search by type only. (optional) + * @param query **Search**. You can search by providing a keyword. Allowed to search by type and name only. (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/UsersApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/UsersApi.java index b14386d9a4..ce9798c9ab 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/UsersApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/UsersApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/WorkflowCollectionApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/WorkflowCollectionApi.java index 3c56990f5c..ff87f6fab8 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/WorkflowCollectionApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/WorkflowCollectionApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -60,8 +60,7 @@ public void setApiClient(ApiClient apiClient) { * @param limit Maximum size of resource array to return. (optional, default to 25) * @param offset Starting point within the complete list of items qualified. (optional, default to 0) * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param workflowType We need to show the values of each workflow process separately .for that we use workflow type. Workflow type can be AM_APPLICATION_CREATION, AM_SUBSCRIPTION_CREATION, AM_USER_SIGNUP, AM_APPLICATION_REGISTRATION_PRODUCTION, AM_APPLICATION_REGISTRATION_SANDBOX, AM_APPLICATION_UPDATE. (optional) + * @param workflowType We need to show the values of each workflow process separately .for that we use workflow type. Workflow type can be AM_APPLICATION_CREATION, AM_SUBSCRIPTION_CREATION, AM_USER_SIGNUP, AM_APPLICATION_REGISTRATION_PRODUCTION, AM_APPLICATION_REGISTRATION_SANDBOX. (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object @@ -69,13 +68,12 @@ public void setApiClient(ApiClient apiClient) { -
Status Code Description Response Headers
200 OK. Workflow pendding process list returned. * Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call workflowsGetCall(Integer limit, Integer offset, String accept, String ifNoneMatch, String workflowType, final ApiCallback _callback) throws ApiException { + public okhttp3.Call workflowsGetCall(Integer limit, Integer offset, String accept, String workflowType, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -100,10 +98,6 @@ public okhttp3.Call workflowsGetCall(Integer limit, Integer offset, String accep localVarHeaderParams.put("Accept", localVarApiClient.parameterToString(accept)); } - if (ifNoneMatch != null) { - localVarHeaderParams.put("If-None-Match", localVarApiClient.parameterToString(ifNoneMatch)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -125,10 +119,10 @@ public okhttp3.Call workflowsGetCall(Integer limit, Integer offset, String accep } @SuppressWarnings("rawtypes") - private okhttp3.Call workflowsGetValidateBeforeCall(Integer limit, Integer offset, String accept, String ifNoneMatch, String workflowType, final ApiCallback _callback) throws ApiException { + private okhttp3.Call workflowsGetValidateBeforeCall(Integer limit, Integer offset, String accept, String workflowType, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = workflowsGetCall(limit, offset, accept, ifNoneMatch, workflowType, _callback); + okhttp3.Call localVarCall = workflowsGetCall(limit, offset, accept, workflowType, _callback); return localVarCall; } @@ -139,22 +133,20 @@ private okhttp3.Call workflowsGetValidateBeforeCall(Integer limit, Integer offse * @param limit Maximum size of resource array to return. (optional, default to 25) * @param offset Starting point within the complete list of items qualified. (optional, default to 0) * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param workflowType We need to show the values of each workflow process separately .for that we use workflow type. Workflow type can be AM_APPLICATION_CREATION, AM_SUBSCRIPTION_CREATION, AM_USER_SIGNUP, AM_APPLICATION_REGISTRATION_PRODUCTION, AM_APPLICATION_REGISTRATION_SANDBOX, AM_APPLICATION_UPDATE. (optional) + * @param workflowType We need to show the values of each workflow process separately .for that we use workflow type. Workflow type can be AM_APPLICATION_CREATION, AM_SUBSCRIPTION_CREATION, AM_USER_SIGNUP, AM_APPLICATION_REGISTRATION_PRODUCTION, AM_APPLICATION_REGISTRATION_SANDBOX. (optional) * @return WorkflowListDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details -
Status Code Description Response Headers
200 OK. Workflow pendding process list returned. * Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public WorkflowListDTO workflowsGet(Integer limit, Integer offset, String accept, String ifNoneMatch, String workflowType) throws ApiException { - ApiResponse localVarResp = workflowsGetWithHttpInfo(limit, offset, accept, ifNoneMatch, workflowType); + public WorkflowListDTO workflowsGet(Integer limit, Integer offset, String accept, String workflowType) throws ApiException { + ApiResponse localVarResp = workflowsGetWithHttpInfo(limit, offset, accept, workflowType); return localVarResp.getData(); } @@ -164,22 +156,20 @@ public WorkflowListDTO workflowsGet(Integer limit, Integer offset, String accept * @param limit Maximum size of resource array to return. (optional, default to 25) * @param offset Starting point within the complete list of items qualified. (optional, default to 0) * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param workflowType We need to show the values of each workflow process separately .for that we use workflow type. Workflow type can be AM_APPLICATION_CREATION, AM_SUBSCRIPTION_CREATION, AM_USER_SIGNUP, AM_APPLICATION_REGISTRATION_PRODUCTION, AM_APPLICATION_REGISTRATION_SANDBOX, AM_APPLICATION_UPDATE. (optional) + * @param workflowType We need to show the values of each workflow process separately .for that we use workflow type. Workflow type can be AM_APPLICATION_CREATION, AM_SUBSCRIPTION_CREATION, AM_USER_SIGNUP, AM_APPLICATION_REGISTRATION_PRODUCTION, AM_APPLICATION_REGISTRATION_SANDBOX. (optional) * @return ApiResponse<WorkflowListDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details -
Status Code Description Response Headers
200 OK. Workflow pendding process list returned. * Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public ApiResponse workflowsGetWithHttpInfo(Integer limit, Integer offset, String accept, String ifNoneMatch, String workflowType) throws ApiException { - okhttp3.Call localVarCall = workflowsGetValidateBeforeCall(limit, offset, accept, ifNoneMatch, workflowType, null); + public ApiResponse workflowsGetWithHttpInfo(Integer limit, Integer offset, String accept, String workflowType) throws ApiException { + okhttp3.Call localVarCall = workflowsGetValidateBeforeCall(limit, offset, accept, workflowType, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -190,8 +180,7 @@ public ApiResponse workflowsGetWithHttpInfo(Integer limit, Inte * @param limit Maximum size of resource array to return. (optional, default to 25) * @param offset Starting point within the complete list of items qualified. (optional, default to 0) * @param accept Media types acceptable for the response. Default is application/json. (optional, default to "application/json") - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) - * @param workflowType We need to show the values of each workflow process separately .for that we use workflow type. Workflow type can be AM_APPLICATION_CREATION, AM_SUBSCRIPTION_CREATION, AM_USER_SIGNUP, AM_APPLICATION_REGISTRATION_PRODUCTION, AM_APPLICATION_REGISTRATION_SANDBOX, AM_APPLICATION_UPDATE. (optional) + * @param workflowType We need to show the values of each workflow process separately .for that we use workflow type. Workflow type can be AM_APPLICATION_CREATION, AM_SUBSCRIPTION_CREATION, AM_USER_SIGNUP, AM_APPLICATION_REGISTRATION_PRODUCTION, AM_APPLICATION_REGISTRATION_SANDBOX. (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object @@ -199,15 +188,14 @@ public ApiResponse workflowsGetWithHttpInfo(Integer limit, Inte -
Status Code Description Response Headers
200 OK. Workflow pendding process list returned. * Content-Type - The content type of the body.
304 Not Modified. Empty body because the client has already the latest version of the requested resource (Will be supported in future). -
400 Bad Request. Invalid request or validation error. -
404 Not Found. The specified resource does not exist. -
406 Not Acceptable. The requested media type is not supported. -
*/ - public okhttp3.Call workflowsGetAsync(Integer limit, Integer offset, String accept, String ifNoneMatch, String workflowType, final ApiCallback _callback) throws ApiException { + public okhttp3.Call workflowsGetAsync(Integer limit, Integer offset, String accept, String workflowType, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = workflowsGetValidateBeforeCall(limit, offset, accept, ifNoneMatch, workflowType, _callback); + okhttp3.Call localVarCall = workflowsGetValidateBeforeCall(limit, offset, accept, workflowType, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/WorkflowsIndividualApi.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/WorkflowsIndividualApi.java index b5046a662c..f9e1e1cfe1 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/WorkflowsIndividualApi.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/WorkflowsIndividualApi.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -59,7 +59,6 @@ public void setApiClient(ApiClient apiClient) { /** * Build call for workflowsExternalWorkflowRefGet * @param externalWorkflowRef from the externel workflow reference we decide what is the the pending request that the are requesting. (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback Callback for upload/download progress * @return Call to execute * @throws ApiException If fail to serialize the request body object @@ -72,7 +71,7 @@ public void setApiClient(ApiClient apiClient) { 406 Not Acceptable. The requested media type is not supported. - */ - public okhttp3.Call workflowsExternalWorkflowRefGetCall(String externalWorkflowRef, String ifNoneMatch, final ApiCallback _callback) throws ApiException { + public okhttp3.Call workflowsExternalWorkflowRefGetCall(String externalWorkflowRef, final ApiCallback _callback) throws ApiException { Object localVarPostBody = null; // create path and map variables @@ -82,10 +81,6 @@ public okhttp3.Call workflowsExternalWorkflowRefGetCall(String externalWorkflowR List localVarQueryParams = new ArrayList(); List localVarCollectionQueryParams = new ArrayList(); Map localVarHeaderParams = new HashMap(); - if (ifNoneMatch != null) { - localVarHeaderParams.put("If-None-Match", localVarApiClient.parameterToString(ifNoneMatch)); - } - Map localVarCookieParams = new HashMap(); Map localVarFormParams = new HashMap(); final String[] localVarAccepts = { @@ -107,7 +102,7 @@ public okhttp3.Call workflowsExternalWorkflowRefGetCall(String externalWorkflowR } @SuppressWarnings("rawtypes") - private okhttp3.Call workflowsExternalWorkflowRefGetValidateBeforeCall(String externalWorkflowRef, String ifNoneMatch, final ApiCallback _callback) throws ApiException { + private okhttp3.Call workflowsExternalWorkflowRefGetValidateBeforeCall(String externalWorkflowRef, final ApiCallback _callback) throws ApiException { // verify the required parameter 'externalWorkflowRef' is set if (externalWorkflowRef == null) { @@ -115,7 +110,7 @@ private okhttp3.Call workflowsExternalWorkflowRefGetValidateBeforeCall(String ex } - okhttp3.Call localVarCall = workflowsExternalWorkflowRefGetCall(externalWorkflowRef, ifNoneMatch, _callback); + okhttp3.Call localVarCall = workflowsExternalWorkflowRefGetCall(externalWorkflowRef, _callback); return localVarCall; } @@ -124,7 +119,6 @@ private okhttp3.Call workflowsExternalWorkflowRefGetValidateBeforeCall(String ex * Get Pending Workflow Details by External Workflow Reference * Using this operation, you can retrieve complete details of a pending workflow request that either belongs to application creation, application subscription, application registration, api state change, user self sign up.. You need to provide the External_Workflow_Reference of the workflow Request to retrive it. * @param externalWorkflowRef from the externel workflow reference we decide what is the the pending request that the are requesting. (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return WorkflowInfoDTO * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -136,8 +130,8 @@ private okhttp3.Call workflowsExternalWorkflowRefGetValidateBeforeCall(String ex 406 Not Acceptable. The requested media type is not supported. - */ - public WorkflowInfoDTO workflowsExternalWorkflowRefGet(String externalWorkflowRef, String ifNoneMatch) throws ApiException { - ApiResponse localVarResp = workflowsExternalWorkflowRefGetWithHttpInfo(externalWorkflowRef, ifNoneMatch); + public WorkflowInfoDTO workflowsExternalWorkflowRefGet(String externalWorkflowRef) throws ApiException { + ApiResponse localVarResp = workflowsExternalWorkflowRefGetWithHttpInfo(externalWorkflowRef); return localVarResp.getData(); } @@ -145,7 +139,6 @@ public WorkflowInfoDTO workflowsExternalWorkflowRefGet(String externalWorkflowRe * Get Pending Workflow Details by External Workflow Reference * Using this operation, you can retrieve complete details of a pending workflow request that either belongs to application creation, application subscription, application registration, api state change, user self sign up.. You need to provide the External_Workflow_Reference of the workflow Request to retrive it. * @param externalWorkflowRef from the externel workflow reference we decide what is the the pending request that the are requesting. (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @return ApiResponse<WorkflowInfoDTO> * @throws ApiException If fail to call the API, e.g. server error or cannot deserialize the response body * @http.response.details @@ -157,8 +150,8 @@ public WorkflowInfoDTO workflowsExternalWorkflowRefGet(String externalWorkflowRe 406 Not Acceptable. The requested media type is not supported. - */ - public ApiResponse workflowsExternalWorkflowRefGetWithHttpInfo(String externalWorkflowRef, String ifNoneMatch) throws ApiException { - okhttp3.Call localVarCall = workflowsExternalWorkflowRefGetValidateBeforeCall(externalWorkflowRef, ifNoneMatch, null); + public ApiResponse workflowsExternalWorkflowRefGetWithHttpInfo(String externalWorkflowRef) throws ApiException { + okhttp3.Call localVarCall = workflowsExternalWorkflowRefGetValidateBeforeCall(externalWorkflowRef, null); Type localVarReturnType = new TypeToken(){}.getType(); return localVarApiClient.execute(localVarCall, localVarReturnType); } @@ -167,7 +160,6 @@ public ApiResponse workflowsExternalWorkflowRefGetWithHttpInfo( * Get Pending Workflow Details by External Workflow Reference (asynchronously) * Using this operation, you can retrieve complete details of a pending workflow request that either belongs to application creation, application subscription, application registration, api state change, user self sign up.. You need to provide the External_Workflow_Reference of the workflow Request to retrive it. * @param externalWorkflowRef from the externel workflow reference we decide what is the the pending request that the are requesting. (required) - * @param ifNoneMatch Validator for conditional requests; based on the ETag of the formerly retrieved variant of the resource (Will be supported in future). (optional) * @param _callback The callback to be executed when the API call finishes * @return The request call * @throws ApiException If fail to process the API call, e.g. serializing the request body object @@ -180,9 +172,9 @@ public ApiResponse workflowsExternalWorkflowRefGetWithHttpInfo( 406 Not Acceptable. The requested media type is not supported. - */ - public okhttp3.Call workflowsExternalWorkflowRefGetAsync(String externalWorkflowRef, String ifNoneMatch, final ApiCallback _callback) throws ApiException { + public okhttp3.Call workflowsExternalWorkflowRefGetAsync(String externalWorkflowRef, final ApiCallback _callback) throws ApiException { - okhttp3.Call localVarCall = workflowsExternalWorkflowRefGetValidateBeforeCall(externalWorkflowRef, ifNoneMatch, _callback); + okhttp3.Call localVarCall = workflowsExternalWorkflowRefGetValidateBeforeCall(externalWorkflowRef, _callback); Type localVarReturnType = new TypeToken(){}.getType(); localVarApiClient.executeAsync(localVarCall, localVarReturnType, _callback); return localVarCall; diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIAPIQuotaLimitAllOfDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIAPIQuotaLimitAllOfDTO.java index e4415467b3..0698da6740 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIAPIQuotaLimitAllOfDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIAPIQuotaLimitAllOfDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIAPIQuotaLimitDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIAPIQuotaLimitDTO.java index cacbc13c23..2a089c5e88 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIAPIQuotaLimitDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIAPIQuotaLimitDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIServiceProviderRequestDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIServiceProviderRequestDTO.java index c601a57d8a..d8dec77666 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIServiceProviderRequestDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIServiceProviderRequestDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIServiceProviderResponseDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIServiceProviderResponseDTO.java index 6094774244..5d20bf1667 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIServiceProviderResponseDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIServiceProviderResponseDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -68,6 +68,10 @@ public class AIServiceProviderResponseDTO { @SerializedName(SERIALIZED_NAME_MODEL_PROVIDERS) private List modelProviders = null; + public static final String SERIALIZED_NAME_DEPRECATED = "deprecated"; + @SerializedName(SERIALIZED_NAME_DEPRECATED) + private Boolean deprecated; + public AIServiceProviderResponseDTO id(String id) { @@ -276,6 +280,29 @@ public void setModelProviders(List modelProviders) { } + public AIServiceProviderResponseDTO deprecated(Boolean deprecated) { + + this.deprecated = deprecated; + return this; + } + + /** + * Indicates if the LLM provider is deprecated + * @return deprecated + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "false", value = "Indicates if the LLM provider is deprecated") + + public Boolean isDeprecated() { + return deprecated; + } + + + public void setDeprecated(Boolean deprecated) { + this.deprecated = deprecated; + } + + @Override public boolean equals(Object o) { if (this == o) { @@ -293,12 +320,13 @@ public boolean equals(Object o) { Objects.equals(this.description, aiServiceProviderResponse.description) && Objects.equals(this.configurations, aiServiceProviderResponse.configurations) && Objects.equals(this.apiDefinition, aiServiceProviderResponse.apiDefinition) && - Objects.equals(this.modelProviders, aiServiceProviderResponse.modelProviders); + Objects.equals(this.modelProviders, aiServiceProviderResponse.modelProviders) && + Objects.equals(this.deprecated, aiServiceProviderResponse.deprecated); } @Override public int hashCode() { - return Objects.hash(id, name, apiVersion, builtInSupport, multipleModelProviderSupport, description, configurations, apiDefinition, modelProviders); + return Objects.hash(id, name, apiVersion, builtInSupport, multipleModelProviderSupport, description, configurations, apiDefinition, modelProviders, deprecated); } @@ -315,6 +343,7 @@ public String toString() { sb.append(" configurations: ").append(toIndentedString(configurations)).append("\n"); sb.append(" apiDefinition: ").append(toIndentedString(apiDefinition)).append("\n"); sb.append(" modelProviders: ").append(toIndentedString(modelProviders)).append("\n"); + sb.append(" deprecated: ").append(toIndentedString(deprecated)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIServiceProviderSummaryResponseDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIServiceProviderSummaryResponseDTO.java index 2cc7e86681..8352b71e70 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIServiceProviderSummaryResponseDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIServiceProviderSummaryResponseDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -49,6 +49,10 @@ public class AIServiceProviderSummaryResponseDTO { @SerializedName(SERIALIZED_NAME_DESCRIPTION) private String description; + public static final String SERIALIZED_NAME_DEPRECATED = "deprecated"; + @SerializedName(SERIALIZED_NAME_DEPRECATED) + private Boolean deprecated; + public AIServiceProviderSummaryResponseDTO id(String id) { @@ -163,6 +167,29 @@ public void setDescription(String description) { } + public AIServiceProviderSummaryResponseDTO deprecated(Boolean deprecated) { + + this.deprecated = deprecated; + return this; + } + + /** + * Indicates if the LLM provider is deprecated + * @return deprecated + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "false", value = "Indicates if the LLM provider is deprecated") + + public Boolean isDeprecated() { + return deprecated; + } + + + public void setDeprecated(Boolean deprecated) { + this.deprecated = deprecated; + } + + @Override public boolean equals(Object o) { if (this == o) { @@ -176,12 +203,13 @@ public boolean equals(Object o) { Objects.equals(this.name, aiServiceProviderSummaryResponse.name) && Objects.equals(this.apiVersion, aiServiceProviderSummaryResponse.apiVersion) && Objects.equals(this.builtInSupport, aiServiceProviderSummaryResponse.builtInSupport) && - Objects.equals(this.description, aiServiceProviderSummaryResponse.description); + Objects.equals(this.description, aiServiceProviderSummaryResponse.description) && + Objects.equals(this.deprecated, aiServiceProviderSummaryResponse.deprecated); } @Override public int hashCode() { - return Objects.hash(id, name, apiVersion, builtInSupport, description); + return Objects.hash(id, name, apiVersion, builtInSupport, description, deprecated); } @@ -194,6 +222,7 @@ public String toString() { sb.append(" apiVersion: ").append(toIndentedString(apiVersion)).append("\n"); sb.append(" builtInSupport: ").append(toIndentedString(builtInSupport)).append("\n"); sb.append(" description: ").append(toIndentedString(description)).append("\n"); + sb.append(" deprecated: ").append(toIndentedString(deprecated)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIServiceProviderSummaryResponseListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIServiceProviderSummaryResponseListDTO.java index 26e421b54b..a1bde328c6 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIServiceProviderSummaryResponseListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AIServiceProviderSummaryResponseListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APICategoryDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APICategoryDTO.java index 3530cf7c5c..bc5267cdb3 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APICategoryDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APICategoryDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APICategoryListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APICategoryListDTO.java index 691a44f007..d9e7ed3307 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APICategoryListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APICategoryListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIInfoDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIInfoDTO.java index c47c48fcf1..53a3b9ae43 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIInfoDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIInfoDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -33,6 +33,10 @@ public class APIInfoDTO { @SerializedName(SERIALIZED_NAME_NAME) private String name; + public static final String SERIALIZED_NAME_DISPLAY_NAME = "displayName"; + @SerializedName(SERIALIZED_NAME_DISPLAY_NAME) + private String displayName; + public static final String SERIALIZED_NAME_VERSION = "version"; @SerializedName(SERIALIZED_NAME_VERSION) private String version; @@ -65,6 +69,29 @@ public void setName(String name) { } + public APIInfoDTO displayName(String displayName) { + + this.displayName = displayName; + return this; + } + + /** + * Display name of the API. This is the name that will be displayed in the Publisher and DevPortal. If not provided, the name will be used as the display name. + * @return displayName + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "PizzaShack API", value = "Display name of the API. This is the name that will be displayed in the Publisher and DevPortal. If not provided, the name will be used as the display name. ") + + public String getDisplayName() { + return displayName; + } + + + public void setDisplayName(String displayName) { + this.displayName = displayName; + } + + public APIInfoDTO version(String version) { this.version = version; @@ -121,13 +148,14 @@ public boolean equals(Object o) { } APIInfoDTO apIInfo = (APIInfoDTO) o; return Objects.equals(this.name, apIInfo.name) && + Objects.equals(this.displayName, apIInfo.displayName) && Objects.equals(this.version, apIInfo.version) && Objects.equals(this.provider, apIInfo.provider); } @Override public int hashCode() { - return Objects.hash(name, version, provider); + return Objects.hash(name, displayName, version, provider); } @@ -136,6 +164,7 @@ public String toString() { StringBuilder sb = new StringBuilder(); sb.append("class APIInfoDTO {\n"); sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" displayName: ").append(toIndentedString(displayName)).append("\n"); sb.append(" version: ").append(toIndentedString(version)).append("\n"); sb.append(" provider: ").append(toIndentedString(provider)).append("\n"); sb.append("}"); diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIInfoKeyManagerDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIInfoKeyManagerDTO.java new file mode 100644 index 0000000000..eb6b5bf6bf --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIInfoKeyManagerDTO.java @@ -0,0 +1,414 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* APIInfoKeyManagerDTO +*/ + +public class APIInfoKeyManagerDTO { + public static final String SERIALIZED_NAME_ID = "id"; + @SerializedName(SERIALIZED_NAME_ID) + private String id; + + public static final String SERIALIZED_NAME_TYPE = "type"; + @SerializedName(SERIALIZED_NAME_TYPE) + private String type; + + public static final String SERIALIZED_NAME_NAME = "name"; + @SerializedName(SERIALIZED_NAME_NAME) + private String name; + + public static final String SERIALIZED_NAME_TRANSPORT_TYPE = "transportType"; + @SerializedName(SERIALIZED_NAME_TRANSPORT_TYPE) + private String transportType; + + public static final String SERIALIZED_NAME_DESCRIPTION = "description"; + @SerializedName(SERIALIZED_NAME_DESCRIPTION) + private String description; + + public static final String SERIALIZED_NAME_CONTEXT = "context"; + @SerializedName(SERIALIZED_NAME_CONTEXT) + private String context; + + public static final String SERIALIZED_NAME_VERSION = "version"; + @SerializedName(SERIALIZED_NAME_VERSION) + private String version; + + public static final String SERIALIZED_NAME_PROVIDER = "provider"; + @SerializedName(SERIALIZED_NAME_PROVIDER) + private String provider; + + public static final String SERIALIZED_NAME_STATUS = "status"; + @SerializedName(SERIALIZED_NAME_STATUS) + private String status; + + public static final String SERIALIZED_NAME_THUMBNAIL_URI = "thumbnailUri"; + @SerializedName(SERIALIZED_NAME_THUMBNAIL_URI) + private String thumbnailUri; + + public static final String SERIALIZED_NAME_ADVERTISE_ONLY = "advertiseOnly"; + @SerializedName(SERIALIZED_NAME_ADVERTISE_ONLY) + private Boolean advertiseOnly; + + public static final String SERIALIZED_NAME_KEY_MANAGER_ENTRY = "keyManagerEntry"; + @SerializedName(SERIALIZED_NAME_KEY_MANAGER_ENTRY) + private String keyManagerEntry; + + + public APIInfoKeyManagerDTO id(String id) { + + this.id = id; + return this; + } + + /** + * The ID of the API. + * @return id + **/ + @ApiModelProperty(required = true, value = "The ID of the API.") + + public String getId() { + return id; + } + + + public void setId(String id) { + this.id = id; + } + + + public APIInfoKeyManagerDTO type(String type) { + + this.type = type; + return this; + } + + /** + * The type of the entry (e.g., \"API\"). + * @return type + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "The type of the entry (e.g., \"API\").") + + public String getType() { + return type; + } + + + public void setType(String type) { + this.type = type; + } + + + public APIInfoKeyManagerDTO name(String name) { + + this.name = name; + return this; + } + + /** + * The name of the API. + * @return name + **/ + @ApiModelProperty(required = true, value = "The name of the API.") + + public String getName() { + return name; + } + + + public void setName(String name) { + this.name = name; + } + + + public APIInfoKeyManagerDTO transportType(String transportType) { + + this.transportType = transportType; + return this; + } + + /** + * The transport type of the API. + * @return transportType + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "The transport type of the API.") + + public String getTransportType() { + return transportType; + } + + + public void setTransportType(String transportType) { + this.transportType = transportType; + } + + + public APIInfoKeyManagerDTO description(String description) { + + this.description = description; + return this; + } + + /** + * The description of the API. + * @return description + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "The description of the API.") + + public String getDescription() { + return description; + } + + + public void setDescription(String description) { + this.description = description; + } + + + public APIInfoKeyManagerDTO context(String context) { + + this.context = context; + return this; + } + + /** + * The context of the API. + * @return context + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "The context of the API.") + + public String getContext() { + return context; + } + + + public void setContext(String context) { + this.context = context; + } + + + public APIInfoKeyManagerDTO version(String version) { + + this.version = version; + return this; + } + + /** + * The version of the API. + * @return version + **/ + @ApiModelProperty(required = true, value = "The version of the API.") + + public String getVersion() { + return version; + } + + + public void setVersion(String version) { + this.version = version; + } + + + public APIInfoKeyManagerDTO provider(String provider) { + + this.provider = provider; + return this; + } + + /** + * The provider of the API. + * @return provider + **/ + @ApiModelProperty(required = true, value = "The provider of the API.") + + public String getProvider() { + return provider; + } + + + public void setProvider(String provider) { + this.provider = provider; + } + + + public APIInfoKeyManagerDTO status(String status) { + + this.status = status; + return this; + } + + /** + * The status of the API. + * @return status + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "The status of the API.") + + public String getStatus() { + return status; + } + + + public void setStatus(String status) { + this.status = status; + } + + + public APIInfoKeyManagerDTO thumbnailUri(String thumbnailUri) { + + this.thumbnailUri = thumbnailUri; + return this; + } + + /** + * The URI of the thumbnail of the API. + * @return thumbnailUri + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "The URI of the thumbnail of the API.") + + public String getThumbnailUri() { + return thumbnailUri; + } + + + public void setThumbnailUri(String thumbnailUri) { + this.thumbnailUri = thumbnailUri; + } + + + public APIInfoKeyManagerDTO advertiseOnly(Boolean advertiseOnly) { + + this.advertiseOnly = advertiseOnly; + return this; + } + + /** + * Indicates if the API is advertised only. + * @return advertiseOnly + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Indicates if the API is advertised only.") + + public Boolean isAdvertiseOnly() { + return advertiseOnly; + } + + + public void setAdvertiseOnly(Boolean advertiseOnly) { + this.advertiseOnly = advertiseOnly; + } + + + public APIInfoKeyManagerDTO keyManagerEntry(String keyManagerEntry) { + + this.keyManagerEntry = keyManagerEntry; + return this; + } + + /** + * The key manager entry related to the API. + * @return keyManagerEntry + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "The key manager entry related to the API.") + + public String getKeyManagerEntry() { + return keyManagerEntry; + } + + + public void setKeyManagerEntry(String keyManagerEntry) { + this.keyManagerEntry = keyManagerEntry; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + APIInfoKeyManagerDTO apIInfoKeyManager = (APIInfoKeyManagerDTO) o; + return Objects.equals(this.id, apIInfoKeyManager.id) && + Objects.equals(this.type, apIInfoKeyManager.type) && + Objects.equals(this.name, apIInfoKeyManager.name) && + Objects.equals(this.transportType, apIInfoKeyManager.transportType) && + Objects.equals(this.description, apIInfoKeyManager.description) && + Objects.equals(this.context, apIInfoKeyManager.context) && + Objects.equals(this.version, apIInfoKeyManager.version) && + Objects.equals(this.provider, apIInfoKeyManager.provider) && + Objects.equals(this.status, apIInfoKeyManager.status) && + Objects.equals(this.thumbnailUri, apIInfoKeyManager.thumbnailUri) && + Objects.equals(this.advertiseOnly, apIInfoKeyManager.advertiseOnly) && + Objects.equals(this.keyManagerEntry, apIInfoKeyManager.keyManagerEntry); + } + + @Override + public int hashCode() { + return Objects.hash(id, type, name, transportType, description, context, version, provider, status, thumbnailUri, advertiseOnly, keyManagerEntry); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class APIInfoKeyManagerDTO {\n"); + sb.append(" id: ").append(toIndentedString(id)).append("\n"); + sb.append(" type: ").append(toIndentedString(type)).append("\n"); + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" transportType: ").append(toIndentedString(transportType)).append("\n"); + sb.append(" description: ").append(toIndentedString(description)).append("\n"); + sb.append(" context: ").append(toIndentedString(context)).append("\n"); + sb.append(" version: ").append(toIndentedString(version)).append("\n"); + sb.append(" provider: ").append(toIndentedString(provider)).append("\n"); + sb.append(" status: ").append(toIndentedString(status)).append("\n"); + sb.append(" thumbnailUri: ").append(toIndentedString(thumbnailUri)).append("\n"); + sb.append(" advertiseOnly: ").append(toIndentedString(advertiseOnly)).append("\n"); + sb.append(" keyManagerEntry: ").append(toIndentedString(keyManagerEntry)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIInfoListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIInfoListDTO.java index 07201fe31b..65bc5368ae 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIInfoListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIInfoListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIKeyDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIKeyDTO.java new file mode 100644 index 0000000000..0b7560d586 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIKeyDTO.java @@ -0,0 +1,378 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* APIKeyDTO +*/ + +public class APIKeyDTO { + public static final String SERIALIZED_NAME_KEY_U_U_I_D = "keyUUID"; + @SerializedName(SERIALIZED_NAME_KEY_U_U_I_D) + private String keyUUID; + + public static final String SERIALIZED_NAME_KEY_NAME = "keyName"; + @SerializedName(SERIALIZED_NAME_KEY_NAME) + private String keyName; + + public static final String SERIALIZED_NAME_API_NAME = "apiName"; + @SerializedName(SERIALIZED_NAME_API_NAME) + private String apiName; + + public static final String SERIALIZED_NAME_APPLICATION_NAME = "applicationName"; + @SerializedName(SERIALIZED_NAME_APPLICATION_NAME) + private String applicationName; + + /** +* Application Key Type +*/ + @JsonAdapter(KeyTypeEnum.Adapter.class) +public enum KeyTypeEnum { + PRODUCTION("PRODUCTION"), + + SANDBOX("SANDBOX"); + +private String value; + +KeyTypeEnum(String value) { +this.value = value; +} + +public String getValue() { +return value; +} + +@Override +public String toString() { +return String.valueOf(value); +} + +public static KeyTypeEnum fromValue(String value) { + for (KeyTypeEnum b : KeyTypeEnum.values()) { + if (b.name().equals(value)) { + return b; + } +} + throw new IllegalArgumentException("Unexpected value '" + value + "'"); +} + + public static class Adapter extends TypeAdapter { + @Override + public void write(final JsonWriter jsonWriter, final KeyTypeEnum enumeration) throws IOException { + jsonWriter.value(enumeration.getValue()); + } + + @Override + public KeyTypeEnum read(final JsonReader jsonReader) throws IOException { + String value = jsonReader.nextString(); + return KeyTypeEnum.fromValue(value); + } + } +} + + public static final String SERIALIZED_NAME_KEY_TYPE = "keyType"; + @SerializedName(SERIALIZED_NAME_KEY_TYPE) + private KeyTypeEnum keyType; + + public static final String SERIALIZED_NAME_USER = "user"; + @SerializedName(SERIALIZED_NAME_USER) + private String user; + + public static final String SERIALIZED_NAME_ISSUED_ON = "issuedOn"; + @SerializedName(SERIALIZED_NAME_ISSUED_ON) + private Long issuedOn; + + public static final String SERIALIZED_NAME_VALIDITY_PERIOD = "validityPeriod"; + @SerializedName(SERIALIZED_NAME_VALIDITY_PERIOD) + private Long validityPeriod; + + public static final String SERIALIZED_NAME_LAST_USED = "lastUsed"; + @SerializedName(SERIALIZED_NAME_LAST_USED) + private Long lastUsed; + + + public APIKeyDTO keyUUID(String keyUUID) { + + this.keyUUID = keyUUID; + return this; + } + + /** + * The UUID of the API key + * @return keyUUID + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "The UUID of the API key") + + public String getKeyUUID() { + return keyUUID; + } + + + public void setKeyUUID(String keyUUID) { + this.keyUUID = keyUUID; + } + + + public APIKeyDTO keyName(String keyName) { + + this.keyName = keyName; + return this; + } + + /** + * API Key name + * @return keyName + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "Test_Key", value = "API Key name") + + public String getKeyName() { + return keyName; + } + + + public void setKeyName(String keyName) { + this.keyName = keyName; + } + + + public APIKeyDTO apiName(String apiName) { + + this.apiName = apiName; + return this; + } + + /** + * API Name + * @return apiName + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "NotificationsAPI", value = "API Name") + + public String getApiName() { + return apiName; + } + + + public void setApiName(String apiName) { + this.apiName = apiName; + } + + + public APIKeyDTO applicationName(String applicationName) { + + this.applicationName = applicationName; + return this; + } + + /** + * Application Name + * @return applicationName + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "DefaultApplication", value = "Application Name") + + public String getApplicationName() { + return applicationName; + } + + + public void setApplicationName(String applicationName) { + this.applicationName = applicationName; + } + + + public APIKeyDTO keyType(KeyTypeEnum keyType) { + + this.keyType = keyType; + return this; + } + + /** + * Application Key Type + * @return keyType + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "PRODUCTION", value = "Application Key Type") + + public KeyTypeEnum getKeyType() { + return keyType; + } + + + public void setKeyType(KeyTypeEnum keyType) { + this.keyType = keyType; + } + + + public APIKeyDTO user(String user) { + + this.user = user; + return this; + } + + /** + * Owner of the Application + * @return user + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "Bob", value = "Owner of the Application") + + public String getUser() { + return user; + } + + + public void setUser(String user) { + this.user = user; + } + + + public APIKeyDTO issuedOn(Long issuedOn) { + + this.issuedOn = issuedOn; + return this; + } + + /** + * Created time in Unix epoch milliseconds + * @return issuedOn + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "1599196134000", value = "Created time in Unix epoch milliseconds") + + public Long getIssuedOn() { + return issuedOn; + } + + + public void setIssuedOn(Long issuedOn) { + this.issuedOn = issuedOn; + } + + + public APIKeyDTO validityPeriod(Long validityPeriod) { + + this.validityPeriod = validityPeriod; + return this; + } + + /** + * Get validityPeriod + * @return validityPeriod + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "3600", value = "") + + public Long getValidityPeriod() { + return validityPeriod; + } + + + public void setValidityPeriod(Long validityPeriod) { + this.validityPeriod = validityPeriod; + } + + + public APIKeyDTO lastUsed(Long lastUsed) { + + this.lastUsed = lastUsed; + return this; + } + + /** + * Last used time in Unix epoch milliseconds + * @return lastUsed + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "1599196134000", value = "Last used time in Unix epoch milliseconds") + + public Long getLastUsed() { + return lastUsed; + } + + + public void setLastUsed(Long lastUsed) { + this.lastUsed = lastUsed; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + APIKeyDTO apIKey = (APIKeyDTO) o; + return Objects.equals(this.keyUUID, apIKey.keyUUID) && + Objects.equals(this.keyName, apIKey.keyName) && + Objects.equals(this.apiName, apIKey.apiName) && + Objects.equals(this.applicationName, apIKey.applicationName) && + Objects.equals(this.keyType, apIKey.keyType) && + Objects.equals(this.user, apIKey.user) && + Objects.equals(this.issuedOn, apIKey.issuedOn) && + Objects.equals(this.validityPeriod, apIKey.validityPeriod) && + Objects.equals(this.lastUsed, apIKey.lastUsed); + } + + @Override + public int hashCode() { + return Objects.hash(keyUUID, keyName, apiName, applicationName, keyType, user, issuedOn, validityPeriod, lastUsed); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class APIKeyDTO {\n"); + sb.append(" keyUUID: ").append(toIndentedString(keyUUID)).append("\n"); + sb.append(" keyName: ").append(toIndentedString(keyName)).append("\n"); + sb.append(" apiName: ").append(toIndentedString(apiName)).append("\n"); + sb.append(" applicationName: ").append(toIndentedString(applicationName)).append("\n"); + sb.append(" keyType: ").append(toIndentedString(keyType)).append("\n"); + sb.append(" user: ").append(toIndentedString(user)).append("\n"); + sb.append(" issuedOn: ").append(toIndentedString(issuedOn)).append("\n"); + sb.append(" validityPeriod: ").append(toIndentedString(validityPeriod)).append("\n"); + sb.append(" lastUsed: ").append(toIndentedString(lastUsed)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIKeyListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIKeyListDTO.java new file mode 100644 index 0000000000..2931b26576 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIKeyListDTO.java @@ -0,0 +1,131 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import org.wso2.am.integration.clients.admin.api.dto.APIKeyDTO; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* APIKeyListDTO +*/ + +public class APIKeyListDTO { + public static final String SERIALIZED_NAME_COUNT = "count"; + @SerializedName(SERIALIZED_NAME_COUNT) + private Integer count; + + public static final String SERIALIZED_NAME_LIST = "list"; + @SerializedName(SERIALIZED_NAME_LIST) + private List list = null; + + + public APIKeyListDTO count(Integer count) { + + this.count = count; + return this; + } + + /** + * Number of API keys returned. + * @return count + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "1", value = "Number of API keys returned. ") + + public Integer getCount() { + return count; + } + + + public void setCount(Integer count) { + this.count = count; + } + + + public APIKeyListDTO list(List list) { + + this.list = list; + return this; + } + + /** + * Get list + * @return list + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getList() { + return list; + } + + + public void setList(List list) { + this.list = list; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + APIKeyListDTO apIKeyList = (APIKeyListDTO) o; + return Objects.equals(this.count, apIKeyList.count) && + Objects.equals(this.list, apIKeyList.list); + } + + @Override + public int hashCode() { + return Objects.hash(count, list); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class APIKeyListDTO {\n"); + sb.append(" count: ").append(toIndentedString(count)).append("\n"); + sb.append(" list: ").append(toIndentedString(list)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIKeyRevokeRequestDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIKeyRevokeRequestDTO.java new file mode 100644 index 0000000000..07c21c8924 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/APIKeyRevokeRequestDTO.java @@ -0,0 +1,98 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* APIKeyRevokeRequestDTO +*/ + +public class APIKeyRevokeRequestDTO { + public static final String SERIALIZED_NAME_KEY_U_U_I_D = "keyUUID"; + @SerializedName(SERIALIZED_NAME_KEY_U_U_I_D) + private String keyUUID; + + + public APIKeyRevokeRequestDTO keyUUID(String keyUUID) { + + this.keyUUID = keyUUID; + return this; + } + + /** + * The UUID of the API key + * @return keyUUID + **/ + @ApiModelProperty(required = true, value = "The UUID of the API key") + + public String getKeyUUID() { + return keyUUID; + } + + + public void setKeyUUID(String keyUUID) { + this.keyUUID = keyUUID; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + APIKeyRevokeRequestDTO apIKeyRevokeRequest = (APIKeyRevokeRequestDTO) o; + return Objects.equals(this.keyUUID, apIKeyRevokeRequest.keyUUID); + } + + @Override + public int hashCode() { + return Objects.hash(keyUUID); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class APIKeyRevokeRequestDTO {\n"); + sb.append(" keyUUID: ").append(toIndentedString(keyUUID)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdditionalPropertyDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdditionalPropertyDTO.java index e4beff73fd..17b9fcce63 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdditionalPropertyDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdditionalPropertyDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyAllOfDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyAllOfDTO.java index 4b8ac9f113..f5a7619522 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyAllOfDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyAllOfDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyDTO.java index 1fb921ec03..2ab5b4f670 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyInfoAllOfDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyInfoAllOfDTO.java index 010f6f9511..2e65897aee 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyInfoAllOfDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyInfoAllOfDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyInfoDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyInfoDTO.java index 34191716f1..f97493825c 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyInfoDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyInfoDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyListDTO.java index 40cf593746..75d40100b3 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AdvancedThrottlePolicyListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AlertTypeDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AlertTypeDTO.java index 3d419f6f03..2c0666a6a0 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AlertTypeDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AlertTypeDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AlertTypesListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AlertTypesListDTO.java index b8a8baa31c..1fb91b7337 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AlertTypesListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AlertTypesListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AlertsSubscriptionDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AlertsSubscriptionDTO.java index 1ee858359c..715b09b85b 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AlertsSubscriptionDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/AlertsSubscriptionDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApiResultDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApiResultDTO.java index 3a6e0afe60..b529cb6f26 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApiResultDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApiResultDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationDTO.java new file mode 100644 index 0000000000..c60e9aab7d --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationDTO.java @@ -0,0 +1,441 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import org.wso2.am.integration.clients.admin.api.dto.ScopeInfoDTO; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* ApplicationDTO +*/ + +public class ApplicationDTO { + public static final String SERIALIZED_NAME_APPLICATION_ID = "applicationId"; + @SerializedName(SERIALIZED_NAME_APPLICATION_ID) + private String applicationId; + + public static final String SERIALIZED_NAME_NAME = "name"; + @SerializedName(SERIALIZED_NAME_NAME) + private String name; + + public static final String SERIALIZED_NAME_THROTTLING_POLICY = "throttlingPolicy"; + @SerializedName(SERIALIZED_NAME_THROTTLING_POLICY) + private String throttlingPolicy; + + public static final String SERIALIZED_NAME_DESCRIPTION = "description"; + @SerializedName(SERIALIZED_NAME_DESCRIPTION) + private String description; + + /** +* Type of the access token generated for this application. **OAUTH:** A UUID based access token which is issued by default. **JWT:** A self-contained, signed JWT based access token. **Note:** This can be only used in Microgateway environments. +*/ + @JsonAdapter(TokenTypeEnum.Adapter.class) +public enum TokenTypeEnum { + OAUTH("OAUTH"), + + JWT("JWT"); + +private String value; + +TokenTypeEnum(String value) { +this.value = value; +} + +public String getValue() { +return value; +} + +@Override +public String toString() { +return String.valueOf(value); +} + +public static TokenTypeEnum fromValue(String value) { + for (TokenTypeEnum b : TokenTypeEnum.values()) { + if (b.name().equals(value)) { + return b; + } +} + throw new IllegalArgumentException("Unexpected value '" + value + "'"); +} + + public static class Adapter extends TypeAdapter { + @Override + public void write(final JsonWriter jsonWriter, final TokenTypeEnum enumeration) throws IOException { + jsonWriter.value(enumeration.getValue()); + } + + @Override + public TokenTypeEnum read(final JsonReader jsonReader) throws IOException { + String value = jsonReader.nextString(); + return TokenTypeEnum.fromValue(value); + } + } +} + + public static final String SERIALIZED_NAME_TOKEN_TYPE = "tokenType"; + @SerializedName(SERIALIZED_NAME_TOKEN_TYPE) + private TokenTypeEnum tokenType = TokenTypeEnum.JWT; + + public static final String SERIALIZED_NAME_STATUS = "status"; + @SerializedName(SERIALIZED_NAME_STATUS) + private String status = ""; + + public static final String SERIALIZED_NAME_GROUPS = "groups"; + @SerializedName(SERIALIZED_NAME_GROUPS) + private List groups = null; + + public static final String SERIALIZED_NAME_SUBSCRIPTION_COUNT = "subscriptionCount"; + @SerializedName(SERIALIZED_NAME_SUBSCRIPTION_COUNT) + private Integer subscriptionCount; + + public static final String SERIALIZED_NAME_ATTRIBUTES = "attributes"; + @SerializedName(SERIALIZED_NAME_ATTRIBUTES) + private Map attributes = null; + + public static final String SERIALIZED_NAME_SUBSCRIPTION_SCOPES = "subscriptionScopes"; + @SerializedName(SERIALIZED_NAME_SUBSCRIPTION_SCOPES) + private List subscriptionScopes = null; + + public static final String SERIALIZED_NAME_OWNER = "owner"; + @SerializedName(SERIALIZED_NAME_OWNER) + private String owner; + + + public ApplicationDTO applicationId(String applicationId) { + + this.applicationId = applicationId; + return this; + } + + /** + * Get applicationId + * @return applicationId + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "01234567-0123-0123-0123-012345678901", value = "") + + public String getApplicationId() { + return applicationId; + } + + + public void setApplicationId(String applicationId) { + this.applicationId = applicationId; + } + + + public ApplicationDTO name(String name) { + + this.name = name; + return this; + } + + /** + * Get name + * @return name + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "CalculatorApp", value = "") + + public String getName() { + return name; + } + + + public void setName(String name) { + this.name = name; + } + + + public ApplicationDTO throttlingPolicy(String throttlingPolicy) { + + this.throttlingPolicy = throttlingPolicy; + return this; + } + + /** + * Get throttlingPolicy + * @return throttlingPolicy + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "Unlimited", value = "") + + public String getThrottlingPolicy() { + return throttlingPolicy; + } + + + public void setThrottlingPolicy(String throttlingPolicy) { + this.throttlingPolicy = throttlingPolicy; + } + + + public ApplicationDTO description(String description) { + + this.description = description; + return this; + } + + /** + * Get description + * @return description + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "Sample calculator application", value = "") + + public String getDescription() { + return description; + } + + + public void setDescription(String description) { + this.description = description; + } + + + public ApplicationDTO tokenType(TokenTypeEnum tokenType) { + + this.tokenType = tokenType; + return this; + } + + /** + * Type of the access token generated for this application. **OAUTH:** A UUID based access token which is issued by default. **JWT:** A self-contained, signed JWT based access token. **Note:** This can be only used in Microgateway environments. + * @return tokenType + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "JWT", value = "Type of the access token generated for this application. **OAUTH:** A UUID based access token which is issued by default. **JWT:** A self-contained, signed JWT based access token. **Note:** This can be only used in Microgateway environments. ") + + public TokenTypeEnum getTokenType() { + return tokenType; + } + + + public void setTokenType(TokenTypeEnum tokenType) { + this.tokenType = tokenType; + } + + + public ApplicationDTO status(String status) { + + this.status = status; + return this; + } + + /** + * Get status + * @return status + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "APPROVED", value = "") + + public String getStatus() { + return status; + } + + + public void setStatus(String status) { + this.status = status; + } + + + public ApplicationDTO groups(List groups) { + + this.groups = groups; + return this; + } + + /** + * Get groups + * @return groups + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getGroups() { + return groups; + } + + + public void setGroups(List groups) { + this.groups = groups; + } + + + public ApplicationDTO subscriptionCount(Integer subscriptionCount) { + + this.subscriptionCount = subscriptionCount; + return this; + } + + /** + * Get subscriptionCount + * @return subscriptionCount + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public Integer getSubscriptionCount() { + return subscriptionCount; + } + + + public void setSubscriptionCount(Integer subscriptionCount) { + this.subscriptionCount = subscriptionCount; + } + + + public ApplicationDTO attributes(Map attributes) { + + this.attributes = attributes; + return this; + } + + /** + * Get attributes + * @return attributes + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "External Reference ID, Billing Tier", value = "") + + public Map getAttributes() { + return attributes; + } + + + public void setAttributes(Map attributes) { + this.attributes = attributes; + } + + + public ApplicationDTO subscriptionScopes(List subscriptionScopes) { + + this.subscriptionScopes = subscriptionScopes; + return this; + } + + /** + * Get subscriptionScopes + * @return subscriptionScopes + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getSubscriptionScopes() { + return subscriptionScopes; + } + + + public void setSubscriptionScopes(List subscriptionScopes) { + this.subscriptionScopes = subscriptionScopes; + } + + + public ApplicationDTO owner(String owner) { + + this.owner = owner; + return this; + } + + /** + * Application created user + * @return owner + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "admin", value = "Application created user ") + + public String getOwner() { + return owner; + } + + + public void setOwner(String owner) { + this.owner = owner; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + ApplicationDTO application = (ApplicationDTO) o; + return Objects.equals(this.applicationId, application.applicationId) && + Objects.equals(this.name, application.name) && + Objects.equals(this.throttlingPolicy, application.throttlingPolicy) && + Objects.equals(this.description, application.description) && + Objects.equals(this.tokenType, application.tokenType) && + Objects.equals(this.status, application.status) && + Objects.equals(this.groups, application.groups) && + Objects.equals(this.subscriptionCount, application.subscriptionCount) && + Objects.equals(this.attributes, application.attributes) && + Objects.equals(this.subscriptionScopes, application.subscriptionScopes) && + Objects.equals(this.owner, application.owner); + } + + @Override + public int hashCode() { + return Objects.hash(applicationId, name, throttlingPolicy, description, tokenType, status, groups, subscriptionCount, attributes, subscriptionScopes, owner); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class ApplicationDTO {\n"); + sb.append(" applicationId: ").append(toIndentedString(applicationId)).append("\n"); + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" throttlingPolicy: ").append(toIndentedString(throttlingPolicy)).append("\n"); + sb.append(" description: ").append(toIndentedString(description)).append("\n"); + sb.append(" tokenType: ").append(toIndentedString(tokenType)).append("\n"); + sb.append(" status: ").append(toIndentedString(status)).append("\n"); + sb.append(" groups: ").append(toIndentedString(groups)).append("\n"); + sb.append(" subscriptionCount: ").append(toIndentedString(subscriptionCount)).append("\n"); + sb.append(" attributes: ").append(toIndentedString(attributes)).append("\n"); + sb.append(" subscriptionScopes: ").append(toIndentedString(subscriptionScopes)).append("\n"); + sb.append(" owner: ").append(toIndentedString(owner)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationInfoDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationInfoDTO.java index c6309c82ee..3384575c25 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationInfoDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationInfoDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -23,6 +23,9 @@ import io.swagger.annotations.ApiModel; import io.swagger.annotations.ApiModelProperty; import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import org.wso2.am.integration.clients.admin.api.dto.KeyManagerInfoDTO; import com.fasterxml.jackson.annotation.JsonCreator; /** * ApplicationInfoDTO @@ -41,6 +44,65 @@ public class ApplicationInfoDTO { @SerializedName(SERIALIZED_NAME_OWNER) private String owner; + /** +* Gets or Sets tokenType +*/ + @JsonAdapter(TokenTypeEnum.Adapter.class) +public enum TokenTypeEnum { + OAUTH("OAUTH"), + + JWT("JWT"); + +private String value; + +TokenTypeEnum(String value) { +this.value = value; +} + +public String getValue() { +return value; +} + +@Override +public String toString() { +return String.valueOf(value); +} + +public static TokenTypeEnum fromValue(String value) { + for (TokenTypeEnum b : TokenTypeEnum.values()) { + if (b.name().equals(value)) { + return b; + } +} + throw new IllegalArgumentException("Unexpected value '" + value + "'"); +} + + public static class Adapter extends TypeAdapter { + @Override + public void write(final JsonWriter jsonWriter, final TokenTypeEnum enumeration) throws IOException { + jsonWriter.value(enumeration.getValue()); + } + + @Override + public TokenTypeEnum read(final JsonReader jsonReader) throws IOException { + String value = jsonReader.nextString(); + return TokenTypeEnum.fromValue(value); + } + } +} + + public static final String SERIALIZED_NAME_TOKEN_TYPE = "tokenType"; + @SerializedName(SERIALIZED_NAME_TOKEN_TYPE) + private TokenTypeEnum tokenType; + + public static final String SERIALIZED_NAME_CREATED_TIME = "createdTime"; + @SerializedName(SERIALIZED_NAME_CREATED_TIME) + private String createdTime; + + public static final String SERIALIZED_NAME_KEY_MANAGERS = "keyManagers"; + @SerializedName(SERIALIZED_NAME_KEY_MANAGERS) + private List keyManagers = null; + public static final String SERIALIZED_NAME_STATUS = "status"; @SerializedName(SERIALIZED_NAME_STATUS) private String status; @@ -119,6 +181,75 @@ public void setOwner(String owner) { } + public ApplicationInfoDTO tokenType(TokenTypeEnum tokenType) { + + this.tokenType = tokenType; + return this; + } + + /** + * Get tokenType + * @return tokenType + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public TokenTypeEnum getTokenType() { + return tokenType; + } + + + public void setTokenType(TokenTypeEnum tokenType) { + this.tokenType = tokenType; + } + + + public ApplicationInfoDTO createdTime(String createdTime) { + + this.createdTime = createdTime; + return this; + } + + /** + * Get createdTime + * @return createdTime + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "1651555310208", value = "") + + public String getCreatedTime() { + return createdTime; + } + + + public void setCreatedTime(String createdTime) { + this.createdTime = createdTime; + } + + + public ApplicationInfoDTO keyManagers(List keyManagers) { + + this.keyManagers = keyManagers; + return this; + } + + /** + * Get keyManagers + * @return keyManagers + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getKeyManagers() { + return keyManagers; + } + + + public void setKeyManagers(List keyManagers) { + this.keyManagers = keyManagers; + } + + public ApplicationInfoDTO status(String status) { this.status = status; @@ -177,13 +308,16 @@ public boolean equals(Object o) { return Objects.equals(this.applicationId, applicationInfo.applicationId) && Objects.equals(this.name, applicationInfo.name) && Objects.equals(this.owner, applicationInfo.owner) && + Objects.equals(this.tokenType, applicationInfo.tokenType) && + Objects.equals(this.createdTime, applicationInfo.createdTime) && + Objects.equals(this.keyManagers, applicationInfo.keyManagers) && Objects.equals(this.status, applicationInfo.status) && Objects.equals(this.groupId, applicationInfo.groupId); } @Override public int hashCode() { - return Objects.hash(applicationId, name, owner, status, groupId); + return Objects.hash(applicationId, name, owner, tokenType, createdTime, keyManagers, status, groupId); } @@ -194,6 +328,9 @@ public String toString() { sb.append(" applicationId: ").append(toIndentedString(applicationId)).append("\n"); sb.append(" name: ").append(toIndentedString(name)).append("\n"); sb.append(" owner: ").append(toIndentedString(owner)).append("\n"); + sb.append(" tokenType: ").append(toIndentedString(tokenType)).append("\n"); + sb.append(" createdTime: ").append(toIndentedString(createdTime)).append("\n"); + sb.append(" keyManagers: ").append(toIndentedString(keyManagers)).append("\n"); sb.append(" status: ").append(toIndentedString(status)).append("\n"); sb.append(" groupId: ").append(toIndentedString(groupId)).append("\n"); sb.append("}"); diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationInfoKeyManagerDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationInfoKeyManagerDTO.java new file mode 100644 index 0000000000..da7a39585f --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationInfoKeyManagerDTO.java @@ -0,0 +1,211 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* ApplicationInfoKeyManagerDTO +*/ + +public class ApplicationInfoKeyManagerDTO { + public static final String SERIALIZED_NAME_NAME = "name"; + @SerializedName(SERIALIZED_NAME_NAME) + private String name; + + public static final String SERIALIZED_NAME_UUID = "uuid"; + @SerializedName(SERIALIZED_NAME_UUID) + private String uuid; + + public static final String SERIALIZED_NAME_ORGANIZATION_ID = "organizationId"; + @SerializedName(SERIALIZED_NAME_ORGANIZATION_ID) + private String organizationId; + + public static final String SERIALIZED_NAME_OWNER = "owner"; + @SerializedName(SERIALIZED_NAME_OWNER) + private String owner; + + public static final String SERIALIZED_NAME_ORGANIZATION = "organization"; + @SerializedName(SERIALIZED_NAME_ORGANIZATION) + private String organization; + + + public ApplicationInfoKeyManagerDTO name(String name) { + + this.name = name; + return this; + } + + /** + * The name of the application. + * @return name + **/ + @ApiModelProperty(required = true, value = "The name of the application.") + + public String getName() { + return name; + } + + + public void setName(String name) { + this.name = name; + } + + + public ApplicationInfoKeyManagerDTO uuid(String uuid) { + + this.uuid = uuid; + return this; + } + + /** + * The UUID of the application. + * @return uuid + **/ + @ApiModelProperty(required = true, value = "The UUID of the application.") + + public String getUuid() { + return uuid; + } + + + public void setUuid(String uuid) { + this.uuid = uuid; + } + + + public ApplicationInfoKeyManagerDTO organizationId(String organizationId) { + + this.organizationId = organizationId; + return this; + } + + /** + * The ID of the organization to which the application belongs. + * @return organizationId + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "The ID of the organization to which the application belongs.") + + public String getOrganizationId() { + return organizationId; + } + + + public void setOrganizationId(String organizationId) { + this.organizationId = organizationId; + } + + + public ApplicationInfoKeyManagerDTO owner(String owner) { + + this.owner = owner; + return this; + } + + /** + * The owner of the application. + * @return owner + **/ + @ApiModelProperty(required = true, value = "The owner of the application.") + + public String getOwner() { + return owner; + } + + + public void setOwner(String owner) { + this.owner = owner; + } + + + public ApplicationInfoKeyManagerDTO organization(String organization) { + + this.organization = organization; + return this; + } + + /** + * The organization of the application. + * @return organization + **/ + @ApiModelProperty(required = true, value = "The organization of the application.") + + public String getOrganization() { + return organization; + } + + + public void setOrganization(String organization) { + this.organization = organization; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + ApplicationInfoKeyManagerDTO applicationInfoKeyManager = (ApplicationInfoKeyManagerDTO) o; + return Objects.equals(this.name, applicationInfoKeyManager.name) && + Objects.equals(this.uuid, applicationInfoKeyManager.uuid) && + Objects.equals(this.organizationId, applicationInfoKeyManager.organizationId) && + Objects.equals(this.owner, applicationInfoKeyManager.owner) && + Objects.equals(this.organization, applicationInfoKeyManager.organization); + } + + @Override + public int hashCode() { + return Objects.hash(name, uuid, organizationId, owner, organization); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class ApplicationInfoKeyManagerDTO {\n"); + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" uuid: ").append(toIndentedString(uuid)).append("\n"); + sb.append(" organizationId: ").append(toIndentedString(organizationId)).append("\n"); + sb.append(" owner: ").append(toIndentedString(owner)).append("\n"); + sb.append(" organization: ").append(toIndentedString(organization)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationListDTO.java index f1a9b8435c..afa43cae34 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -26,6 +26,7 @@ import java.util.ArrayList; import java.util.List; import org.wso2.am.integration.clients.admin.api.dto.ApplicationInfoDTO; +import org.wso2.am.integration.clients.admin.api.dto.PaginationDTO; import com.fasterxml.jackson.annotation.JsonCreator; /** * ApplicationListDTO @@ -36,18 +37,14 @@ public class ApplicationListDTO { @SerializedName(SERIALIZED_NAME_COUNT) private Integer count; - public static final String SERIALIZED_NAME_NEXT = "next"; - @SerializedName(SERIALIZED_NAME_NEXT) - private String next; - - public static final String SERIALIZED_NAME_PREVIOUS = "previous"; - @SerializedName(SERIALIZED_NAME_PREVIOUS) - private String previous; - public static final String SERIALIZED_NAME_LIST = "list"; @SerializedName(SERIALIZED_NAME_LIST) private List list = null; + public static final String SERIALIZED_NAME_PAGINATION = "pagination"; + @SerializedName(SERIALIZED_NAME_PAGINATION) + private PaginationDTO pagination; + public ApplicationListDTO count(Integer count) { @@ -72,72 +69,49 @@ public void setCount(Integer count) { } - public ApplicationListDTO next(String next) { - - this.next = next; - return this; - } - - /** - * Link to the next subset of resources qualified. Empty if no more resources are to be returned. - * @return next - **/ - @javax.annotation.Nullable - @ApiModelProperty(example = "/applications?limit=1&offset=2&user=", value = "Link to the next subset of resources qualified. Empty if no more resources are to be returned. ") - - public String getNext() { - return next; - } - - - public void setNext(String next) { - this.next = next; - } - - - public ApplicationListDTO previous(String previous) { + public ApplicationListDTO list(List list) { - this.previous = previous; + this.list = list; return this; } /** - * Link to the previous subset of resources qualified. Empty if current subset is the first subset returned. - * @return previous + * Get list + * @return list **/ @javax.annotation.Nullable - @ApiModelProperty(example = "/applications?limit=1&offset=0&user=", value = "Link to the previous subset of resources qualified. Empty if current subset is the first subset returned. ") + @ApiModelProperty(value = "") - public String getPrevious() { - return previous; + public List getList() { + return list; } - public void setPrevious(String previous) { - this.previous = previous; + public void setList(List list) { + this.list = list; } - public ApplicationListDTO list(List list) { + public ApplicationListDTO pagination(PaginationDTO pagination) { - this.list = list; + this.pagination = pagination; return this; } /** - * Get list - * @return list + * Get pagination + * @return pagination **/ @javax.annotation.Nullable @ApiModelProperty(value = "") - public List getList() { - return list; + public PaginationDTO getPagination() { + return pagination; } - public void setList(List list) { - this.list = list; + public void setPagination(PaginationDTO pagination) { + this.pagination = pagination; } @@ -151,14 +125,13 @@ public boolean equals(Object o) { } ApplicationListDTO applicationList = (ApplicationListDTO) o; return Objects.equals(this.count, applicationList.count) && - Objects.equals(this.next, applicationList.next) && - Objects.equals(this.previous, applicationList.previous) && - Objects.equals(this.list, applicationList.list); + Objects.equals(this.list, applicationList.list) && + Objects.equals(this.pagination, applicationList.pagination); } @Override public int hashCode() { - return Objects.hash(count, next, previous, list); + return Objects.hash(count, list, pagination); } @@ -167,9 +140,8 @@ public String toString() { StringBuilder sb = new StringBuilder(); sb.append("class ApplicationListDTO {\n"); sb.append(" count: ").append(toIndentedString(count)).append("\n"); - sb.append(" next: ").append(toIndentedString(next)).append("\n"); - sb.append(" previous: ").append(toIndentedString(previous)).append("\n"); sb.append(" list: ").append(toIndentedString(list)).append("\n"); + sb.append(" pagination: ").append(toIndentedString(pagination)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationThrottlePolicyAllOfDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationThrottlePolicyAllOfDTO.java index 064990dc02..9f2fdb6b91 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationThrottlePolicyAllOfDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationThrottlePolicyAllOfDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationThrottlePolicyDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationThrottlePolicyDTO.java index fc644daa8f..4d6aaab6ae 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationThrottlePolicyDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationThrottlePolicyDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationThrottlePolicyListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationThrottlePolicyListDTO.java index 93b94bbfbc..76aee5624f 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationThrottlePolicyListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationThrottlePolicyListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationUpdateRequestDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationUpdateRequestDTO.java new file mode 100644 index 0000000000..d63f7d6e15 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ApplicationUpdateRequestDTO.java @@ -0,0 +1,174 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* Request body to update application attributes +*/ + @ApiModel(description = "Request body to update application attributes") + +public class ApplicationUpdateRequestDTO { + public static final String SERIALIZED_NAME_OWNER = "owner"; + @SerializedName(SERIALIZED_NAME_OWNER) + private String owner; + + /** +* The type of token for the application (e.g., JWT) +*/ + @JsonAdapter(TokenTypeEnum.Adapter.class) +public enum TokenTypeEnum { + JWT("JWT"); + +private String value; + +TokenTypeEnum(String value) { +this.value = value; +} + +public String getValue() { +return value; +} + +@Override +public String toString() { +return String.valueOf(value); +} + +public static TokenTypeEnum fromValue(String value) { + for (TokenTypeEnum b : TokenTypeEnum.values()) { + if (b.name().equals(value)) { + return b; + } +} + throw new IllegalArgumentException("Unexpected value '" + value + "'"); +} + + public static class Adapter extends TypeAdapter { + @Override + public void write(final JsonWriter jsonWriter, final TokenTypeEnum enumeration) throws IOException { + jsonWriter.value(enumeration.getValue()); + } + + @Override + public TokenTypeEnum read(final JsonReader jsonReader) throws IOException { + String value = jsonReader.nextString(); + return TokenTypeEnum.fromValue(value); + } + } +} + + public static final String SERIALIZED_NAME_TOKEN_TYPE = "tokenType"; + @SerializedName(SERIALIZED_NAME_TOKEN_TYPE) + private TokenTypeEnum tokenType; + + + public ApplicationUpdateRequestDTO owner(String owner) { + + this.owner = owner; + return this; + } + + /** + * The new owner of the application + * @return owner + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "The new owner of the application") + + public String getOwner() { + return owner; + } + + + public void setOwner(String owner) { + this.owner = owner; + } + + + public ApplicationUpdateRequestDTO tokenType(TokenTypeEnum tokenType) { + + this.tokenType = tokenType; + return this; + } + + /** + * The type of token for the application (e.g., JWT) + * @return tokenType + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "The type of token for the application (e.g., JWT)") + + public TokenTypeEnum getTokenType() { + return tokenType; + } + + + public void setTokenType(TokenTypeEnum tokenType) { + this.tokenType = tokenType; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + ApplicationUpdateRequestDTO applicationUpdateRequest = (ApplicationUpdateRequestDTO) o; + return Objects.equals(this.owner, applicationUpdateRequest.owner) && + Objects.equals(this.tokenType, applicationUpdateRequest.tokenType); + } + + @Override + public int hashCode() { + return Objects.hash(owner, tokenType); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class ApplicationUpdateRequestDTO {\n"); + sb.append(" owner: ").append(toIndentedString(owner)).append("\n"); + sb.append(" tokenType: ").append(toIndentedString(tokenType)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BandwidthLimitAllOfDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BandwidthLimitAllOfDTO.java index a5c65f598e..af18162fe5 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BandwidthLimitAllOfDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BandwidthLimitAllOfDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BandwidthLimitDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BandwidthLimitDTO.java index 9c98306a66..bae683a391 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BandwidthLimitDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BandwidthLimitDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BlockingConditionDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BlockingConditionDTO.java index 8810fc3063..b466675443 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BlockingConditionDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BlockingConditionDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BlockingConditionListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BlockingConditionListDTO.java index 0a98fcda8c..09a2400bb7 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BlockingConditionListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BlockingConditionListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BlockingConditionStatusDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BlockingConditionStatusDTO.java index 275270f912..62fb3f7ceb 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BlockingConditionStatusDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BlockingConditionStatusDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BotDetectionAlertSubscriptionDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BotDetectionAlertSubscriptionDTO.java index bf8a65061a..0fac7a7e58 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BotDetectionAlertSubscriptionDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BotDetectionAlertSubscriptionDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BotDetectionAlertSubscriptionListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BotDetectionAlertSubscriptionListDTO.java index 60e450a106..b3431cf351 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BotDetectionAlertSubscriptionListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BotDetectionAlertSubscriptionListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BotDetectionDataDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BotDetectionDataDTO.java index 6eb7019c3c..fae128bd0c 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BotDetectionDataDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BotDetectionDataDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BotDetectionDataListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BotDetectionDataListDTO.java index dd5c6e8d35..8ee7a24443 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BotDetectionDataListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BotDetectionDataListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BurstLimitDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BurstLimitDTO.java index 79465121b3..bba865e78d 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BurstLimitDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/BurstLimitDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ClaimMappingEntryDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ClaimMappingEntryDTO.java index 2a4c3c97f2..e1b20d9d60 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ClaimMappingEntryDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ClaimMappingEntryDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ConditionalGroupDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ConditionalGroupDTO.java index fc9bace641..11ef5a93cb 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ConditionalGroupDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ConditionalGroupDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ConfigurationConstraintDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ConfigurationConstraintDTO.java new file mode 100644 index 0000000000..8fd52f9152 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ConfigurationConstraintDTO.java @@ -0,0 +1,304 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* ConfigurationConstraintDTO +*/ + +public class ConfigurationConstraintDTO { + public static final String SERIALIZED_NAME_NAME = "name"; + @SerializedName(SERIALIZED_NAME_NAME) + private String name; + + public static final String SERIALIZED_NAME_LABEL = "label"; + @SerializedName(SERIALIZED_NAME_LABEL) + private String label; + + public static final String SERIALIZED_NAME_TYPE = "type"; + @SerializedName(SERIALIZED_NAME_TYPE) + private String type; + + public static final String SERIALIZED_NAME_MULTIPLE = "multiple"; + @SerializedName(SERIALIZED_NAME_MULTIPLE) + private Boolean multiple; + + public static final String SERIALIZED_NAME_TOOLTIP = "tooltip"; + @SerializedName(SERIALIZED_NAME_TOOLTIP) + private String tooltip; + + public static final String SERIALIZED_NAME_CONSTRAINT_TYPE = "constraintType"; + @SerializedName(SERIALIZED_NAME_CONSTRAINT_TYPE) + private String constraintType; + + public static final String SERIALIZED_NAME_VALUES = "values"; + @SerializedName(SERIALIZED_NAME_VALUES) + private List values = null; + + public static final String SERIALIZED_NAME_DEFAULT = "default"; + @SerializedName(SERIALIZED_NAME_DEFAULT) + private Object _default; + + + public ConfigurationConstraintDTO name(String name) { + + this.name = name; + return this; + } + + /** + * Get name + * @return name + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "application_access_token_expiry_time", value = "") + + public String getName() { + return name; + } + + + public void setName(String name) { + this.name = name; + } + + + public ConfigurationConstraintDTO label(String label) { + + this.label = label; + return this; + } + + /** + * Get label + * @return label + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "Access Token Expiry", value = "") + + public String getLabel() { + return label; + } + + + public void setLabel(String label) { + this.label = label; + } + + + public ConfigurationConstraintDTO type(String type) { + + this.type = type; + return this; + } + + /** + * Get type + * @return type + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "input", value = "") + + public String getType() { + return type; + } + + + public void setType(String type) { + this.type = type; + } + + + public ConfigurationConstraintDTO multiple(Boolean multiple) { + + this.multiple = multiple; + return this; + } + + /** + * Get multiple + * @return multiple + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "true", value = "") + + public Boolean isMultiple() { + return multiple; + } + + + public void setMultiple(Boolean multiple) { + this.multiple = multiple; + } + + + public ConfigurationConstraintDTO tooltip(String tooltip) { + + this.tooltip = tooltip; + return this; + } + + /** + * Get tooltip + * @return tooltip + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "Define the valid range for token expiration in seconds.", value = "") + + public String getTooltip() { + return tooltip; + } + + + public void setTooltip(String tooltip) { + this.tooltip = tooltip; + } + + + public ConfigurationConstraintDTO constraintType(String constraintType) { + + this.constraintType = constraintType; + return this; + } + + /** + * Get constraintType + * @return constraintType + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "RANGE", value = "") + + public String getConstraintType() { + return constraintType; + } + + + public void setConstraintType(String constraintType) { + this.constraintType = constraintType; + } + + + public ConfigurationConstraintDTO values(List values) { + + this.values = values; + return this; + } + + /** + * Get values + * @return values + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getValues() { + return values; + } + + + public void setValues(List values) { + this.values = values; + } + + + public ConfigurationConstraintDTO _default(Object _default) { + + this._default = _default; + return this; + } + + /** + * Get _default + * @return _default + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public Object getDefault() { + return _default; + } + + + public void setDefault(Object _default) { + this._default = _default; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + ConfigurationConstraintDTO configurationConstraint = (ConfigurationConstraintDTO) o; + return Objects.equals(this.name, configurationConstraint.name) && + Objects.equals(this.label, configurationConstraint.label) && + Objects.equals(this.type, configurationConstraint.type) && + Objects.equals(this.multiple, configurationConstraint.multiple) && + Objects.equals(this.tooltip, configurationConstraint.tooltip) && + Objects.equals(this.constraintType, configurationConstraint.constraintType) && + Objects.equals(this.values, configurationConstraint.values) && + Objects.equals(this._default, configurationConstraint._default); + } + + @Override + public int hashCode() { + return Objects.hash(name, label, type, multiple, tooltip, constraintType, values, _default); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class ConfigurationConstraintDTO {\n"); + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" label: ").append(toIndentedString(label)).append("\n"); + sb.append(" type: ").append(toIndentedString(type)).append("\n"); + sb.append(" multiple: ").append(toIndentedString(multiple)).append("\n"); + sb.append(" tooltip: ").append(toIndentedString(tooltip)).append("\n"); + sb.append(" constraintType: ").append(toIndentedString(constraintType)).append("\n"); + sb.append(" values: ").append(toIndentedString(values)).append("\n"); + sb.append(" _default: ").append(toIndentedString(_default)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ContentPublishStatusDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ContentPublishStatusDTO.java new file mode 100644 index 0000000000..fc465459a7 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ContentPublishStatusDTO.java @@ -0,0 +1,146 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* ContentPublishStatusDTO +*/ + +public class ContentPublishStatusDTO { + /** +* Gets or Sets action +*/ + @JsonAdapter(ActionEnum.Adapter.class) +public enum ActionEnum { + PUBLISH("PUBLISH"), + + UNPUBLISH("UNPUBLISH"); + +private String value; + +ActionEnum(String value) { +this.value = value; +} + +public String getValue() { +return value; +} + +@Override +public String toString() { +return String.valueOf(value); +} + +public static ActionEnum fromValue(String value) { + for (ActionEnum b : ActionEnum.values()) { + if (b.name().equals(value)) { + return b; + } +} + throw new IllegalArgumentException("Unexpected value '" + value + "'"); +} + + public static class Adapter extends TypeAdapter { + @Override + public void write(final JsonWriter jsonWriter, final ActionEnum enumeration) throws IOException { + jsonWriter.value(enumeration.getValue()); + } + + @Override + public ActionEnum read(final JsonReader jsonReader) throws IOException { + String value = jsonReader.nextString(); + return ActionEnum.fromValue(value); + } + } +} + + public static final String SERIALIZED_NAME_ACTION = "action"; + @SerializedName(SERIALIZED_NAME_ACTION) + private ActionEnum action; + + + public ContentPublishStatusDTO action(ActionEnum action) { + + this.action = action; + return this; + } + + /** + * Get action + * @return action + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public ActionEnum getAction() { + return action; + } + + + public void setAction(ActionEnum action) { + this.action = action; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + ContentPublishStatusDTO contentPublishStatus = (ContentPublishStatusDTO) o; + return Objects.equals(this.action, contentPublishStatus.action); + } + + @Override + public int hashCode() { + return Objects.hash(action); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class ContentPublishStatusDTO {\n"); + sb.append(" action: ").append(toIndentedString(action)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ContentPublishStatusResponseDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ContentPublishStatusResponseDTO.java new file mode 100644 index 0000000000..15e8ff3c1e --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ContentPublishStatusResponseDTO.java @@ -0,0 +1,128 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* ContentPublishStatusResponseDTO +*/ + +public class ContentPublishStatusResponseDTO { + public static final String SERIALIZED_NAME_ID = "id"; + @SerializedName(SERIALIZED_NAME_ID) + private String id; + + public static final String SERIALIZED_NAME_PUBLISHED = "published"; + @SerializedName(SERIALIZED_NAME_PUBLISHED) + private Boolean published; + + + public ContentPublishStatusResponseDTO id(String id) { + + this.id = id; + return this; + } + + /** + * UUID of the org-theme + * @return id + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "UUID of the org-theme") + + public String getId() { + return id; + } + + + public void setId(String id) { + this.id = id; + } + + + public ContentPublishStatusResponseDTO published(Boolean published) { + + this.published = published; + return this; + } + + /** + * Publish status of the org-theme + * @return published + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Publish status of the org-theme") + + public Boolean isPublished() { + return published; + } + + + public void setPublished(Boolean published) { + this.published = published; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + ContentPublishStatusResponseDTO contentPublishStatusResponse = (ContentPublishStatusResponseDTO) o; + return Objects.equals(this.id, contentPublishStatusResponse.id) && + Objects.equals(this.published, contentPublishStatusResponse.published); + } + + @Override + public int hashCode() { + return Objects.hash(id, published); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class ContentPublishStatusResponseDTO {\n"); + sb.append(" id: ").append(toIndentedString(id)).append("\n"); + sb.append(" published: ").append(toIndentedString(published)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CreatePlatformGatewayRequestDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CreatePlatformGatewayRequestDTO.java new file mode 100644 index 0000000000..92226dfadc --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CreatePlatformGatewayRequestDTO.java @@ -0,0 +1,247 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.net.URI; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import org.wso2.am.integration.clients.admin.api.dto.CreatePlatformGatewayRequestPermissionsDTO; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* Request body for creating a platform gateway (name, displayName, vhost as URL, optional properties). Same property name as platform API; type is URL. +*/ + @ApiModel(description = "Request body for creating a platform gateway (name, displayName, vhost as URL, optional properties). Same property name as platform API; type is URL.") + +public class CreatePlatformGatewayRequestDTO { + public static final String SERIALIZED_NAME_NAME = "name"; + @SerializedName(SERIALIZED_NAME_NAME) + private String name; + + public static final String SERIALIZED_NAME_DISPLAY_NAME = "displayName"; + @SerializedName(SERIALIZED_NAME_DISPLAY_NAME) + private String displayName; + + public static final String SERIALIZED_NAME_DESCRIPTION = "description"; + @SerializedName(SERIALIZED_NAME_DESCRIPTION) + private String description; + + public static final String SERIALIZED_NAME_VHOST = "vhost"; + @SerializedName(SERIALIZED_NAME_VHOST) + private URI vhost; + + public static final String SERIALIZED_NAME_PROPERTIES = "properties"; + @SerializedName(SERIALIZED_NAME_PROPERTIES) + private Map properties = null; + + public static final String SERIALIZED_NAME_PERMISSIONS = "permissions"; + @SerializedName(SERIALIZED_NAME_PERMISSIONS) + private CreatePlatformGatewayRequestPermissionsDTO permissions; + + + public CreatePlatformGatewayRequestDTO name(String name) { + + this.name = name; + return this; + } + + /** + * URL-friendly gateway identifier (lowercase alphanumeric with hyphens, unique per organization) + * @return name + **/ + @ApiModelProperty(example = "prod-gateway-01", required = true, value = "URL-friendly gateway identifier (lowercase alphanumeric with hyphens, unique per organization)") + + public String getName() { + return name; + } + + + public void setName(String name) { + this.name = name; + } + + + public CreatePlatformGatewayRequestDTO displayName(String displayName) { + + this.displayName = displayName; + return this; + } + + /** + * Human-readable gateway name + * @return displayName + **/ + @ApiModelProperty(example = "Production Gateway 01", required = true, value = "Human-readable gateway name") + + public String getDisplayName() { + return displayName; + } + + + public void setDisplayName(String displayName) { + this.displayName = displayName; + } + + + public CreatePlatformGatewayRequestDTO description(String description) { + + this.description = description; + return this; + } + + /** + * Optional description + * @return description + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Optional description") + + public String getDescription() { + return description; + } + + + public void setDescription(String description) { + this.description = description; + } + + + public CreatePlatformGatewayRequestDTO vhost(URI vhost) { + + this.vhost = vhost; + return this; + } + + /** + * Gateway URL (e.g. https://mg.example.com:9443). Same name as platform API; type is URL. Server persists host internally. + * @return vhost + **/ + @ApiModelProperty(example = "https://mg.wso2.com", required = true, value = "Gateway URL (e.g. https://mg.example.com:9443). Same name as platform API; type is URL. Server persists host internally.") + + public URI getVhost() { + return vhost; + } + + + public void setVhost(URI vhost) { + this.vhost = vhost; + } + + + public CreatePlatformGatewayRequestDTO properties(Map properties) { + + this.properties = properties; + return this; + } + + /** + * Custom key-value properties for the gateway + * @return properties + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "{\"region\":\"us-west\",\"tier\":\"premium\"}", value = "Custom key-value properties for the gateway") + + public Map getProperties() { + return properties; + } + + + public void setProperties(Map properties) { + this.properties = properties; + } + + + public CreatePlatformGatewayRequestDTO permissions(CreatePlatformGatewayRequestPermissionsDTO permissions) { + + this.permissions = permissions; + return this; + } + + /** + * Get permissions + * @return permissions + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public CreatePlatformGatewayRequestPermissionsDTO getPermissions() { + return permissions; + } + + + public void setPermissions(CreatePlatformGatewayRequestPermissionsDTO permissions) { + this.permissions = permissions; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + CreatePlatformGatewayRequestDTO createPlatformGatewayRequest = (CreatePlatformGatewayRequestDTO) o; + return Objects.equals(this.name, createPlatformGatewayRequest.name) && + Objects.equals(this.displayName, createPlatformGatewayRequest.displayName) && + Objects.equals(this.description, createPlatformGatewayRequest.description) && + Objects.equals(this.vhost, createPlatformGatewayRequest.vhost) && + Objects.equals(this.properties, createPlatformGatewayRequest.properties) && + Objects.equals(this.permissions, createPlatformGatewayRequest.permissions); + } + + @Override + public int hashCode() { + return Objects.hash(name, displayName, description, vhost, properties, permissions); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class CreatePlatformGatewayRequestDTO {\n"); + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" displayName: ").append(toIndentedString(displayName)).append("\n"); + sb.append(" description: ").append(toIndentedString(description)).append("\n"); + sb.append(" vhost: ").append(toIndentedString(vhost)).append("\n"); + sb.append(" properties: ").append(toIndentedString(properties)).append("\n"); + sb.append(" permissions: ").append(toIndentedString(permissions)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CreatePlatformGatewayRequestPermissionsDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CreatePlatformGatewayRequestPermissionsDTO.java new file mode 100644 index 0000000000..5ef55b1910 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CreatePlatformGatewayRequestPermissionsDTO.java @@ -0,0 +1,180 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* Gateway visibility permissions configuration +*/ + @ApiModel(description = "Gateway visibility permissions configuration") + +public class CreatePlatformGatewayRequestPermissionsDTO { + /** +* Permission type for gateway visibility: - PUBLIC: Gateway is visible to all users - ALLOW: Gateway is visible only to specified roles - DENY: Gateway is hidden from specified roles +*/ + @JsonAdapter(PermissionTypeEnum.Adapter.class) +public enum PermissionTypeEnum { + PUBLIC("PUBLIC"), + + ALLOW("ALLOW"), + + DENY("DENY"); + +private String value; + +PermissionTypeEnum(String value) { +this.value = value; +} + +public String getValue() { +return value; +} + +@Override +public String toString() { +return String.valueOf(value); +} + +public static PermissionTypeEnum fromValue(String value) { + for (PermissionTypeEnum b : PermissionTypeEnum.values()) { + if (b.name().equals(value)) { + return b; + } +} + throw new IllegalArgumentException("Unexpected value '" + value + "'"); +} + + public static class Adapter extends TypeAdapter { + @Override + public void write(final JsonWriter jsonWriter, final PermissionTypeEnum enumeration) throws IOException { + jsonWriter.value(enumeration.getValue()); + } + + @Override + public PermissionTypeEnum read(final JsonReader jsonReader) throws IOException { + String value = jsonReader.nextString(); + return PermissionTypeEnum.fromValue(value); + } + } +} + + public static final String SERIALIZED_NAME_PERMISSION_TYPE = "permissionType"; + @SerializedName(SERIALIZED_NAME_PERMISSION_TYPE) + private PermissionTypeEnum permissionType = PermissionTypeEnum.PUBLIC; + + public static final String SERIALIZED_NAME_ROLES = "roles"; + @SerializedName(SERIALIZED_NAME_ROLES) + private List roles = null; + + + public CreatePlatformGatewayRequestPermissionsDTO permissionType(PermissionTypeEnum permissionType) { + + this.permissionType = permissionType; + return this; + } + + /** + * Permission type for gateway visibility: - PUBLIC: Gateway is visible to all users - ALLOW: Gateway is visible only to specified roles - DENY: Gateway is hidden from specified roles + * @return permissionType + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Permission type for gateway visibility: - PUBLIC: Gateway is visible to all users - ALLOW: Gateway is visible only to specified roles - DENY: Gateway is hidden from specified roles ") + + public PermissionTypeEnum getPermissionType() { + return permissionType; + } + + + public void setPermissionType(PermissionTypeEnum permissionType) { + this.permissionType = permissionType; + } + + + public CreatePlatformGatewayRequestPermissionsDTO roles(List roles) { + + this.roles = roles; + return this; + } + + /** + * List of roles for ALLOW/DENY permission types + * @return roles + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "[\"admin\",\"publisher\"]", value = "List of roles for ALLOW/DENY permission types") + + public List getRoles() { + return roles; + } + + + public void setRoles(List roles) { + this.roles = roles; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + CreatePlatformGatewayRequestPermissionsDTO createPlatformGatewayRequestPermissions = (CreatePlatformGatewayRequestPermissionsDTO) o; + return Objects.equals(this.permissionType, createPlatformGatewayRequestPermissions.permissionType) && + Objects.equals(this.roles, createPlatformGatewayRequestPermissions.roles); + } + + @Override + public int hashCode() { + return Objects.hash(permissionType, roles); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class CreatePlatformGatewayRequestPermissionsDTO {\n"); + sb.append(" permissionType: ").append(toIndentedString(permissionType)).append("\n"); + sb.append(" roles: ").append(toIndentedString(roles)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomAttributeDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomAttributeDTO.java index e943d8f6a0..851090102e 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomAttributeDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomAttributeDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomRuleAllOfDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomRuleAllOfDTO.java index 88ed8df5f6..f6f833f268 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomRuleAllOfDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomRuleAllOfDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomRuleDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomRuleDTO.java index dd7b70f903..ed3e05990d 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomRuleDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomRuleDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomRuleListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomRuleListDTO.java index 59b5a8a6a3..c182d23c75 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomRuleListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomRuleListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomUrlInfoDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomUrlInfoDTO.java index 69f5a24a58..fc5f2ad966 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomUrlInfoDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomUrlInfoDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomUrlInfoDevPortalDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomUrlInfoDevPortalDTO.java index 394dedd9d0..42b8a04574 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomUrlInfoDevPortalDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/CustomUrlInfoDevPortalDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EnvironmentDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EnvironmentDTO.java index 541e8ccdee..6579ae20d6 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EnvironmentDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EnvironmentDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -19,10 +19,12 @@ import com.google.gson.annotations.JsonAdapter; import com.google.gson.annotations.SerializedName; import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonToken; import com.google.gson.stream.JsonWriter; import io.swagger.annotations.ApiModel; import io.swagger.annotations.ApiModelProperty; import java.io.IOException; +import java.net.URI; import java.util.ArrayList; import java.util.List; import org.wso2.am.integration.clients.admin.api.dto.AdditionalPropertyDTO; @@ -47,21 +49,85 @@ public class EnvironmentDTO { @SerializedName(SERIALIZED_NAME_DISPLAY_NAME) private String displayName; - public static final String SERIALIZED_NAME_DESCRIPTION = "description"; - @SerializedName(SERIALIZED_NAME_DESCRIPTION) - private String description; - public static final String SERIALIZED_NAME_PROVIDER = "provider"; @SerializedName(SERIALIZED_NAME_PROVIDER) private String provider; + public static final String SERIALIZED_NAME_TYPE = "type"; + @SerializedName(SERIALIZED_NAME_TYPE) + private String type = "hybrid"; + public static final String SERIALIZED_NAME_GATEWAY_TYPE = "gatewayType"; @SerializedName(SERIALIZED_NAME_GATEWAY_TYPE) private String gatewayType = "Regular"; + public static final String SERIALIZED_NAME_DESCRIPTION = "description"; + @SerializedName(SERIALIZED_NAME_DESCRIPTION) + private String description; + public static final String SERIALIZED_NAME_IS_READ_ONLY = "isReadOnly"; @SerializedName(SERIALIZED_NAME_IS_READ_ONLY) - private Boolean isReadOnly; + private Boolean isReadOnly = false; + + /** +* The mode of the environment. This indicates whether the environment is in read-only or read-write mode. **READ_ONLY:** The environment is in read-only mode. API cannot be deployed, only discovery is possible. **READ_WRITE:** The environment is in read-write mode. APIs can be deployed and discovered. **WRITE_ONLY:** The environment is in write-only mode/ APIs only can be deployed. +*/ + @JsonAdapter(ModeEnum.Adapter.class) +public enum ModeEnum { + READ_ONLY("READ_ONLY"), + + READ_WRITE("READ_WRITE"), + + WRITE_ONLY("WRITE_ONLY"); + +private String value; + +ModeEnum(String value) { +this.value = value; +} + +public String getValue() { +return value; +} + +@Override +public String toString() { +return String.valueOf(value); +} + +public static ModeEnum fromValue(String value) { + if (value == null) { + return null; + } + for (ModeEnum b : ModeEnum.values()) { + if (b.name().equalsIgnoreCase(value) || b.getValue().equalsIgnoreCase(value)) { + return b; + } + } + throw new IllegalArgumentException("Unexpected value '" + value + "'"); +} + + public static class Adapter extends TypeAdapter { + @Override + public void write(final JsonWriter jsonWriter, final ModeEnum enumeration) throws IOException { + jsonWriter.value(enumeration.getValue()); + } + + @Override + public ModeEnum read(final JsonReader jsonReader) throws IOException { + if (jsonReader.peek() == JsonToken.NULL) { + jsonReader.nextNull(); + return null; + } + String value = jsonReader.nextString(); + return ModeEnum.fromValue(value); + } + } +} + + public static final String SERIALIZED_NAME_MODE = "mode"; + @SerializedName(SERIALIZED_NAME_MODE) + private ModeEnum mode = ModeEnum.WRITE_ONLY; public static final String SERIALIZED_NAME_API_DISCOVERY_SCHEDULED_WINDOW = "apiDiscoveryScheduledWindow"; @SerializedName(SERIALIZED_NAME_API_DISCOVERY_SCHEDULED_WINDOW) @@ -83,6 +149,72 @@ public class EnvironmentDTO { @SerializedName(SERIALIZED_NAME_PERMISSIONS) private EnvironmentPermissionsDTO permissions; + /** +* For platform gateway environments (gatewayType Universal), connection status to the control plane (Active or Inactive). +*/ + @JsonAdapter(StatusEnum.Adapter.class) +public enum StatusEnum { + ACTIVE("Active"), + + INACTIVE("Inactive"); + +private String value; + +StatusEnum(String value) { +this.value = value; +} + +public String getValue() { +return value; +} + +@Override +public String toString() { +return String.valueOf(value); +} + +public static StatusEnum fromValue(String value) { + if (value == null) { + return null; + } + for (StatusEnum b : StatusEnum.values()) { + if (b.name().equalsIgnoreCase(value) || b.getValue().equalsIgnoreCase(value)) { + return b; + } + } + throw new IllegalArgumentException("Unexpected value '" + value + "'"); +} + + public static class Adapter extends TypeAdapter { + @Override + public void write(final JsonWriter jsonWriter, final StatusEnum enumeration) throws IOException { + jsonWriter.value(enumeration.getValue()); + } + + @Override + public StatusEnum read(final JsonReader jsonReader) throws IOException { + if (jsonReader.peek() == JsonToken.NULL) { + jsonReader.nextNull(); + return null; + } + String value = jsonReader.nextString(); + return StatusEnum.fromValue(value); + } + } +} + + public static final String SERIALIZED_NAME_STATUS = "status"; + @SerializedName(SERIALIZED_NAME_STATUS) + private StatusEnum status; + + public static final String SERIALIZED_NAME_VHOST = "vhost"; + @SerializedName(SERIALIZED_NAME_VHOST) + private URI vhost; + + public static final String SERIALIZED_NAME_UNIVERSAL_GATEWAY_VERSION = "universalGatewayVersion"; + @SerializedName(SERIALIZED_NAME_UNIVERSAL_GATEWAY_VERSION) + private String universalGatewayVersion; + public EnvironmentDTO id(String id) { @@ -152,49 +284,49 @@ public void setDisplayName(String displayName) { } - public EnvironmentDTO description(String description) { + public EnvironmentDTO provider(String provider) { - this.description = description; + this.provider = provider; return this; } /** - * Get description - * @return description + * Get provider + * @return provider **/ @javax.annotation.Nullable - @ApiModelProperty(example = "Gateway environment in US Region", value = "") + @ApiModelProperty(example = "wso2", value = "") - public String getDescription() { - return description; + public String getProvider() { + return provider; } - public void setDescription(String description) { - this.description = description; + public void setProvider(String provider) { + this.provider = provider; } - public EnvironmentDTO provider(String provider) { + public EnvironmentDTO type(String type) { - this.provider = provider; + this.type = type; return this; } /** - * Get provider - * @return provider + * Get type + * @return type **/ @javax.annotation.Nullable - @ApiModelProperty(example = "wso2", value = "") + @ApiModelProperty(example = "hybrid", value = "") - public String getProvider() { - return provider; + public String getType() { + return type; } - public void setProvider(String provider) { - this.provider = provider; + public void setType(String type) { + this.type = type; } @@ -221,6 +353,29 @@ public void setGatewayType(String gatewayType) { } + public EnvironmentDTO description(String description) { + + this.description = description; + return this; + } + + /** + * Get description + * @return description + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "Gateway environment in US Region", value = "") + + public String getDescription() { + return description; + } + + + public void setDescription(String description) { + this.description = description; + } + + public EnvironmentDTO isReadOnly(Boolean isReadOnly) { this.isReadOnly = isReadOnly; @@ -244,6 +399,29 @@ public void setIsReadOnly(Boolean isReadOnly) { } + public EnvironmentDTO mode(ModeEnum mode) { + + this.mode = mode; + return this; + } + + /** + * The mode of the environment. This indicates whether the environment is in read-only or read-write mode. **READ_ONLY:** The environment is in read-only mode. API cannot be deployed, only discovery is possible. **READ_WRITE:** The environment is in read-write mode. APIs can be deployed and discovered. **WRITE_ONLY:** The environment is in write-only mode/ APIs only can be deployed. + * @return mode + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "READ_WRITE", value = "The mode of the environment. This indicates whether the environment is in read-only or read-write mode. **READ_ONLY:** The environment is in read-only mode. API cannot be deployed, only discovery is possible. **READ_WRITE:** The environment is in read-write mode. APIs can be deployed and discovered. **WRITE_ONLY:** The environment is in write-only mode/ APIs only can be deployed. ") + + public ModeEnum getMode() { + return mode; + } + + + public void setMode(ModeEnum mode) { + this.mode = mode; + } + + public EnvironmentDTO apiDiscoveryScheduledWindow(Integer apiDiscoveryScheduledWindow) { this.apiDiscoveryScheduledWindow = apiDiscoveryScheduledWindow; @@ -358,6 +536,75 @@ public void setPermissions(EnvironmentPermissionsDTO permissions) { } + public EnvironmentDTO status(StatusEnum status) { + + this.status = status; + return this; + } + + /** + * For platform gateway environments (gatewayType Universal), connection status to the control plane (Active or Inactive). + * @return status + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "Active", value = "For platform gateway environments (gatewayType Universal), connection status to the control plane (Active or Inactive).") + + public StatusEnum getStatus() { + return status; + } + + + public void setStatus(StatusEnum status) { + this.status = status; + } + + + public EnvironmentDTO vhost(URI vhost) { + + this.vhost = vhost; + return this; + } + + /** + * For platform gateway environments, the gateway URL (e.g. https://host:9443). Same as Platform Gateways API; only set when this environment represents a platform gateway. + * @return vhost + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "https://mg.wso2.com", value = "For platform gateway environments, the gateway URL (e.g. https://host:9443). Same as Platform Gateways API; only set when this environment represents a platform gateway.") + + public URI getVhost() { + return vhost; + } + + + public void setVhost(URI vhost) { + this.vhost = vhost; + } + + + public EnvironmentDTO universalGatewayVersion(String universalGatewayVersion) { + + this.universalGatewayVersion = universalGatewayVersion; + return this; + } + + /** + * Universal Gateway version from config (e.g. \"1.0.0\"). Set for deploy targets so UI can show quick-start version; from apim.universal_gateway.version. + * @return universalGatewayVersion + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "1.0.0", value = "Universal Gateway version from config (e.g. \"1.0.0\"). Set for deploy targets so UI can show quick-start version; from apim.universal_gateway.version.") + + public String getUniversalGatewayVersion() { + return universalGatewayVersion; + } + + + public void setUniversalGatewayVersion(String universalGatewayVersion) { + this.universalGatewayVersion = universalGatewayVersion; + } + + @Override public boolean equals(Object o) { if (this == o) { @@ -370,20 +617,25 @@ public boolean equals(Object o) { return Objects.equals(this.id, environment.id) && Objects.equals(this.name, environment.name) && Objects.equals(this.displayName, environment.displayName) && - Objects.equals(this.description, environment.description) && Objects.equals(this.provider, environment.provider) && + Objects.equals(this.type, environment.type) && Objects.equals(this.gatewayType, environment.gatewayType) && + Objects.equals(this.description, environment.description) && Objects.equals(this.isReadOnly, environment.isReadOnly) && + Objects.equals(this.mode, environment.mode) && Objects.equals(this.apiDiscoveryScheduledWindow, environment.apiDiscoveryScheduledWindow) && Objects.equals(this.vhosts, environment.vhosts) && Objects.equals(this.endpointURIs, environment.endpointURIs) && Objects.equals(this.additionalProperties, environment.additionalProperties) && - Objects.equals(this.permissions, environment.permissions); + Objects.equals(this.permissions, environment.permissions) && + Objects.equals(this.status, environment.status) && + Objects.equals(this.vhost, environment.vhost) && + Objects.equals(this.universalGatewayVersion, environment.universalGatewayVersion); } @Override public int hashCode() { - return Objects.hash(id, name, displayName, description, provider, gatewayType, isReadOnly, apiDiscoveryScheduledWindow, vhosts, endpointURIs, additionalProperties, permissions); + return Objects.hash(id, name, displayName, provider, type, gatewayType, description, isReadOnly, mode, apiDiscoveryScheduledWindow, vhosts, endpointURIs, additionalProperties, permissions, status, vhost, universalGatewayVersion); } @@ -394,15 +646,20 @@ public String toString() { sb.append(" id: ").append(toIndentedString(id)).append("\n"); sb.append(" name: ").append(toIndentedString(name)).append("\n"); sb.append(" displayName: ").append(toIndentedString(displayName)).append("\n"); - sb.append(" description: ").append(toIndentedString(description)).append("\n"); sb.append(" provider: ").append(toIndentedString(provider)).append("\n"); + sb.append(" type: ").append(toIndentedString(type)).append("\n"); sb.append(" gatewayType: ").append(toIndentedString(gatewayType)).append("\n"); + sb.append(" description: ").append(toIndentedString(description)).append("\n"); sb.append(" isReadOnly: ").append(toIndentedString(isReadOnly)).append("\n"); + sb.append(" mode: ").append(toIndentedString(mode)).append("\n"); sb.append(" apiDiscoveryScheduledWindow: ").append(toIndentedString(apiDiscoveryScheduledWindow)).append("\n"); sb.append(" vhosts: ").append(toIndentedString(vhosts)).append("\n"); sb.append(" endpointURIs: ").append(toIndentedString(endpointURIs)).append("\n"); sb.append(" additionalProperties: ").append(toIndentedString(additionalProperties)).append("\n"); sb.append(" permissions: ").append(toIndentedString(permissions)).append("\n"); + sb.append(" status: ").append(toIndentedString(status)).append("\n"); + sb.append(" vhost: ").append(toIndentedString(vhost)).append("\n"); + sb.append(" universalGatewayVersion: ").append(toIndentedString(universalGatewayVersion)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EnvironmentListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EnvironmentListDTO.java index 0154785c6c..15974cbc45 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EnvironmentListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EnvironmentListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EnvironmentPermissionsDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EnvironmentPermissionsDTO.java index d83bc0c6ee..f12ed0b0df 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EnvironmentPermissionsDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EnvironmentPermissionsDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -123,7 +123,7 @@ public EnvironmentPermissionsDTO roles(List roles) { * @return roles **/ @javax.annotation.Nullable - @ApiModelProperty(example = "[\"Subscriber\",\"Internal/subscriber\"]", value = "") + @ApiModelProperty(value = "") public List getRoles() { return roles; diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ErrorDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ErrorDTO.java index e0a0d1e9e1..813f4b4f69 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ErrorDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ErrorDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ErrorListItemDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ErrorListItemDTO.java index 2ef571eae6..d12acc48ea 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ErrorListItemDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ErrorListItemDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EventCountLimitAllOfDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EventCountLimitAllOfDTO.java index 155fa82da7..63f6fbf4c0 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EventCountLimitAllOfDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EventCountLimitAllOfDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EventCountLimitDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EventCountLimitDTO.java index 7556cdde4a..dcfd027661 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EventCountLimitDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/EventCountLimitDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ExportThrottlePolicyDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ExportThrottlePolicyDTO.java index fc0f3ba624..5f691eff9e 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ExportThrottlePolicyDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ExportThrottlePolicyDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/FileInfoDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/FileInfoDTO.java index 474a5b997b..300af1f833 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/FileInfoDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/FileInfoDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayConfigurationDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayConfigurationDTO.java new file mode 100644 index 0000000000..9781a623a2 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayConfigurationDTO.java @@ -0,0 +1,333 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* GatewayConfigurationDTO +*/ + +public class GatewayConfigurationDTO { + public static final String SERIALIZED_NAME_NAME = "name"; + @SerializedName(SERIALIZED_NAME_NAME) + private String name; + + public static final String SERIALIZED_NAME_LABEL = "label"; + @SerializedName(SERIALIZED_NAME_LABEL) + private String label; + + public static final String SERIALIZED_NAME_TYPE = "type"; + @SerializedName(SERIALIZED_NAME_TYPE) + private String type; + + public static final String SERIALIZED_NAME_REQUIRED = "required"; + @SerializedName(SERIALIZED_NAME_REQUIRED) + private Boolean required; + + public static final String SERIALIZED_NAME_MASK = "mask"; + @SerializedName(SERIALIZED_NAME_MASK) + private Boolean mask; + + public static final String SERIALIZED_NAME_MULTIPLE = "multiple"; + @SerializedName(SERIALIZED_NAME_MULTIPLE) + private Boolean multiple; + + public static final String SERIALIZED_NAME_TOOLTIP = "tooltip"; + @SerializedName(SERIALIZED_NAME_TOOLTIP) + private String tooltip; + + public static final String SERIALIZED_NAME_DEFAULT = "default"; + @SerializedName(SERIALIZED_NAME_DEFAULT) + private Object _default; + + public static final String SERIALIZED_NAME_VALUES = "values"; + @SerializedName(SERIALIZED_NAME_VALUES) + private List values = null; + + + public GatewayConfigurationDTO name(String name) { + + this.name = name; + return this; + } + + /** + * Get name + * @return name + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "consumer_key", value = "") + + public String getName() { + return name; + } + + + public void setName(String name) { + this.name = name; + } + + + public GatewayConfigurationDTO label(String label) { + + this.label = label; + return this; + } + + /** + * Get label + * @return label + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "Consumer Key", value = "") + + public String getLabel() { + return label; + } + + + public void setLabel(String label) { + this.label = label; + } + + + public GatewayConfigurationDTO type(String type) { + + this.type = type; + return this; + } + + /** + * Get type + * @return type + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "select", value = "") + + public String getType() { + return type; + } + + + public void setType(String type) { + this.type = type; + } + + + public GatewayConfigurationDTO required(Boolean required) { + + this.required = required; + return this; + } + + /** + * Get required + * @return required + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "true", value = "") + + public Boolean isRequired() { + return required; + } + + + public void setRequired(Boolean required) { + this.required = required; + } + + + public GatewayConfigurationDTO mask(Boolean mask) { + + this.mask = mask; + return this; + } + + /** + * Get mask + * @return mask + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "true", value = "") + + public Boolean isMask() { + return mask; + } + + + public void setMask(Boolean mask) { + this.mask = mask; + } + + + public GatewayConfigurationDTO multiple(Boolean multiple) { + + this.multiple = multiple; + return this; + } + + /** + * Get multiple + * @return multiple + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "true", value = "") + + public Boolean isMultiple() { + return multiple; + } + + + public void setMultiple(Boolean multiple) { + this.multiple = multiple; + } + + + public GatewayConfigurationDTO tooltip(String tooltip) { + + this.tooltip = tooltip; + return this; + } + + /** + * Get tooltip + * @return tooltip + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "Enter username", value = "") + + public String getTooltip() { + return tooltip; + } + + + public void setTooltip(String tooltip) { + this.tooltip = tooltip; + } + + + public GatewayConfigurationDTO _default(Object _default) { + + this._default = _default; + return this; + } + + /** + * Get _default + * @return _default + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "admin", value = "") + + public Object getDefault() { + return _default; + } + + + public void setDefault(Object _default) { + this._default = _default; + } + + + public GatewayConfigurationDTO values(List values) { + + this.values = values; + return this; + } + + /** + * Get values + * @return values + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getValues() { + return values; + } + + + public void setValues(List values) { + this.values = values; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + GatewayConfigurationDTO gatewayConfiguration = (GatewayConfigurationDTO) o; + return Objects.equals(this.name, gatewayConfiguration.name) && + Objects.equals(this.label, gatewayConfiguration.label) && + Objects.equals(this.type, gatewayConfiguration.type) && + Objects.equals(this.required, gatewayConfiguration.required) && + Objects.equals(this.mask, gatewayConfiguration.mask) && + Objects.equals(this.multiple, gatewayConfiguration.multiple) && + Objects.equals(this.tooltip, gatewayConfiguration.tooltip) && + Objects.equals(this._default, gatewayConfiguration._default) && + Objects.equals(this.values, gatewayConfiguration.values); + } + + @Override + public int hashCode() { + return Objects.hash(name, label, type, required, mask, multiple, tooltip, _default, values); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class GatewayConfigurationDTO {\n"); + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" label: ").append(toIndentedString(label)).append("\n"); + sb.append(" type: ").append(toIndentedString(type)).append("\n"); + sb.append(" required: ").append(toIndentedString(required)).append("\n"); + sb.append(" mask: ").append(toIndentedString(mask)).append("\n"); + sb.append(" multiple: ").append(toIndentedString(multiple)).append("\n"); + sb.append(" tooltip: ").append(toIndentedString(tooltip)).append("\n"); + sb.append(" _default: ").append(toIndentedString(_default)).append("\n"); + sb.append(" values: ").append(toIndentedString(values)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayEnvironmentProtocolURIDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayEnvironmentProtocolURIDTO.java index 90cb4db41d..64e111d6c8 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayEnvironmentProtocolURIDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayEnvironmentProtocolURIDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayInstanceDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayInstanceDTO.java index 4114a8a392..98477157cf 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayInstanceDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayInstanceDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayInstanceListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayInstanceListDTO.java index 338e685c49..6580e034ed 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayInstanceListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayInstanceListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayListDTO.java new file mode 100644 index 0000000000..44f11900a3 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayListDTO.java @@ -0,0 +1,131 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import org.wso2.am.integration.clients.admin.api.dto.PlatformGatewayResponseDTO; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* GatewayListDTO +*/ + +public class GatewayListDTO { + public static final String SERIALIZED_NAME_COUNT = "count"; + @SerializedName(SERIALIZED_NAME_COUNT) + private Integer count; + + public static final String SERIALIZED_NAME_LIST = "list"; + @SerializedName(SERIALIZED_NAME_LIST) + private List list = null; + + + public GatewayListDTO count(Integer count) { + + this.count = count; + return this; + } + + /** + * Number of platform gateways returned + * @return count + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Number of platform gateways returned") + + public Integer getCount() { + return count; + } + + + public void setCount(Integer count) { + this.count = count; + } + + + public GatewayListDTO list(List list) { + + this.list = list; + return this; + } + + /** + * Get list + * @return list + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getList() { + return list; + } + + + public void setList(List list) { + this.list = list; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + GatewayListDTO gatewayList = (GatewayListDTO) o; + return Objects.equals(this.count, gatewayList.count) && + Objects.equals(this.list, gatewayList.list); + } + + @Override + public int hashCode() { + return Objects.hash(count, list); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class GatewayListDTO {\n"); + sb.append(" count: ").append(toIndentedString(count)).append("\n"); + sb.append(" list: ").append(toIndentedString(list)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayResponseWithTokenAllOfDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayResponseWithTokenAllOfDTO.java new file mode 100644 index 0000000000..796bbc9afd --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayResponseWithTokenAllOfDTO.java @@ -0,0 +1,99 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* GatewayResponseWithTokenAllOfDTO +*/ + +public class GatewayResponseWithTokenAllOfDTO { + public static final String SERIALIZED_NAME_REGISTRATION_TOKEN = "registrationToken"; + @SerializedName(SERIALIZED_NAME_REGISTRATION_TOKEN) + private String registrationToken; + + + public GatewayResponseWithTokenAllOfDTO registrationToken(String registrationToken) { + + this.registrationToken = registrationToken; + return this; + } + + /** + * Registration token (returned only once on create or regenerate). Use as api-key when connecting the gateway to the control plane WebSocket. Store e.g. as GATEWAY_REGISTRATION_TOKEN. + * @return registrationToken + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Registration token (returned only once on create or regenerate). Use as api-key when connecting the gateway to the control plane WebSocket. Store e.g. as GATEWAY_REGISTRATION_TOKEN. ") + + public String getRegistrationToken() { + return registrationToken; + } + + + public void setRegistrationToken(String registrationToken) { + this.registrationToken = registrationToken; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + GatewayResponseWithTokenAllOfDTO gatewayResponseWithTokenAllOf = (GatewayResponseWithTokenAllOfDTO) o; + return Objects.equals(this.registrationToken, gatewayResponseWithTokenAllOf.registrationToken); + } + + @Override + public int hashCode() { + return Objects.hash(registrationToken); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class GatewayResponseWithTokenAllOfDTO {\n"); + sb.append(" registrationToken: ").append(toIndentedString(registrationToken)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayResponseWithTokenDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayResponseWithTokenDTO.java new file mode 100644 index 0000000000..d2f306da67 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GatewayResponseWithTokenDTO.java @@ -0,0 +1,398 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.net.URI; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import org.wso2.am.integration.clients.admin.api.dto.GatewayResponseWithTokenAllOfDTO; +import org.wso2.am.integration.clients.admin.api.dto.PlatformGatewayResponseDTO; +import org.wso2.am.integration.clients.admin.api.dto.PlatformGatewayResponsePermissionsDTO; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* Platform gateway response including the one-time registration token (POST create or regenerate-token). +*/ + @ApiModel(description = "Platform gateway response including the one-time registration token (POST create or regenerate-token).") + +public class GatewayResponseWithTokenDTO { + public static final String SERIALIZED_NAME_ID = "id"; + @SerializedName(SERIALIZED_NAME_ID) + private String id; + + public static final String SERIALIZED_NAME_NAME = "name"; + @SerializedName(SERIALIZED_NAME_NAME) + private String name; + + public static final String SERIALIZED_NAME_DISPLAY_NAME = "displayName"; + @SerializedName(SERIALIZED_NAME_DISPLAY_NAME) + private String displayName; + + public static final String SERIALIZED_NAME_DESCRIPTION = "description"; + @SerializedName(SERIALIZED_NAME_DESCRIPTION) + private String description; + + public static final String SERIALIZED_NAME_PROPERTIES = "properties"; + @SerializedName(SERIALIZED_NAME_PROPERTIES) + private Map properties = null; + + public static final String SERIALIZED_NAME_VHOST = "vhost"; + @SerializedName(SERIALIZED_NAME_VHOST) + private URI vhost; + + public static final String SERIALIZED_NAME_IS_ACTIVE = "isActive"; + @SerializedName(SERIALIZED_NAME_IS_ACTIVE) + private Boolean isActive; + + public static final String SERIALIZED_NAME_PERMISSIONS = "permissions"; + @SerializedName(SERIALIZED_NAME_PERMISSIONS) + private PlatformGatewayResponsePermissionsDTO permissions; + + public static final String SERIALIZED_NAME_CREATED_AT = "createdAt"; + @SerializedName(SERIALIZED_NAME_CREATED_AT) + private Date createdAt; + + public static final String SERIALIZED_NAME_UPDATED_AT = "updatedAt"; + @SerializedName(SERIALIZED_NAME_UPDATED_AT) + private Date updatedAt; + + public static final String SERIALIZED_NAME_REGISTRATION_TOKEN = "registrationToken"; + @SerializedName(SERIALIZED_NAME_REGISTRATION_TOKEN) + private String registrationToken; + + + public GatewayResponseWithTokenDTO id(String id) { + + this.id = id; + return this; + } + + /** + * Gateway UUID + * @return id + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Gateway UUID") + + public String getId() { + return id; + } + + + public void setId(String id) { + this.id = id; + } + + + public GatewayResponseWithTokenDTO name(String name) { + + this.name = name; + return this; + } + + /** + * Get name + * @return name + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public String getName() { + return name; + } + + + public void setName(String name) { + this.name = name; + } + + + public GatewayResponseWithTokenDTO displayName(String displayName) { + + this.displayName = displayName; + return this; + } + + /** + * Get displayName + * @return displayName + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public String getDisplayName() { + return displayName; + } + + + public void setDisplayName(String displayName) { + this.displayName = displayName; + } + + + public GatewayResponseWithTokenDTO description(String description) { + + this.description = description; + return this; + } + + /** + * Get description + * @return description + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public String getDescription() { + return description; + } + + + public void setDescription(String description) { + this.description = description; + } + + + public GatewayResponseWithTokenDTO properties(Map properties) { + + this.properties = properties; + return this; + } + + /** + * Custom key-value properties + * @return properties + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Custom key-value properties") + + public Map getProperties() { + return properties; + } + + + public void setProperties(Map properties) { + this.properties = properties; + } + + + public GatewayResponseWithTokenDTO vhost(URI vhost) { + + this.vhost = vhost; + return this; + } + + /** + * Gateway URL (e.g. https://host or https://host:9443). Same name as platform API; type is URL. + * @return vhost + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Gateway URL (e.g. https://host or https://host:9443). Same name as platform API; type is URL.") + + public URI getVhost() { + return vhost; + } + + + public void setVhost(URI vhost) { + this.vhost = vhost; + } + + + public GatewayResponseWithTokenDTO isActive(Boolean isActive) { + + this.isActive = isActive; + return this; + } + + /** + * Indicates if the gateway is currently connected to the control plane via WebSocket + * @return isActive + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Indicates if the gateway is currently connected to the control plane via WebSocket") + + public Boolean isIsActive() { + return isActive; + } + + + public void setIsActive(Boolean isActive) { + this.isActive = isActive; + } + + + public GatewayResponseWithTokenDTO permissions(PlatformGatewayResponsePermissionsDTO permissions) { + + this.permissions = permissions; + return this; + } + + /** + * Get permissions + * @return permissions + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public PlatformGatewayResponsePermissionsDTO getPermissions() { + return permissions; + } + + + public void setPermissions(PlatformGatewayResponsePermissionsDTO permissions) { + this.permissions = permissions; + } + + + public GatewayResponseWithTokenDTO createdAt(Date createdAt) { + + this.createdAt = createdAt; + return this; + } + + /** + * Get createdAt + * @return createdAt + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public Date getCreatedAt() { + return createdAt; + } + + + public void setCreatedAt(Date createdAt) { + this.createdAt = createdAt; + } + + + public GatewayResponseWithTokenDTO updatedAt(Date updatedAt) { + + this.updatedAt = updatedAt; + return this; + } + + /** + * Get updatedAt + * @return updatedAt + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public Date getUpdatedAt() { + return updatedAt; + } + + + public void setUpdatedAt(Date updatedAt) { + this.updatedAt = updatedAt; + } + + + public GatewayResponseWithTokenDTO registrationToken(String registrationToken) { + + this.registrationToken = registrationToken; + return this; + } + + /** + * Registration token (returned only once on create or regenerate). Use as api-key when connecting the gateway to the control plane WebSocket. Store e.g. as GATEWAY_REGISTRATION_TOKEN. + * @return registrationToken + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Registration token (returned only once on create or regenerate). Use as api-key when connecting the gateway to the control plane WebSocket. Store e.g. as GATEWAY_REGISTRATION_TOKEN. ") + + public String getRegistrationToken() { + return registrationToken; + } + + + public void setRegistrationToken(String registrationToken) { + this.registrationToken = registrationToken; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + GatewayResponseWithTokenDTO gatewayResponseWithToken = (GatewayResponseWithTokenDTO) o; + return Objects.equals(this.id, gatewayResponseWithToken.id) && + Objects.equals(this.name, gatewayResponseWithToken.name) && + Objects.equals(this.displayName, gatewayResponseWithToken.displayName) && + Objects.equals(this.description, gatewayResponseWithToken.description) && + Objects.equals(this.properties, gatewayResponseWithToken.properties) && + Objects.equals(this.vhost, gatewayResponseWithToken.vhost) && + Objects.equals(this.isActive, gatewayResponseWithToken.isActive) && + Objects.equals(this.permissions, gatewayResponseWithToken.permissions) && + Objects.equals(this.createdAt, gatewayResponseWithToken.createdAt) && + Objects.equals(this.updatedAt, gatewayResponseWithToken.updatedAt) && + Objects.equals(this.registrationToken, gatewayResponseWithToken.registrationToken); + } + + @Override + public int hashCode() { + return Objects.hash(id, name, displayName, description, properties, vhost, isActive, permissions, createdAt, updatedAt, registrationToken); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class GatewayResponseWithTokenDTO {\n"); + sb.append(" id: ").append(toIndentedString(id)).append("\n"); + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" displayName: ").append(toIndentedString(displayName)).append("\n"); + sb.append(" description: ").append(toIndentedString(description)).append("\n"); + sb.append(" properties: ").append(toIndentedString(properties)).append("\n"); + sb.append(" vhost: ").append(toIndentedString(vhost)).append("\n"); + sb.append(" isActive: ").append(toIndentedString(isActive)).append("\n"); + sb.append(" permissions: ").append(toIndentedString(permissions)).append("\n"); + sb.append(" createdAt: ").append(toIndentedString(createdAt)).append("\n"); + sb.append(" updatedAt: ").append(toIndentedString(updatedAt)).append("\n"); + sb.append(" registrationToken: ").append(toIndentedString(registrationToken)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GraphQLQueryDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GraphQLQueryDTO.java index acffa97ab8..5c42a10b1b 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GraphQLQueryDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/GraphQLQueryDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/HeaderConditionDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/HeaderConditionDTO.java index 592da78e3e..a0ee8964be 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/HeaderConditionDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/HeaderConditionDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/IPConditionDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/IPConditionDTO.java index 83f9374112..6091c1649b 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/IPConditionDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/IPConditionDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -126,7 +126,8 @@ public IPConditionDTO specificIP(String specificIP) { * Specific IP when \"IPSPECIFIC\" is used as the ipConditionType * @return specificIP **/ - @ApiModelProperty(required = true, value = "Specific IP when \"IPSPECIFIC\" is used as the ipConditionType") + @javax.annotation.Nullable + @ApiModelProperty(value = "Specific IP when \"IPSPECIFIC\" is used as the ipConditionType") public String getSpecificIP() { return specificIP; diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/JWTClaimsConditionDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/JWTClaimsConditionDTO.java index 9577950523..2fd12a9843 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/JWTClaimsConditionDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/JWTClaimsConditionDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerAPIUsagesDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerAPIUsagesDTO.java new file mode 100644 index 0000000000..52ce3de4a6 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerAPIUsagesDTO.java @@ -0,0 +1,129 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import org.wso2.am.integration.clients.admin.api.dto.APIInfoKeyManagerDTO; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* KeyManagerAPIUsagesDTO +*/ + +public class KeyManagerAPIUsagesDTO { + public static final String SERIALIZED_NAME_API_COUNT = "apiCount"; + @SerializedName(SERIALIZED_NAME_API_COUNT) + private Integer apiCount; + + public static final String SERIALIZED_NAME_APIS = "apis"; + @SerializedName(SERIALIZED_NAME_APIS) + private List apis = new ArrayList(); + + + public KeyManagerAPIUsagesDTO apiCount(Integer apiCount) { + + this.apiCount = apiCount; + return this; + } + + /** + * The total count of APIs. + * @return apiCount + **/ + @ApiModelProperty(required = true, value = "The total count of APIs.") + + public Integer getApiCount() { + return apiCount; + } + + + public void setApiCount(Integer apiCount) { + this.apiCount = apiCount; + } + + + public KeyManagerAPIUsagesDTO apis(List apis) { + + this.apis = apis; + return this; + } + + /** + * Get apis + * @return apis + **/ + @ApiModelProperty(required = true, value = "") + + public List getApis() { + return apis; + } + + + public void setApis(List apis) { + this.apis = apis; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + KeyManagerAPIUsagesDTO keyManagerAPIUsages = (KeyManagerAPIUsagesDTO) o; + return Objects.equals(this.apiCount, keyManagerAPIUsages.apiCount) && + Objects.equals(this.apis, keyManagerAPIUsages.apis); + } + + @Override + public int hashCode() { + return Objects.hash(apiCount, apis); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class KeyManagerAPIUsagesDTO {\n"); + sb.append(" apiCount: ").append(toIndentedString(apiCount)).append("\n"); + sb.append(" apis: ").append(toIndentedString(apis)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerAppUsagesDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerAppUsagesDTO.java new file mode 100644 index 0000000000..26732588bf --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerAppUsagesDTO.java @@ -0,0 +1,129 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import org.wso2.am.integration.clients.admin.api.dto.ApplicationInfoKeyManagerDTO; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* KeyManagerAppUsagesDTO +*/ + +public class KeyManagerAppUsagesDTO { + public static final String SERIALIZED_NAME_APPLICATION_COUNT = "applicationCount"; + @SerializedName(SERIALIZED_NAME_APPLICATION_COUNT) + private Integer applicationCount; + + public static final String SERIALIZED_NAME_APPLICATIONS = "applications"; + @SerializedName(SERIALIZED_NAME_APPLICATIONS) + private List applications = new ArrayList(); + + + public KeyManagerAppUsagesDTO applicationCount(Integer applicationCount) { + + this.applicationCount = applicationCount; + return this; + } + + /** + * The total count of applications. + * @return applicationCount + **/ + @ApiModelProperty(required = true, value = "The total count of applications.") + + public Integer getApplicationCount() { + return applicationCount; + } + + + public void setApplicationCount(Integer applicationCount) { + this.applicationCount = applicationCount; + } + + + public KeyManagerAppUsagesDTO applications(List applications) { + + this.applications = applications; + return this; + } + + /** + * Get applications + * @return applications + **/ + @ApiModelProperty(required = true, value = "") + + public List getApplications() { + return applications; + } + + + public void setApplications(List applications) { + this.applications = applications; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + KeyManagerAppUsagesDTO keyManagerAppUsages = (KeyManagerAppUsagesDTO) o; + return Objects.equals(this.applicationCount, keyManagerAppUsages.applicationCount) && + Objects.equals(this.applications, keyManagerAppUsages.applications); + } + + @Override + public int hashCode() { + return Objects.hash(applicationCount, applications); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class KeyManagerAppUsagesDTO {\n"); + sb.append(" applicationCount: ").append(toIndentedString(applicationCount)).append("\n"); + sb.append(" applications: ").append(toIndentedString(applications)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerCertificatesDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerCertificatesDTO.java index 6893389543..82ba5d7ff9 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerCertificatesDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerCertificatesDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerConfigurationDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerConfigurationDTO.java index b59e1ed50c..33968100c7 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerConfigurationDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerConfigurationDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -67,6 +67,10 @@ public class KeyManagerConfigurationDTO { @SerializedName(SERIALIZED_NAME_VALUES) private List values = null; + public static final String SERIALIZED_NAME_UPDATE_DISABLED = "updateDisabled"; + @SerializedName(SERIALIZED_NAME_UPDATE_DISABLED) + private Boolean updateDisabled = false; + public KeyManagerConfigurationDTO name(String name) { @@ -217,7 +221,7 @@ public KeyManagerConfigurationDTO tooltip(String tooltip) { * @return tooltip **/ @javax.annotation.Nullable - @ApiModelProperty(example = "Entet username to connect to key manager", value = "") + @ApiModelProperty(example = "Enter username to connect to key manager", value = "") public String getTooltip() { return tooltip; @@ -275,6 +279,29 @@ public void setValues(List values) { } + public KeyManagerConfigurationDTO updateDisabled(Boolean updateDisabled) { + + this.updateDisabled = updateDisabled; + return this; + } + + /** + * Indicates that this configuration field cannot be modified once the Key Manager is created. + * @return updateDisabled + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "true", value = "Indicates that this configuration field cannot be modified once the Key Manager is created.") + + public Boolean isUpdateDisabled() { + return updateDisabled; + } + + + public void setUpdateDisabled(Boolean updateDisabled) { + this.updateDisabled = updateDisabled; + } + + @Override public boolean equals(Object o) { if (this == o) { @@ -292,12 +319,13 @@ public boolean equals(Object o) { Objects.equals(this.multiple, keyManagerConfiguration.multiple) && Objects.equals(this.tooltip, keyManagerConfiguration.tooltip) && Objects.equals(this._default, keyManagerConfiguration._default) && - Objects.equals(this.values, keyManagerConfiguration.values); + Objects.equals(this.values, keyManagerConfiguration.values) && + Objects.equals(this.updateDisabled, keyManagerConfiguration.updateDisabled); } @Override public int hashCode() { - return Objects.hash(name, label, type, required, mask, multiple, tooltip, _default, values); + return Objects.hash(name, label, type, required, mask, multiple, tooltip, _default, values, updateDisabled); } @@ -314,6 +342,7 @@ public String toString() { sb.append(" tooltip: ").append(toIndentedString(tooltip)).append("\n"); sb.append(" _default: ").append(toIndentedString(_default)).append("\n"); sb.append(" values: ").append(toIndentedString(values)).append("\n"); + sb.append(" updateDisabled: ").append(toIndentedString(updateDisabled)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerDTO.java index bd0ff49c25..be480265fd 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -27,6 +27,7 @@ import java.util.List; import org.wso2.am.integration.clients.admin.api.dto.ClaimMappingEntryDTO; import org.wso2.am.integration.clients.admin.api.dto.KeyManagerCertificatesDTO; +import org.wso2.am.integration.clients.admin.api.dto.KeyManagerEndpointDTO; import org.wso2.am.integration.clients.admin.api.dto.KeyManagerPermissionsDTO; import org.wso2.am.integration.clients.admin.api.dto.TokenValidationDTO; import com.fasterxml.jackson.annotation.JsonCreator; @@ -91,6 +92,10 @@ public class KeyManagerDTO { @SerializedName(SERIALIZED_NAME_AUTHORIZE_ENDPOINT) private String authorizeEndpoint; + public static final String SERIALIZED_NAME_ENDPOINTS = "endpoints"; + @SerializedName(SERIALIZED_NAME_ENDPOINTS) + private List endpoints = null; + public static final String SERIALIZED_NAME_CERTIFICATES = "certificates"; @SerializedName(SERIALIZED_NAME_CERTIFICATES) private KeyManagerCertificatesDTO certificates; @@ -155,6 +160,10 @@ public class KeyManagerDTO { @SerializedName(SERIALIZED_NAME_ENABLED) private Boolean enabled; + public static final String SERIALIZED_NAME_GLOBAL = "global"; + @SerializedName(SERIALIZED_NAME_GLOBAL) + private Boolean global; + public static final String SERIALIZED_NAME_ADDITIONAL_PROPERTIES = "additionalProperties"; @SerializedName(SERIALIZED_NAME_ADDITIONAL_PROPERTIES) private Object additionalProperties; @@ -164,7 +173,7 @@ public class KeyManagerDTO { private KeyManagerPermissionsDTO permissions; /** -* The type of the tokens to be used (exchanged or without exchanged). Accepted values are EXCHANGED and DIRECT. +* The type of the tokens to be used (exchanged or without exchanged). Accepted values are EXCHANGED, DIRECT and BOTH. */ @JsonAdapter(TokenTypeEnum.Adapter.class) public enum TokenTypeEnum { @@ -541,6 +550,29 @@ public void setAuthorizeEndpoint(String authorizeEndpoint) { } + public KeyManagerDTO endpoints(List endpoints) { + + this.endpoints = endpoints; + return this; + } + + /** + * Get endpoints + * @return endpoints + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getEndpoints() { + return endpoints; + } + + + public void setEndpoints(List endpoints) { + this.endpoints = endpoints; + } + + public KeyManagerDTO certificates(KeyManagerCertificatesDTO certificates) { this.certificates = certificates; @@ -909,6 +941,29 @@ public void setEnabled(Boolean enabled) { } + public KeyManagerDTO global(Boolean global) { + + this.global = global; + return this; + } + + /** + * Get global + * @return global + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "true", value = "") + + public Boolean isGlobal() { + return global; + } + + + public void setGlobal(Boolean global) { + this.global = global; + } + + public KeyManagerDTO additionalProperties(Object additionalProperties) { this.additionalProperties = additionalProperties; @@ -962,11 +1017,11 @@ public KeyManagerDTO tokenType(TokenTypeEnum tokenType) { } /** - * The type of the tokens to be used (exchanged or without exchanged). Accepted values are EXCHANGED and DIRECT. + * The type of the tokens to be used (exchanged or without exchanged). Accepted values are EXCHANGED, DIRECT and BOTH. * @return tokenType **/ @javax.annotation.Nullable - @ApiModelProperty(example = "EXCHANGED", value = "The type of the tokens to be used (exchanged or without exchanged). Accepted values are EXCHANGED and DIRECT.") + @ApiModelProperty(example = "EXCHANGED", value = "The type of the tokens to be used (exchanged or without exchanged). Accepted values are EXCHANGED, DIRECT and BOTH.") public TokenTypeEnum getTokenType() { return tokenType; @@ -1024,6 +1079,7 @@ public boolean equals(Object o) { Objects.equals(this.displayRevokeEndpoint, keyManager.displayRevokeEndpoint) && Objects.equals(this.userInfoEndpoint, keyManager.userInfoEndpoint) && Objects.equals(this.authorizeEndpoint, keyManager.authorizeEndpoint) && + Objects.equals(this.endpoints, keyManager.endpoints) && Objects.equals(this.certificates, keyManager.certificates) && Objects.equals(this.issuer, keyManager.issuer) && Objects.equals(this.alias, keyManager.alias) && @@ -1040,6 +1096,7 @@ public boolean equals(Object o) { Objects.equals(this.scopesClaim, keyManager.scopesClaim) && Objects.equals(this.tokenValidation, keyManager.tokenValidation) && Objects.equals(this.enabled, keyManager.enabled) && + Objects.equals(this.global, keyManager.global) && Objects.equals(this.additionalProperties, keyManager.additionalProperties) && Objects.equals(this.permissions, keyManager.permissions) && Objects.equals(this.tokenType, keyManager.tokenType) && @@ -1048,7 +1105,7 @@ public boolean equals(Object o) { @Override public int hashCode() { - return Objects.hash(id, name, displayName, type, description, wellKnownEndpoint, introspectionEndpoint, clientRegistrationEndpoint, tokenEndpoint, displayTokenEndpoint, revokeEndpoint, displayRevokeEndpoint, userInfoEndpoint, authorizeEndpoint, certificates, issuer, alias, scopeManagementEndpoint, availableGrantTypes, enableTokenGeneration, enableTokenEncryption, enableTokenHashing, enableMapOAuthConsumerApps, enableOAuthAppCreation, enableSelfValidationJWT, claimMapping, consumerKeyClaim, scopesClaim, tokenValidation, enabled, additionalProperties, permissions, tokenType, allowedOrganizations); + return Objects.hash(id, name, displayName, type, description, wellKnownEndpoint, introspectionEndpoint, clientRegistrationEndpoint, tokenEndpoint, displayTokenEndpoint, revokeEndpoint, displayRevokeEndpoint, userInfoEndpoint, authorizeEndpoint, endpoints, certificates, issuer, alias, scopeManagementEndpoint, availableGrantTypes, enableTokenGeneration, enableTokenEncryption, enableTokenHashing, enableMapOAuthConsumerApps, enableOAuthAppCreation, enableSelfValidationJWT, claimMapping, consumerKeyClaim, scopesClaim, tokenValidation, enabled, global, additionalProperties, permissions, tokenType, allowedOrganizations); } @@ -1070,6 +1127,7 @@ public String toString() { sb.append(" displayRevokeEndpoint: ").append(toIndentedString(displayRevokeEndpoint)).append("\n"); sb.append(" userInfoEndpoint: ").append(toIndentedString(userInfoEndpoint)).append("\n"); sb.append(" authorizeEndpoint: ").append(toIndentedString(authorizeEndpoint)).append("\n"); + sb.append(" endpoints: ").append(toIndentedString(endpoints)).append("\n"); sb.append(" certificates: ").append(toIndentedString(certificates)).append("\n"); sb.append(" issuer: ").append(toIndentedString(issuer)).append("\n"); sb.append(" alias: ").append(toIndentedString(alias)).append("\n"); @@ -1086,6 +1144,7 @@ public String toString() { sb.append(" scopesClaim: ").append(toIndentedString(scopesClaim)).append("\n"); sb.append(" tokenValidation: ").append(toIndentedString(tokenValidation)).append("\n"); sb.append(" enabled: ").append(toIndentedString(enabled)).append("\n"); + sb.append(" global: ").append(toIndentedString(global)).append("\n"); sb.append(" additionalProperties: ").append(toIndentedString(additionalProperties)).append("\n"); sb.append(" permissions: ").append(toIndentedString(permissions)).append("\n"); sb.append(" tokenType: ").append(toIndentedString(tokenType)).append("\n"); diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerEndpointDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerEndpointDTO.java new file mode 100644 index 0000000000..96517c2b28 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerEndpointDTO.java @@ -0,0 +1,126 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* KeyManagerEndpointDTO +*/ + +public class KeyManagerEndpointDTO { + public static final String SERIALIZED_NAME_NAME = "name"; + @SerializedName(SERIALIZED_NAME_NAME) + private String name; + + public static final String SERIALIZED_NAME_VALUE = "value"; + @SerializedName(SERIALIZED_NAME_VALUE) + private String value; + + + public KeyManagerEndpointDTO name(String name) { + + this.name = name; + return this; + } + + /** + * Get name + * @return name + **/ + @ApiModelProperty(example = "token_endpoint", required = true, value = "") + + public String getName() { + return name; + } + + + public void setName(String name) { + this.name = name; + } + + + public KeyManagerEndpointDTO value(String value) { + + this.value = value; + return this; + } + + /** + * Get value + * @return value + **/ + @ApiModelProperty(example = "https://localhost:9443/oauth2/token", required = true, value = "") + + public String getValue() { + return value; + } + + + public void setValue(String value) { + this.value = value; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + KeyManagerEndpointDTO keyManagerEndpoint = (KeyManagerEndpointDTO) o; + return Objects.equals(this.name, keyManagerEndpoint.name) && + Objects.equals(this.value, keyManagerEndpoint.value); + } + + @Override + public int hashCode() { + return Objects.hash(name, value); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class KeyManagerEndpointDTO {\n"); + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" value: ").append(toIndentedString(value)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerInfoDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerInfoDTO.java index c8bf2ffbf0..e6e511762f 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerInfoDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerInfoDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -49,8 +49,16 @@ public class KeyManagerInfoDTO { @SerializedName(SERIALIZED_NAME_ENABLED) private Boolean enabled; + public static final String SERIALIZED_NAME_IS_GLOBAL = "isGlobal"; + @SerializedName(SERIALIZED_NAME_IS_GLOBAL) + private Boolean isGlobal; + + public static final String SERIALIZED_NAME_IS_USED = "isUsed"; + @SerializedName(SERIALIZED_NAME_IS_USED) + private Boolean isUsed; + /** -* The type of the tokens to be used (exchanged or without exchanged). Accepted values are EXCHANGED and DIRECT. +* The type of the tokens to be used (exchanged or without exchanged). Accepted values are EXCHANGED, DIRECT and BOTH. */ @JsonAdapter(TokenTypeEnum.Adapter.class) public enum TokenTypeEnum { @@ -216,6 +224,52 @@ public void setEnabled(Boolean enabled) { } + public KeyManagerInfoDTO isGlobal(Boolean isGlobal) { + + this.isGlobal = isGlobal; + return this; + } + + /** + * Get isGlobal + * @return isGlobal + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "true", value = "") + + public Boolean isIsGlobal() { + return isGlobal; + } + + + public void setIsGlobal(Boolean isGlobal) { + this.isGlobal = isGlobal; + } + + + public KeyManagerInfoDTO isUsed(Boolean isUsed) { + + this.isUsed = isUsed; + return this; + } + + /** + * Get isUsed + * @return isUsed + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "true", value = "") + + public Boolean isIsUsed() { + return isUsed; + } + + + public void setIsUsed(Boolean isUsed) { + this.isUsed = isUsed; + } + + public KeyManagerInfoDTO tokenType(TokenTypeEnum tokenType) { this.tokenType = tokenType; @@ -223,11 +277,11 @@ public KeyManagerInfoDTO tokenType(TokenTypeEnum tokenType) { } /** - * The type of the tokens to be used (exchanged or without exchanged). Accepted values are EXCHANGED and DIRECT. + * The type of the tokens to be used (exchanged or without exchanged). Accepted values are EXCHANGED, DIRECT and BOTH. * @return tokenType **/ @javax.annotation.Nullable - @ApiModelProperty(example = "EXCHANGED", value = "The type of the tokens to be used (exchanged or without exchanged). Accepted values are EXCHANGED and DIRECT.") + @ApiModelProperty(example = "EXCHANGED", value = "The type of the tokens to be used (exchanged or without exchanged). Accepted values are EXCHANGED, DIRECT and BOTH.") public TokenTypeEnum getTokenType() { return tokenType; @@ -253,12 +307,14 @@ public boolean equals(Object o) { Objects.equals(this.type, keyManagerInfo.type) && Objects.equals(this.description, keyManagerInfo.description) && Objects.equals(this.enabled, keyManagerInfo.enabled) && + Objects.equals(this.isGlobal, keyManagerInfo.isGlobal) && + Objects.equals(this.isUsed, keyManagerInfo.isUsed) && Objects.equals(this.tokenType, keyManagerInfo.tokenType); } @Override public int hashCode() { - return Objects.hash(id, name, type, description, enabled, tokenType); + return Objects.hash(id, name, type, description, enabled, isGlobal, isUsed, tokenType); } @@ -271,6 +327,8 @@ public String toString() { sb.append(" type: ").append(toIndentedString(type)).append("\n"); sb.append(" description: ").append(toIndentedString(description)).append("\n"); sb.append(" enabled: ").append(toIndentedString(enabled)).append("\n"); + sb.append(" isGlobal: ").append(toIndentedString(isGlobal)).append("\n"); + sb.append(" isUsed: ").append(toIndentedString(isUsed)).append("\n"); sb.append(" tokenType: ").append(toIndentedString(tokenType)).append("\n"); sb.append("}"); return sb.toString(); diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerListDTO.java index cdf02d14b4..4e8899a8d2 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerPermissionsDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerPermissionsDTO.java index c6bc8082c2..c099239361 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerPermissionsDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerPermissionsDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerWellKnownResponseDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerWellKnownResponseDTO.java index d303113fab..6853ba03fe 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerWellKnownResponseDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/KeyManagerWellKnownResponseDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LLMProviderRequestDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LLMProviderRequestDTO.java index b33ff5e594..8e856a7e16 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LLMProviderRequestDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LLMProviderRequestDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LLMProviderResponseDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LLMProviderResponseDTO.java index 2c36d1eb86..fe5129132f 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LLMProviderResponseDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LLMProviderResponseDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LLMProviderSummaryResponseDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LLMProviderSummaryResponseDTO.java index 2d688c9569..d7ad5f89c0 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LLMProviderSummaryResponseDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LLMProviderSummaryResponseDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LLMProviderSummaryResponseListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LLMProviderSummaryResponseListDTO.java index 0b632c3a0c..040a247790 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LLMProviderSummaryResponseListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LLMProviderSummaryResponseListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LabelDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LabelDTO.java index f6f912c30c..cc7fb69e12 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LabelDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LabelDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -23,8 +23,6 @@ import io.swagger.annotations.ApiModel; import io.swagger.annotations.ApiModelProperty; import java.io.IOException; -import java.util.ArrayList; -import java.util.List; import com.fasterxml.jackson.annotation.JsonCreator; /** * LabelDTO @@ -43,10 +41,6 @@ public class LabelDTO { @SerializedName(SERIALIZED_NAME_DESCRIPTION) private String description; - public static final String SERIALIZED_NAME_ACCESS_URLS = "accessUrls"; - @SerializedName(SERIALIZED_NAME_ACCESS_URLS) - private List accessUrls = null; - public LabelDTO id(String id) { @@ -59,7 +53,7 @@ public LabelDTO id(String id) { * @return id **/ @javax.annotation.Nullable - @ApiModelProperty(example = "ece92bdc-e1e6-325c-b6f4-656208a041e9", value = "") + @ApiModelProperty(example = "d7cf8523-9180-4255-84fa-6cb171c1f779", value = "") public String getId() { return id; @@ -81,7 +75,7 @@ public LabelDTO name(String name) { * Get name * @return name **/ - @ApiModelProperty(example = "Public", required = true, value = "") + @ApiModelProperty(example = "Health", required = true, value = "") public String getName() { return name; @@ -104,7 +98,7 @@ public LabelDTO description(String description) { * @return description **/ @javax.annotation.Nullable - @ApiModelProperty(example = "Label to use for public Gateway", value = "") + @ApiModelProperty(example = "Health related APIs", value = "") public String getDescription() { return description; @@ -116,29 +110,6 @@ public void setDescription(String description) { } - public LabelDTO accessUrls(List accessUrls) { - - this.accessUrls = accessUrls; - return this; - } - - /** - * Get accessUrls - * @return accessUrls - **/ - @javax.annotation.Nullable - @ApiModelProperty(value = "") - - public List getAccessUrls() { - return accessUrls; - } - - - public void setAccessUrls(List accessUrls) { - this.accessUrls = accessUrls; - } - - @Override public boolean equals(Object o) { if (this == o) { @@ -150,13 +121,12 @@ public boolean equals(Object o) { LabelDTO label = (LabelDTO) o; return Objects.equals(this.id, label.id) && Objects.equals(this.name, label.name) && - Objects.equals(this.description, label.description) && - Objects.equals(this.accessUrls, label.accessUrls); + Objects.equals(this.description, label.description); } @Override public int hashCode() { - return Objects.hash(id, name, description, accessUrls); + return Objects.hash(id, name, description); } @@ -167,7 +137,6 @@ public String toString() { sb.append(" id: ").append(toIndentedString(id)).append("\n"); sb.append(" name: ").append(toIndentedString(name)).append("\n"); sb.append(" description: ").append(toIndentedString(description)).append("\n"); - sb.append(" accessUrls: ").append(toIndentedString(accessUrls)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LabelListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LabelListDTO.java index 9fad59171e..8dd92c8722 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LabelListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LabelListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -26,6 +26,7 @@ import java.util.ArrayList; import java.util.List; import org.wso2.am.integration.clients.admin.api.dto.LabelDTO; +import org.wso2.am.integration.clients.admin.api.dto.PaginationDTO; import com.fasterxml.jackson.annotation.JsonCreator; /** * LabelListDTO @@ -40,6 +41,10 @@ public class LabelListDTO { @SerializedName(SERIALIZED_NAME_LIST) private List list = null; + public static final String SERIALIZED_NAME_PAGINATION = "pagination"; + @SerializedName(SERIALIZED_NAME_PAGINATION) + private PaginationDTO pagination; + public LabelListDTO count(Integer count) { @@ -48,11 +53,11 @@ public LabelListDTO count(Integer count) { } /** - * Number of Labels returned. + * Number of labels returned. * @return count **/ @javax.annotation.Nullable - @ApiModelProperty(example = "1", value = "Number of Labels returned. ") + @ApiModelProperty(example = "1", value = "Number of labels returned.") public Integer getCount() { return count; @@ -71,11 +76,11 @@ public LabelListDTO list(List list) { } /** - * Get list + * List of labels. * @return list **/ @javax.annotation.Nullable - @ApiModelProperty(value = "") + @ApiModelProperty(value = "List of labels.") public List getList() { return list; @@ -87,6 +92,29 @@ public void setList(List list) { } + public LabelListDTO pagination(PaginationDTO pagination) { + + this.pagination = pagination; + return this; + } + + /** + * Get pagination + * @return pagination + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public PaginationDTO getPagination() { + return pagination; + } + + + public void setPagination(PaginationDTO pagination) { + this.pagination = pagination; + } + + @Override public boolean equals(Object o) { if (this == o) { @@ -97,12 +125,13 @@ public boolean equals(Object o) { } LabelListDTO labelList = (LabelListDTO) o; return Objects.equals(this.count, labelList.count) && - Objects.equals(this.list, labelList.list); + Objects.equals(this.list, labelList.list) && + Objects.equals(this.pagination, labelList.pagination); } @Override public int hashCode() { - return Objects.hash(count, list); + return Objects.hash(count, list, pagination); } @@ -112,6 +141,7 @@ public String toString() { sb.append("class LabelListDTO {\n"); sb.append(" count: ").append(toIndentedString(count)).append("\n"); sb.append(" list: ").append(toIndentedString(list)).append("\n"); + sb.append(" pagination: ").append(toIndentedString(pagination)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LabelUsageApisDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LabelUsageApisDTO.java new file mode 100644 index 0000000000..d7c7b81da1 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LabelUsageApisDTO.java @@ -0,0 +1,132 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import org.wso2.am.integration.clients.admin.api.dto.ApiResultDTO; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* List of APIs associated with the label. +*/ + @ApiModel(description = "List of APIs associated with the label. ") + +public class LabelUsageApisDTO { + public static final String SERIALIZED_NAME_COUNT = "count"; + @SerializedName(SERIALIZED_NAME_COUNT) + private Integer count; + + public static final String SERIALIZED_NAME_LIST = "list"; + @SerializedName(SERIALIZED_NAME_LIST) + private List list = null; + + + public LabelUsageApisDTO count(Integer count) { + + this.count = count; + return this; + } + + /** + * Number of APIs associated with the label. + * @return count + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "1", value = "Number of APIs associated with the label.") + + public Integer getCount() { + return count; + } + + + public void setCount(Integer count) { + this.count = count; + } + + + public LabelUsageApisDTO list(List list) { + + this.list = list; + return this; + } + + /** + * List of APIs associated with the label. + * @return list + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "List of APIs associated with the label.") + + public List getList() { + return list; + } + + + public void setList(List list) { + this.list = list; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + LabelUsageApisDTO labelUsageApis = (LabelUsageApisDTO) o; + return Objects.equals(this.count, labelUsageApis.count) && + Objects.equals(this.list, labelUsageApis.list); + } + + @Override + public int hashCode() { + return Objects.hash(count, list); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class LabelUsageApisDTO {\n"); + sb.append(" count: ").append(toIndentedString(count)).append("\n"); + sb.append(" list: ").append(toIndentedString(list)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LabelUsageDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LabelUsageDTO.java new file mode 100644 index 0000000000..bd833ec5cf --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/LabelUsageDTO.java @@ -0,0 +1,100 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import org.wso2.am.integration.clients.admin.api.dto.LabelUsageApisDTO; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* LabelUsageDTO +*/ + +public class LabelUsageDTO { + public static final String SERIALIZED_NAME_APIS = "apis"; + @SerializedName(SERIALIZED_NAME_APIS) + private LabelUsageApisDTO apis; + + + public LabelUsageDTO apis(LabelUsageApisDTO apis) { + + this.apis = apis; + return this; + } + + /** + * Get apis + * @return apis + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public LabelUsageApisDTO getApis() { + return apis; + } + + + public void setApis(LabelUsageApisDTO apis) { + this.apis = apis; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + LabelUsageDTO labelUsage = (LabelUsageDTO) o; + return Objects.equals(this.apis, labelUsage.apis); + } + + @Override + public int hashCode() { + return Objects.hash(apis); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class LabelUsageDTO {\n"); + sb.append(" apis: ").append(toIndentedString(apis)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MediationDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MediationDTO.java deleted file mode 100644 index 8f109acb2d..0000000000 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MediationDTO.java +++ /dev/null @@ -1,232 +0,0 @@ -/* - * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) - * - * The version of the OpenAPI document: v4 - * Contact: architecture@wso2.com - * - * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). - * https://openapi-generator.tech - * Do not edit the class manually. - */ - - -package org.wso2.am.integration.clients.admin.api.dto; - -import java.util.Objects; -import java.util.Arrays; -import com.google.gson.TypeAdapter; -import com.google.gson.annotations.JsonAdapter; -import com.google.gson.annotations.SerializedName; -import com.google.gson.stream.JsonReader; -import com.google.gson.stream.JsonWriter; -import io.swagger.annotations.ApiModel; -import io.swagger.annotations.ApiModelProperty; -import java.io.IOException; -import com.fasterxml.jackson.annotation.JsonCreator; -/** -* MediationDTO -*/ - -public class MediationDTO { - public static final String SERIALIZED_NAME_ID = "id"; - @SerializedName(SERIALIZED_NAME_ID) - private String id; - - public static final String SERIALIZED_NAME_NAME = "name"; - @SerializedName(SERIALIZED_NAME_NAME) - private String name; - - /** -* Gets or Sets type -*/ - @JsonAdapter(TypeEnum.Adapter.class) -public enum TypeEnum { - IN("IN"), - - OUT("OUT"), - - FAULT("FAULT"); - -private String value; - -TypeEnum(String value) { -this.value = value; -} - -public String getValue() { -return value; -} - -@Override -public String toString() { -return String.valueOf(value); -} - -public static TypeEnum fromValue(String value) { - for (TypeEnum b : TypeEnum.values()) { - if (b.name().equals(value)) { - return b; - } -} - throw new IllegalArgumentException("Unexpected value '" + value + "'"); -} - - public static class Adapter extends TypeAdapter { - @Override - public void write(final JsonWriter jsonWriter, final TypeEnum enumeration) throws IOException { - jsonWriter.value(enumeration.getValue()); - } - - @Override - public TypeEnum read(final JsonReader jsonReader) throws IOException { - String value = jsonReader.nextString(); - return TypeEnum.fromValue(value); - } - } -} - - public static final String SERIALIZED_NAME_TYPE = "type"; - @SerializedName(SERIALIZED_NAME_TYPE) - private TypeEnum type; - - public static final String SERIALIZED_NAME_CONFIG = "config"; - @SerializedName(SERIALIZED_NAME_CONFIG) - private String config; - - - public MediationDTO id(String id) { - - this.id = id; - return this; - } - - /** - * Get id - * @return id - **/ - @javax.annotation.Nullable - @ApiModelProperty(example = "01234567-0123-0123-0123-012345678901", value = "") - - public String getId() { - return id; - } - - - public void setId(String id) { - this.id = id; - } - - - public MediationDTO name(String name) { - - this.name = name; - return this; - } - - /** - * Get name - * @return name - **/ - @ApiModelProperty(example = "custom_log_in_message.xml", required = true, value = "") - - public String getName() { - return name; - } - - - public void setName(String name) { - this.name = name; - } - - - public MediationDTO type(TypeEnum type) { - - this.type = type; - return this; - } - - /** - * Get type - * @return type - **/ - @ApiModelProperty(example = "IN", required = true, value = "") - - public TypeEnum getType() { - return type; - } - - - public void setType(TypeEnum type) { - this.type = type; - } - - - public MediationDTO config(String config) { - - this.config = config; - return this; - } - - /** - * Get config - * @return config - **/ - @ApiModelProperty(example = " ", required = true, value = "") - - public String getConfig() { - return config; - } - - - public void setConfig(String config) { - this.config = config; - } - - - @Override - public boolean equals(Object o) { - if (this == o) { - return true; - } - if (o == null || getClass() != o.getClass()) { - return false; - } - MediationDTO mediation = (MediationDTO) o; - return Objects.equals(this.id, mediation.id) && - Objects.equals(this.name, mediation.name) && - Objects.equals(this.type, mediation.type) && - Objects.equals(this.config, mediation.config); - } - - @Override - public int hashCode() { - return Objects.hash(id, name, type, config); - } - - -@Override -public String toString() { -StringBuilder sb = new StringBuilder(); -sb.append("class MediationDTO {\n"); - sb.append(" id: ").append(toIndentedString(id)).append("\n"); - sb.append(" name: ").append(toIndentedString(name)).append("\n"); - sb.append(" type: ").append(toIndentedString(type)).append("\n"); - sb.append(" config: ").append(toIndentedString(config)).append("\n"); -sb.append("}"); -return sb.toString(); -} - -/** -* Convert the given object to string with each line indented by 4 spaces -* (except the first line). -*/ -private String toIndentedString(Object o) { -if (o == null) { -return "null"; -} -return o.toString().replace("\n", "\n "); -} - -} - diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MediationInfoDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MediationInfoDTO.java deleted file mode 100644 index 1522f10667..0000000000 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MediationInfoDTO.java +++ /dev/null @@ -1,203 +0,0 @@ -/* - * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) - * - * The version of the OpenAPI document: v4 - * Contact: architecture@wso2.com - * - * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). - * https://openapi-generator.tech - * Do not edit the class manually. - */ - - -package org.wso2.am.integration.clients.admin.api.dto; - -import java.util.Objects; -import java.util.Arrays; -import com.google.gson.TypeAdapter; -import com.google.gson.annotations.JsonAdapter; -import com.google.gson.annotations.SerializedName; -import com.google.gson.stream.JsonReader; -import com.google.gson.stream.JsonWriter; -import io.swagger.annotations.ApiModel; -import io.swagger.annotations.ApiModelProperty; -import java.io.IOException; -import com.fasterxml.jackson.annotation.JsonCreator; -/** -* MediationInfoDTO -*/ - -public class MediationInfoDTO { - public static final String SERIALIZED_NAME_NAME = "name"; - @SerializedName(SERIALIZED_NAME_NAME) - private String name; - - public static final String SERIALIZED_NAME_ID = "id"; - @SerializedName(SERIALIZED_NAME_ID) - private String id; - - /** -* Gets or Sets type -*/ - @JsonAdapter(TypeEnum.Adapter.class) -public enum TypeEnum { - IN("in"), - - OUT("out"), - - FAULT("fault"); - -private String value; - -TypeEnum(String value) { -this.value = value; -} - -public String getValue() { -return value; -} - -@Override -public String toString() { -return String.valueOf(value); -} - -public static TypeEnum fromValue(String value) { - for (TypeEnum b : TypeEnum.values()) { - if (b.name().equals(value)) { - return b; - } -} - throw new IllegalArgumentException("Unexpected value '" + value + "'"); -} - - public static class Adapter extends TypeAdapter { - @Override - public void write(final JsonWriter jsonWriter, final TypeEnum enumeration) throws IOException { - jsonWriter.value(enumeration.getValue()); - } - - @Override - public TypeEnum read(final JsonReader jsonReader) throws IOException { - String value = jsonReader.nextString(); - return TypeEnum.fromValue(value); - } - } -} - - public static final String SERIALIZED_NAME_TYPE = "type"; - @SerializedName(SERIALIZED_NAME_TYPE) - private TypeEnum type; - - - public MediationInfoDTO name(String name) { - - this.name = name; - return this; - } - - /** - * Get name - * @return name - **/ - @ApiModelProperty(example = "json_fault.xml", required = true, value = "") - - public String getName() { - return name; - } - - - public void setName(String name) { - this.name = name; - } - - - public MediationInfoDTO id(String id) { - - this.id = id; - return this; - } - - /** - * Get id - * @return id - **/ - @ApiModelProperty(example = "01234567-0123-0123-0123-012345678901", required = true, value = "") - - public String getId() { - return id; - } - - - public void setId(String id) { - this.id = id; - } - - - public MediationInfoDTO type(TypeEnum type) { - - this.type = type; - return this; - } - - /** - * Get type - * @return type - **/ - @ApiModelProperty(example = "in", required = true, value = "") - - public TypeEnum getType() { - return type; - } - - - public void setType(TypeEnum type) { - this.type = type; - } - - - @Override - public boolean equals(Object o) { - if (this == o) { - return true; - } - if (o == null || getClass() != o.getClass()) { - return false; - } - MediationInfoDTO mediationInfo = (MediationInfoDTO) o; - return Objects.equals(this.name, mediationInfo.name) && - Objects.equals(this.id, mediationInfo.id) && - Objects.equals(this.type, mediationInfo.type); - } - - @Override - public int hashCode() { - return Objects.hash(name, id, type); - } - - -@Override -public String toString() { -StringBuilder sb = new StringBuilder(); -sb.append("class MediationInfoDTO {\n"); - sb.append(" name: ").append(toIndentedString(name)).append("\n"); - sb.append(" id: ").append(toIndentedString(id)).append("\n"); - sb.append(" type: ").append(toIndentedString(type)).append("\n"); -sb.append("}"); -return sb.toString(); -} - -/** -* Convert the given object to string with each line indented by 4 spaces -* (except the first line). -*/ -private String toIndentedString(Object o) { -if (o == null) { -return "null"; -} -return o.toString().replace("\n", "\n "); -} - -} - diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MediationListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MediationListDTO.java deleted file mode 100644 index e8b62aac28..0000000000 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MediationListDTO.java +++ /dev/null @@ -1,189 +0,0 @@ -/* - * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) - * - * The version of the OpenAPI document: v4 - * Contact: architecture@wso2.com - * - * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). - * https://openapi-generator.tech - * Do not edit the class manually. - */ - - -package org.wso2.am.integration.clients.admin.api.dto; - -import java.util.Objects; -import java.util.Arrays; -import com.google.gson.TypeAdapter; -import com.google.gson.annotations.JsonAdapter; -import com.google.gson.annotations.SerializedName; -import com.google.gson.stream.JsonReader; -import com.google.gson.stream.JsonWriter; -import io.swagger.annotations.ApiModel; -import io.swagger.annotations.ApiModelProperty; -import java.io.IOException; -import java.util.ArrayList; -import java.util.List; -import org.wso2.am.integration.clients.admin.api.dto.MediationInfoDTO; -import com.fasterxml.jackson.annotation.JsonCreator; -/** -* MediationListDTO -*/ - -public class MediationListDTO { - public static final String SERIALIZED_NAME_COUNT = "count"; - @SerializedName(SERIALIZED_NAME_COUNT) - private Integer count; - - public static final String SERIALIZED_NAME_NEXT = "next"; - @SerializedName(SERIALIZED_NAME_NEXT) - private String next; - - public static final String SERIALIZED_NAME_PREVIOUS = "previous"; - @SerializedName(SERIALIZED_NAME_PREVIOUS) - private String previous; - - public static final String SERIALIZED_NAME_LIST = "list"; - @SerializedName(SERIALIZED_NAME_LIST) - private List list = null; - - - public MediationListDTO count(Integer count) { - - this.count = count; - return this; - } - - /** - * Number of mediation sequences returned. - * @return count - **/ - @javax.annotation.Nullable - @ApiModelProperty(example = "1", value = "Number of mediation sequences returned. ") - - public Integer getCount() { - return count; - } - - - public void setCount(Integer count) { - this.count = count; - } - - - public MediationListDTO next(String next) { - - this.next = next; - return this; - } - - /** - * Link to the next subset of sequences qualified. Empty if no more sequences are to be returned. - * @return next - **/ - @javax.annotation.Nullable - @ApiModelProperty(value = "Link to the next subset of sequences qualified. Empty if no more sequences are to be returned. ") - - public String getNext() { - return next; - } - - - public void setNext(String next) { - this.next = next; - } - - - public MediationListDTO previous(String previous) { - - this.previous = previous; - return this; - } - - /** - * Link to the previous subset of sequences qualified. Empty if current subset is the first subset returned. - * @return previous - **/ - @javax.annotation.Nullable - @ApiModelProperty(value = "Link to the previous subset of sequences qualified. Empty if current subset is the first subset returned. ") - - public String getPrevious() { - return previous; - } - - - public void setPrevious(String previous) { - this.previous = previous; - } - - - public MediationListDTO list(List list) { - - this.list = list; - return this; - } - - /** - * Get list - * @return list - **/ - @javax.annotation.Nullable - @ApiModelProperty(value = "") - - public List getList() { - return list; - } - - - public void setList(List list) { - this.list = list; - } - - - @Override - public boolean equals(Object o) { - if (this == o) { - return true; - } - if (o == null || getClass() != o.getClass()) { - return false; - } - MediationListDTO mediationList = (MediationListDTO) o; - return Objects.equals(this.count, mediationList.count) && - Objects.equals(this.next, mediationList.next) && - Objects.equals(this.previous, mediationList.previous) && - Objects.equals(this.list, mediationList.list); - } - - @Override - public int hashCode() { - return Objects.hash(count, next, previous, list); - } - - -@Override -public String toString() { -StringBuilder sb = new StringBuilder(); -sb.append("class MediationListDTO {\n"); - sb.append(" count: ").append(toIndentedString(count)).append("\n"); - sb.append(" next: ").append(toIndentedString(next)).append("\n"); - sb.append(" previous: ").append(toIndentedString(previous)).append("\n"); - sb.append(" list: ").append(toIndentedString(list)).append("\n"); -sb.append("}"); -return sb.toString(); -} - -/** -* Convert the given object to string with each line indented by 4 spaces -* (except the first line). -*/ -private String toIndentedString(Object o) { -if (o == null) { -return "null"; -} -return o.toString().replace("\n", "\n "); -} - -} - diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ModelProviderDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ModelProviderDTO.java index 24819e6be5..c128fdbfde 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ModelProviderDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ModelProviderDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MonetizationInfoDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MonetizationInfoDTO.java index 0d27730ac2..d51ecc884b 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MonetizationInfoDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MonetizationInfoDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -98,7 +98,8 @@ public MonetizationInfoDTO monetizationPlan(MonetizationPlanEnum monetizationPla * Flag to indicate the monetization plan * @return monetizationPlan **/ - @ApiModelProperty(example = "FixedRate", required = true, value = "Flag to indicate the monetization plan") + @javax.annotation.Nullable + @ApiModelProperty(example = "FixedRate", value = "Flag to indicate the monetization plan") public MonetizationPlanEnum getMonetizationPlan() { return monetizationPlan; diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MonetizationUsagePublishInfoDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MonetizationUsagePublishInfoDTO.java index f81e5c6c50..4f6e5a861c 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MonetizationUsagePublishInfoDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/MonetizationUsagePublishInfoDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/OrganizationDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/OrganizationDTO.java index b8e486f426..4a2e3d8f30 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/OrganizationDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/OrganizationDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/OrganizationInfoDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/OrganizationInfoDTO.java index e1657bd08b..da556dee5c 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/OrganizationInfoDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/OrganizationInfoDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/OrganizationListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/OrganizationListDTO.java index 0532e89e9d..df51a6bc0b 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/OrganizationListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/OrganizationListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PaginationApisDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PaginationApisDTO.java new file mode 100644 index 0000000000..23a1267ca9 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PaginationApisDTO.java @@ -0,0 +1,215 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* PaginationApisDTO +*/ + +public class PaginationApisDTO { + public static final String SERIALIZED_NAME_OFFSET = "offset"; + @SerializedName(SERIALIZED_NAME_OFFSET) + private Integer offset; + + public static final String SERIALIZED_NAME_LIMIT = "limit"; + @SerializedName(SERIALIZED_NAME_LIMIT) + private Integer limit; + + public static final String SERIALIZED_NAME_TOTAL = "total"; + @SerializedName(SERIALIZED_NAME_TOTAL) + private Integer total; + + public static final String SERIALIZED_NAME_NEXT = "next"; + @SerializedName(SERIALIZED_NAME_NEXT) + private String next; + + public static final String SERIALIZED_NAME_PREVIOUS = "previous"; + @SerializedName(SERIALIZED_NAME_PREVIOUS) + private String previous; + + + public PaginationApisDTO offset(Integer offset) { + + this.offset = offset; + return this; + } + + /** + * Get offset + * @return offset + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "0", value = "") + + public Integer getOffset() { + return offset; + } + + + public void setOffset(Integer offset) { + this.offset = offset; + } + + + public PaginationApisDTO limit(Integer limit) { + + this.limit = limit; + return this; + } + + /** + * Get limit + * @return limit + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "1", value = "") + + public Integer getLimit() { + return limit; + } + + + public void setLimit(Integer limit) { + this.limit = limit; + } + + + public PaginationApisDTO total(Integer total) { + + this.total = total; + return this; + } + + /** + * Get total + * @return total + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "10", value = "") + + public Integer getTotal() { + return total; + } + + + public void setTotal(Integer total) { + this.total = total; + } + + + public PaginationApisDTO next(String next) { + + this.next = next; + return this; + } + + /** + * Link to the next subset of resources qualified. Empty if no more resources are to be returned. + * @return next + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Link to the next subset of resources qualified. Empty if no more resources are to be returned. ") + + public String getNext() { + return next; + } + + + public void setNext(String next) { + this.next = next; + } + + + public PaginationApisDTO previous(String previous) { + + this.previous = previous; + return this; + } + + /** + * Link to the previous subset of resources qualified. Empty if current subset is the first subset returned. + * @return previous + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Link to the previous subset of resources qualified. Empty if current subset is the first subset returned. ") + + public String getPrevious() { + return previous; + } + + + public void setPrevious(String previous) { + this.previous = previous; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + PaginationApisDTO paginationApis = (PaginationApisDTO) o; + return Objects.equals(this.offset, paginationApis.offset) && + Objects.equals(this.limit, paginationApis.limit) && + Objects.equals(this.total, paginationApis.total) && + Objects.equals(this.next, paginationApis.next) && + Objects.equals(this.previous, paginationApis.previous); + } + + @Override + public int hashCode() { + return Objects.hash(offset, limit, total, next, previous); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class PaginationApisDTO {\n"); + sb.append(" offset: ").append(toIndentedString(offset)).append("\n"); + sb.append(" limit: ").append(toIndentedString(limit)).append("\n"); + sb.append(" total: ").append(toIndentedString(total)).append("\n"); + sb.append(" next: ").append(toIndentedString(next)).append("\n"); + sb.append(" previous: ").append(toIndentedString(previous)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PaginationDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PaginationDTO.java index 0a51ca3a29..9e55e8719f 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PaginationDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PaginationDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PlatformGatewayResponseDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PlatformGatewayResponseDTO.java new file mode 100644 index 0000000000..9e0df62fd1 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PlatformGatewayResponseDTO.java @@ -0,0 +1,367 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.net.URI; +import java.util.Date; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import org.wso2.am.integration.clients.admin.api.dto.PlatformGatewayResponsePermissionsDTO; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* Platform gateway response (without registration token). Used for list and get. +*/ + @ApiModel(description = "Platform gateway response (without registration token). Used for list and get.") + +public class PlatformGatewayResponseDTO { + public static final String SERIALIZED_NAME_ID = "id"; + @SerializedName(SERIALIZED_NAME_ID) + private String id; + + public static final String SERIALIZED_NAME_NAME = "name"; + @SerializedName(SERIALIZED_NAME_NAME) + private String name; + + public static final String SERIALIZED_NAME_DISPLAY_NAME = "displayName"; + @SerializedName(SERIALIZED_NAME_DISPLAY_NAME) + private String displayName; + + public static final String SERIALIZED_NAME_DESCRIPTION = "description"; + @SerializedName(SERIALIZED_NAME_DESCRIPTION) + private String description; + + public static final String SERIALIZED_NAME_PROPERTIES = "properties"; + @SerializedName(SERIALIZED_NAME_PROPERTIES) + private Map properties = null; + + public static final String SERIALIZED_NAME_VHOST = "vhost"; + @SerializedName(SERIALIZED_NAME_VHOST) + private URI vhost; + + public static final String SERIALIZED_NAME_IS_ACTIVE = "isActive"; + @SerializedName(SERIALIZED_NAME_IS_ACTIVE) + private Boolean isActive; + + public static final String SERIALIZED_NAME_PERMISSIONS = "permissions"; + @SerializedName(SERIALIZED_NAME_PERMISSIONS) + private PlatformGatewayResponsePermissionsDTO permissions; + + public static final String SERIALIZED_NAME_CREATED_AT = "createdAt"; + @SerializedName(SERIALIZED_NAME_CREATED_AT) + private Date createdAt; + + public static final String SERIALIZED_NAME_UPDATED_AT = "updatedAt"; + @SerializedName(SERIALIZED_NAME_UPDATED_AT) + private Date updatedAt; + + + public PlatformGatewayResponseDTO id(String id) { + + this.id = id; + return this; + } + + /** + * Gateway UUID + * @return id + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Gateway UUID") + + public String getId() { + return id; + } + + + public void setId(String id) { + this.id = id; + } + + + public PlatformGatewayResponseDTO name(String name) { + + this.name = name; + return this; + } + + /** + * Get name + * @return name + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public String getName() { + return name; + } + + + public void setName(String name) { + this.name = name; + } + + + public PlatformGatewayResponseDTO displayName(String displayName) { + + this.displayName = displayName; + return this; + } + + /** + * Get displayName + * @return displayName + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public String getDisplayName() { + return displayName; + } + + + public void setDisplayName(String displayName) { + this.displayName = displayName; + } + + + public PlatformGatewayResponseDTO description(String description) { + + this.description = description; + return this; + } + + /** + * Get description + * @return description + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public String getDescription() { + return description; + } + + + public void setDescription(String description) { + this.description = description; + } + + + public PlatformGatewayResponseDTO properties(Map properties) { + + this.properties = properties; + return this; + } + + /** + * Custom key-value properties + * @return properties + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Custom key-value properties") + + public Map getProperties() { + return properties; + } + + + public void setProperties(Map properties) { + this.properties = properties; + } + + + public PlatformGatewayResponseDTO vhost(URI vhost) { + + this.vhost = vhost; + return this; + } + + /** + * Gateway URL (e.g. https://host or https://host:9443). Same name as platform API; type is URL. + * @return vhost + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Gateway URL (e.g. https://host or https://host:9443). Same name as platform API; type is URL.") + + public URI getVhost() { + return vhost; + } + + + public void setVhost(URI vhost) { + this.vhost = vhost; + } + + + public PlatformGatewayResponseDTO isActive(Boolean isActive) { + + this.isActive = isActive; + return this; + } + + /** + * Indicates if the gateway is currently connected to the control plane via WebSocket + * @return isActive + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Indicates if the gateway is currently connected to the control plane via WebSocket") + + public Boolean isIsActive() { + return isActive; + } + + + public void setIsActive(Boolean isActive) { + this.isActive = isActive; + } + + + public PlatformGatewayResponseDTO permissions(PlatformGatewayResponsePermissionsDTO permissions) { + + this.permissions = permissions; + return this; + } + + /** + * Get permissions + * @return permissions + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public PlatformGatewayResponsePermissionsDTO getPermissions() { + return permissions; + } + + + public void setPermissions(PlatformGatewayResponsePermissionsDTO permissions) { + this.permissions = permissions; + } + + + public PlatformGatewayResponseDTO createdAt(Date createdAt) { + + this.createdAt = createdAt; + return this; + } + + /** + * Get createdAt + * @return createdAt + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public Date getCreatedAt() { + return createdAt; + } + + + public void setCreatedAt(Date createdAt) { + this.createdAt = createdAt; + } + + + public PlatformGatewayResponseDTO updatedAt(Date updatedAt) { + + this.updatedAt = updatedAt; + return this; + } + + /** + * Get updatedAt + * @return updatedAt + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public Date getUpdatedAt() { + return updatedAt; + } + + + public void setUpdatedAt(Date updatedAt) { + this.updatedAt = updatedAt; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + PlatformGatewayResponseDTO platformGatewayResponse = (PlatformGatewayResponseDTO) o; + return Objects.equals(this.id, platformGatewayResponse.id) && + Objects.equals(this.name, platformGatewayResponse.name) && + Objects.equals(this.displayName, platformGatewayResponse.displayName) && + Objects.equals(this.description, platformGatewayResponse.description) && + Objects.equals(this.properties, platformGatewayResponse.properties) && + Objects.equals(this.vhost, platformGatewayResponse.vhost) && + Objects.equals(this.isActive, platformGatewayResponse.isActive) && + Objects.equals(this.permissions, platformGatewayResponse.permissions) && + Objects.equals(this.createdAt, platformGatewayResponse.createdAt) && + Objects.equals(this.updatedAt, platformGatewayResponse.updatedAt); + } + + @Override + public int hashCode() { + return Objects.hash(id, name, displayName, description, properties, vhost, isActive, permissions, createdAt, updatedAt); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class PlatformGatewayResponseDTO {\n"); + sb.append(" id: ").append(toIndentedString(id)).append("\n"); + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" displayName: ").append(toIndentedString(displayName)).append("\n"); + sb.append(" description: ").append(toIndentedString(description)).append("\n"); + sb.append(" properties: ").append(toIndentedString(properties)).append("\n"); + sb.append(" vhost: ").append(toIndentedString(vhost)).append("\n"); + sb.append(" isActive: ").append(toIndentedString(isActive)).append("\n"); + sb.append(" permissions: ").append(toIndentedString(permissions)).append("\n"); + sb.append(" createdAt: ").append(toIndentedString(createdAt)).append("\n"); + sb.append(" updatedAt: ").append(toIndentedString(updatedAt)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PlatformGatewayResponsePermissionsDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PlatformGatewayResponsePermissionsDTO.java new file mode 100644 index 0000000000..047866c8e4 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PlatformGatewayResponsePermissionsDTO.java @@ -0,0 +1,180 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* Gateway visibility permissions configuration +*/ + @ApiModel(description = "Gateway visibility permissions configuration") + +public class PlatformGatewayResponsePermissionsDTO { + /** +* Permission type for gateway visibility: - PUBLIC: Gateway is visible to all users - ALLOW: Gateway is visible only to specified roles - DENY: Gateway is hidden from specified roles +*/ + @JsonAdapter(PermissionTypeEnum.Adapter.class) +public enum PermissionTypeEnum { + PUBLIC("PUBLIC"), + + ALLOW("ALLOW"), + + DENY("DENY"); + +private String value; + +PermissionTypeEnum(String value) { +this.value = value; +} + +public String getValue() { +return value; +} + +@Override +public String toString() { +return String.valueOf(value); +} + +public static PermissionTypeEnum fromValue(String value) { + for (PermissionTypeEnum b : PermissionTypeEnum.values()) { + if (b.name().equals(value)) { + return b; + } +} + throw new IllegalArgumentException("Unexpected value '" + value + "'"); +} + + public static class Adapter extends TypeAdapter { + @Override + public void write(final JsonWriter jsonWriter, final PermissionTypeEnum enumeration) throws IOException { + jsonWriter.value(enumeration.getValue()); + } + + @Override + public PermissionTypeEnum read(final JsonReader jsonReader) throws IOException { + String value = jsonReader.nextString(); + return PermissionTypeEnum.fromValue(value); + } + } +} + + public static final String SERIALIZED_NAME_PERMISSION_TYPE = "permissionType"; + @SerializedName(SERIALIZED_NAME_PERMISSION_TYPE) + private PermissionTypeEnum permissionType = PermissionTypeEnum.PUBLIC; + + public static final String SERIALIZED_NAME_ROLES = "roles"; + @SerializedName(SERIALIZED_NAME_ROLES) + private List roles = null; + + + public PlatformGatewayResponsePermissionsDTO permissionType(PermissionTypeEnum permissionType) { + + this.permissionType = permissionType; + return this; + } + + /** + * Permission type for gateway visibility: - PUBLIC: Gateway is visible to all users - ALLOW: Gateway is visible only to specified roles - DENY: Gateway is hidden from specified roles + * @return permissionType + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Permission type for gateway visibility: - PUBLIC: Gateway is visible to all users - ALLOW: Gateway is visible only to specified roles - DENY: Gateway is hidden from specified roles ") + + public PermissionTypeEnum getPermissionType() { + return permissionType; + } + + + public void setPermissionType(PermissionTypeEnum permissionType) { + this.permissionType = permissionType; + } + + + public PlatformGatewayResponsePermissionsDTO roles(List roles) { + + this.roles = roles; + return this; + } + + /** + * List of roles for ALLOW/DENY permission types + * @return roles + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "List of roles for ALLOW/DENY permission types") + + public List getRoles() { + return roles; + } + + + public void setRoles(List roles) { + this.roles = roles; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + PlatformGatewayResponsePermissionsDTO platformGatewayResponsePermissions = (PlatformGatewayResponsePermissionsDTO) o; + return Objects.equals(this.permissionType, platformGatewayResponsePermissions.permissionType) && + Objects.equals(this.roles, platformGatewayResponsePermissions.roles); + } + + @Override + public int hashCode() { + return Objects.hash(permissionType, roles); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class PlatformGatewayResponsePermissionsDTO {\n"); + sb.append(" permissionType: ").append(toIndentedString(permissionType)).append("\n"); + sb.append(" roles: ").append(toIndentedString(roles)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PublishStatusDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PublishStatusDTO.java index 2b3ecb7e04..b47d338a7e 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PublishStatusDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/PublishStatusDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/QueryParameterConditionDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/QueryParameterConditionDTO.java index 9d67006113..d78338136a 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/QueryParameterConditionDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/QueryParameterConditionDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/RequestCountLimitAllOfDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/RequestCountLimitAllOfDTO.java index 9f64786394..2691b5591d 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/RequestCountLimitAllOfDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/RequestCountLimitAllOfDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/RequestCountLimitDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/RequestCountLimitDTO.java index bc59c33b33..4146af84b6 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/RequestCountLimitDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/RequestCountLimitDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/RoleAliasDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/RoleAliasDTO.java index 44dee0171c..4cc2495bee 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/RoleAliasDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/RoleAliasDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/RoleAliasListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/RoleAliasListDTO.java index 66d5da0133..10f3334129 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/RoleAliasListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/RoleAliasListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ScopeDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ScopeDTO.java index 25702ef8e3..535d3597ec 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ScopeDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ScopeDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ScopeInfoDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ScopeInfoDTO.java new file mode 100644 index 0000000000..ce68808c76 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ScopeInfoDTO.java @@ -0,0 +1,188 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* ScopeInfoDTO +*/ + +public class ScopeInfoDTO { + public static final String SERIALIZED_NAME_KEY = "key"; + @SerializedName(SERIALIZED_NAME_KEY) + private String key; + + public static final String SERIALIZED_NAME_NAME = "name"; + @SerializedName(SERIALIZED_NAME_NAME) + private String name; + + public static final String SERIALIZED_NAME_ROLES = "roles"; + @SerializedName(SERIALIZED_NAME_ROLES) + private List roles = null; + + public static final String SERIALIZED_NAME_DESCRIPTION = "description"; + @SerializedName(SERIALIZED_NAME_DESCRIPTION) + private String description; + + + public ScopeInfoDTO key(String key) { + + this.key = key; + return this; + } + + /** + * Get key + * @return key + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "admin_scope", value = "") + + public String getKey() { + return key; + } + + + public void setKey(String key) { + this.key = key; + } + + + public ScopeInfoDTO name(String name) { + + this.name = name; + return this; + } + + /** + * Get name + * @return name + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "admin scope", value = "") + + public String getName() { + return name; + } + + + public void setName(String name) { + this.name = name; + } + + + public ScopeInfoDTO roles(List roles) { + + this.roles = roles; + return this; + } + + /** + * Allowed roles for the scope + * @return roles + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "[\"manager\",\"developer\"]", value = "Allowed roles for the scope") + + public List getRoles() { + return roles; + } + + + public void setRoles(List roles) { + this.roles = roles; + } + + + public ScopeInfoDTO description(String description) { + + this.description = description; + return this; + } + + /** + * Description of the scope + * @return description + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Description of the scope") + + public String getDescription() { + return description; + } + + + public void setDescription(String description) { + this.description = description; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + ScopeInfoDTO scopeInfo = (ScopeInfoDTO) o; + return Objects.equals(this.key, scopeInfo.key) && + Objects.equals(this.name, scopeInfo.name) && + Objects.equals(this.roles, scopeInfo.roles) && + Objects.equals(this.description, scopeInfo.description); + } + + @Override + public int hashCode() { + return Objects.hash(key, name, roles, description); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class ScopeInfoDTO {\n"); + sb.append(" key: ").append(toIndentedString(key)).append("\n"); + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" roles: ").append(toIndentedString(roles)).append("\n"); + sb.append(" description: ").append(toIndentedString(description)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ScopeListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ScopeListDTO.java index 77ab214be1..2334d8c3a3 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ScopeListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ScopeListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ScopeSettingsDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ScopeSettingsDTO.java index a7ceb60a81..db23592528 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ScopeSettingsDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ScopeSettingsDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SearchResultListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SearchResultListDTO.java index 640f081e27..39e0622b8c 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SearchResultListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SearchResultListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SettingsDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SettingsDTO.java index 2f28a6bd70..d4734f1a09 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SettingsDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SettingsDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -25,6 +25,7 @@ import java.io.IOException; import java.util.ArrayList; import java.util.List; +import org.wso2.am.integration.clients.admin.api.dto.SettingsGatewayConfigurationDTO; import org.wso2.am.integration.clients.admin.api.dto.SettingsKeyManagerConfigurationDTO; import com.fasterxml.jackson.annotation.JsonCreator; /** @@ -40,14 +41,42 @@ public class SettingsDTO { @SerializedName(SERIALIZED_NAME_GATEWAY_TYPES) private List gatewayTypes = null; + public static final String SERIALIZED_NAME_IS_J_W_T_ENABLED_FOR_LOGIN_TOKENS = "IsJWTEnabledForLoginTokens"; + @SerializedName(SERIALIZED_NAME_IS_J_W_T_ENABLED_FOR_LOGIN_TOKENS) + private Boolean isJWTEnabledForLoginTokens = false; + + public static final String SERIALIZED_NAME_ORG_ACCESS_CONTROL_ENABLED = "orgAccessControlEnabled"; + @SerializedName(SERIALIZED_NAME_ORG_ACCESS_CONTROL_ENABLED) + private Boolean orgAccessControlEnabled; + public static final String SERIALIZED_NAME_KEY_MANAGER_CONFIGURATION = "keyManagerConfiguration"; @SerializedName(SERIALIZED_NAME_KEY_MANAGER_CONFIGURATION) private List keyManagerConfiguration = null; + public static final String SERIALIZED_NAME_GATEWAY_CONFIGURATION = "gatewayConfiguration"; + @SerializedName(SERIALIZED_NAME_GATEWAY_CONFIGURATION) + private List gatewayConfiguration = null; + public static final String SERIALIZED_NAME_ANALYTICS_ENABLED = "analyticsEnabled"; @SerializedName(SERIALIZED_NAME_ANALYTICS_ENABLED) private Boolean analyticsEnabled; + public static final String SERIALIZED_NAME_TRANSACTION_COUNTER_ENABLE = "transactionCounterEnable"; + @SerializedName(SERIALIZED_NAME_TRANSACTION_COUNTER_ENABLE) + private Boolean transactionCounterEnable; + + public static final String SERIALIZED_NAME_IS_GATEWAY_NOTIFICATION_ENABLED = "isGatewayNotificationEnabled"; + @SerializedName(SERIALIZED_NAME_IS_GATEWAY_NOTIFICATION_ENABLED) + private Boolean isGatewayNotificationEnabled = false; + + public static final String SERIALIZED_NAME_UNIVERSAL_GATEWAY_VERSION = "universalGatewayVersion"; + @SerializedName(SERIALIZED_NAME_UNIVERSAL_GATEWAY_VERSION) + private String universalGatewayVersion; + + public static final String SERIALIZED_NAME_CONSUMPTION_EXPORT_ENABLED = "consumptionExportEnabled"; + @SerializedName(SERIALIZED_NAME_CONSUMPTION_EXPORT_ENABLED) + private Boolean consumptionExportEnabled; + public SettingsDTO scopes(List scopes) { @@ -95,6 +124,52 @@ public void setGatewayTypes(List gatewayTypes) { } + public SettingsDTO isJWTEnabledForLoginTokens(Boolean isJWTEnabledForLoginTokens) { + + this.isJWTEnabledForLoginTokens = isJWTEnabledForLoginTokens; + return this; + } + + /** + * Get isJWTEnabledForLoginTokens + * @return isJWTEnabledForLoginTokens + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public Boolean isIsJWTEnabledForLoginTokens() { + return isJWTEnabledForLoginTokens; + } + + + public void setIsJWTEnabledForLoginTokens(Boolean isJWTEnabledForLoginTokens) { + this.isJWTEnabledForLoginTokens = isJWTEnabledForLoginTokens; + } + + + public SettingsDTO orgAccessControlEnabled(Boolean orgAccessControlEnabled) { + + this.orgAccessControlEnabled = orgAccessControlEnabled; + return this; + } + + /** + * Is Organization-based access control configuration enabled + * @return orgAccessControlEnabled + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "true", value = "Is Organization-based access control configuration enabled ") + + public Boolean isOrgAccessControlEnabled() { + return orgAccessControlEnabled; + } + + + public void setOrgAccessControlEnabled(Boolean orgAccessControlEnabled) { + this.orgAccessControlEnabled = orgAccessControlEnabled; + } + + public SettingsDTO keyManagerConfiguration(List keyManagerConfiguration) { this.keyManagerConfiguration = keyManagerConfiguration; @@ -118,6 +193,29 @@ public void setKeyManagerConfiguration(List } + public SettingsDTO gatewayConfiguration(List gatewayConfiguration) { + + this.gatewayConfiguration = gatewayConfiguration; + return this; + } + + /** + * Get gatewayConfiguration + * @return gatewayConfiguration + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getGatewayConfiguration() { + return gatewayConfiguration; + } + + + public void setGatewayConfiguration(List gatewayConfiguration) { + this.gatewayConfiguration = gatewayConfiguration; + } + + public SettingsDTO analyticsEnabled(Boolean analyticsEnabled) { this.analyticsEnabled = analyticsEnabled; @@ -141,6 +239,98 @@ public void setAnalyticsEnabled(Boolean analyticsEnabled) { } + public SettingsDTO transactionCounterEnable(Boolean transactionCounterEnable) { + + this.transactionCounterEnable = transactionCounterEnable; + return this; + } + + /** + * To determine whether the transaction counter is enabled or not + * @return transactionCounterEnable + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "false", value = "To determine whether the transaction counter is enabled or not") + + public Boolean isTransactionCounterEnable() { + return transactionCounterEnable; + } + + + public void setTransactionCounterEnable(Boolean transactionCounterEnable) { + this.transactionCounterEnable = transactionCounterEnable; + } + + + public SettingsDTO isGatewayNotificationEnabled(Boolean isGatewayNotificationEnabled) { + + this.isGatewayNotificationEnabled = isGatewayNotificationEnabled; + return this; + } + + /** + * Is Gateway Notification Enabled + * @return isGatewayNotificationEnabled + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Is Gateway Notification Enabled") + + public Boolean isIsGatewayNotificationEnabled() { + return isGatewayNotificationEnabled; + } + + + public void setIsGatewayNotificationEnabled(Boolean isGatewayNotificationEnabled) { + this.isGatewayNotificationEnabled = isGatewayNotificationEnabled; + } + + + public SettingsDTO universalGatewayVersion(String universalGatewayVersion) { + + this.universalGatewayVersion = universalGatewayVersion; + return this; + } + + /** + * Universal Gateway version for quick-start guide (e.g. \"1.0.0\") + * @return universalGatewayVersion + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "1.0.0", value = "Universal Gateway version for quick-start guide (e.g. \"1.0.0\")") + + public String getUniversalGatewayVersion() { + return universalGatewayVersion; + } + + + public void setUniversalGatewayVersion(String universalGatewayVersion) { + this.universalGatewayVersion = universalGatewayVersion; + } + + + public SettingsDTO consumptionExportEnabled(Boolean consumptionExportEnabled) { + + this.consumptionExportEnabled = consumptionExportEnabled; + return this; + } + + /** + * Whether the ConsumptionDataExportService OSGi service is available + * @return consumptionExportEnabled + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "false", value = "Whether the ConsumptionDataExportService OSGi service is available") + + public Boolean isConsumptionExportEnabled() { + return consumptionExportEnabled; + } + + + public void setConsumptionExportEnabled(Boolean consumptionExportEnabled) { + this.consumptionExportEnabled = consumptionExportEnabled; + } + + @Override public boolean equals(Object o) { if (this == o) { @@ -152,13 +342,20 @@ public boolean equals(Object o) { SettingsDTO settings = (SettingsDTO) o; return Objects.equals(this.scopes, settings.scopes) && Objects.equals(this.gatewayTypes, settings.gatewayTypes) && + Objects.equals(this.isJWTEnabledForLoginTokens, settings.isJWTEnabledForLoginTokens) && + Objects.equals(this.orgAccessControlEnabled, settings.orgAccessControlEnabled) && Objects.equals(this.keyManagerConfiguration, settings.keyManagerConfiguration) && - Objects.equals(this.analyticsEnabled, settings.analyticsEnabled); + Objects.equals(this.gatewayConfiguration, settings.gatewayConfiguration) && + Objects.equals(this.analyticsEnabled, settings.analyticsEnabled) && + Objects.equals(this.transactionCounterEnable, settings.transactionCounterEnable) && + Objects.equals(this.isGatewayNotificationEnabled, settings.isGatewayNotificationEnabled) && + Objects.equals(this.universalGatewayVersion, settings.universalGatewayVersion) && + Objects.equals(this.consumptionExportEnabled, settings.consumptionExportEnabled); } @Override public int hashCode() { - return Objects.hash(scopes, gatewayTypes, keyManagerConfiguration, analyticsEnabled); + return Objects.hash(scopes, gatewayTypes, isJWTEnabledForLoginTokens, orgAccessControlEnabled, keyManagerConfiguration, gatewayConfiguration, analyticsEnabled, transactionCounterEnable, isGatewayNotificationEnabled, universalGatewayVersion, consumptionExportEnabled); } @@ -168,8 +365,15 @@ public String toString() { sb.append("class SettingsDTO {\n"); sb.append(" scopes: ").append(toIndentedString(scopes)).append("\n"); sb.append(" gatewayTypes: ").append(toIndentedString(gatewayTypes)).append("\n"); + sb.append(" isJWTEnabledForLoginTokens: ").append(toIndentedString(isJWTEnabledForLoginTokens)).append("\n"); + sb.append(" orgAccessControlEnabled: ").append(toIndentedString(orgAccessControlEnabled)).append("\n"); sb.append(" keyManagerConfiguration: ").append(toIndentedString(keyManagerConfiguration)).append("\n"); + sb.append(" gatewayConfiguration: ").append(toIndentedString(gatewayConfiguration)).append("\n"); sb.append(" analyticsEnabled: ").append(toIndentedString(analyticsEnabled)).append("\n"); + sb.append(" transactionCounterEnable: ").append(toIndentedString(transactionCounterEnable)).append("\n"); + sb.append(" isGatewayNotificationEnabled: ").append(toIndentedString(isGatewayNotificationEnabled)).append("\n"); + sb.append(" universalGatewayVersion: ").append(toIndentedString(universalGatewayVersion)).append("\n"); + sb.append(" consumptionExportEnabled: ").append(toIndentedString(consumptionExportEnabled)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SettingsGatewayConfigurationDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SettingsGatewayConfigurationDTO.java new file mode 100644 index 0000000000..dffd71946e --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SettingsGatewayConfigurationDTO.java @@ -0,0 +1,218 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import org.wso2.am.integration.clients.admin.api.dto.GatewayConfigurationDTO; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* SettingsGatewayConfigurationDTO +*/ + +public class SettingsGatewayConfigurationDTO { + public static final String SERIALIZED_NAME_TYPE = "type"; + @SerializedName(SERIALIZED_NAME_TYPE) + private String type; + + public static final String SERIALIZED_NAME_DISPLAY_NAME = "displayName"; + @SerializedName(SERIALIZED_NAME_DISPLAY_NAME) + private String displayName; + + public static final String SERIALIZED_NAME_SUPPORTED_MODES = "supportedModes"; + @SerializedName(SERIALIZED_NAME_SUPPORTED_MODES) + private List supportedModes = null; + + public static final String SERIALIZED_NAME_CONFIGURATIONS = "configurations"; + @SerializedName(SERIALIZED_NAME_CONFIGURATIONS) + private List configurations = null; + + public static final String SERIALIZED_NAME_DEFAULT_HOSTNAME_TEMPLATE = "defaultHostnameTemplate"; + @SerializedName(SERIALIZED_NAME_DEFAULT_HOSTNAME_TEMPLATE) + private String defaultHostnameTemplate; + + + public SettingsGatewayConfigurationDTO type(String type) { + + this.type = type; + return this; + } + + /** + * Get type + * @return type + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "default", value = "") + + public String getType() { + return type; + } + + + public void setType(String type) { + this.type = type; + } + + + public SettingsGatewayConfigurationDTO displayName(String displayName) { + + this.displayName = displayName; + return this; + } + + /** + * Get displayName + * @return displayName + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "default", value = "") + + public String getDisplayName() { + return displayName; + } + + + public void setDisplayName(String displayName) { + this.displayName = displayName; + } + + + public SettingsGatewayConfigurationDTO supportedModes(List supportedModes) { + + this.supportedModes = supportedModes; + return this; + } + + /** + * Get supportedModes + * @return supportedModes + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getSupportedModes() { + return supportedModes; + } + + + public void setSupportedModes(List supportedModes) { + this.supportedModes = supportedModes; + } + + + public SettingsGatewayConfigurationDTO configurations(List configurations) { + + this.configurations = configurations; + return this; + } + + /** + * Get configurations + * @return configurations + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getConfigurations() { + return configurations; + } + + + public void setConfigurations(List configurations) { + this.configurations = configurations; + } + + + public SettingsGatewayConfigurationDTO defaultHostnameTemplate(String defaultHostnameTemplate) { + + this.defaultHostnameTemplate = defaultHostnameTemplate; + return this; + } + + /** + * Get defaultHostnameTemplate + * @return defaultHostnameTemplate + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "{apiId}.execute-api.{region}.amazonaws.com", value = "") + + public String getDefaultHostnameTemplate() { + return defaultHostnameTemplate; + } + + + public void setDefaultHostnameTemplate(String defaultHostnameTemplate) { + this.defaultHostnameTemplate = defaultHostnameTemplate; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + SettingsGatewayConfigurationDTO settingsGatewayConfiguration = (SettingsGatewayConfigurationDTO) o; + return Objects.equals(this.type, settingsGatewayConfiguration.type) && + Objects.equals(this.displayName, settingsGatewayConfiguration.displayName) && + Objects.equals(this.supportedModes, settingsGatewayConfiguration.supportedModes) && + Objects.equals(this.configurations, settingsGatewayConfiguration.configurations) && + Objects.equals(this.defaultHostnameTemplate, settingsGatewayConfiguration.defaultHostnameTemplate); + } + + @Override + public int hashCode() { + return Objects.hash(type, displayName, supportedModes, configurations, defaultHostnameTemplate); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class SettingsGatewayConfigurationDTO {\n"); + sb.append(" type: ").append(toIndentedString(type)).append("\n"); + sb.append(" displayName: ").append(toIndentedString(displayName)).append("\n"); + sb.append(" supportedModes: ").append(toIndentedString(supportedModes)).append("\n"); + sb.append(" configurations: ").append(toIndentedString(configurations)).append("\n"); + sb.append(" defaultHostnameTemplate: ").append(toIndentedString(defaultHostnameTemplate)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SettingsKeyManagerConfigurationDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SettingsKeyManagerConfigurationDTO.java index 1ceaa1aa06..f2a5323445 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SettingsKeyManagerConfigurationDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SettingsKeyManagerConfigurationDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -25,6 +25,7 @@ import java.io.IOException; import java.util.ArrayList; import java.util.List; +import org.wso2.am.integration.clients.admin.api.dto.ConfigurationConstraintDTO; import org.wso2.am.integration.clients.admin.api.dto.KeyManagerConfigurationDTO; import com.fasterxml.jackson.annotation.JsonCreator; /** @@ -48,10 +49,22 @@ public class SettingsKeyManagerConfigurationDTO { @SerializedName(SERIALIZED_NAME_DEFAULT_SCOPES_CLAIM) private String defaultScopesClaim; + public static final String SERIALIZED_NAME_AUTH_CONFIGURATIONS = "authConfigurations"; + @SerializedName(SERIALIZED_NAME_AUTH_CONFIGURATIONS) + private List authConfigurations = null; + public static final String SERIALIZED_NAME_CONFIGURATIONS = "configurations"; @SerializedName(SERIALIZED_NAME_CONFIGURATIONS) private List configurations = null; + public static final String SERIALIZED_NAME_ENDPOINT_CONFIGURATIONS = "endpointConfigurations"; + @SerializedName(SERIALIZED_NAME_ENDPOINT_CONFIGURATIONS) + private List endpointConfigurations = null; + + public static final String SERIALIZED_NAME_CONFIGURATION_CONSTRAINTS = "configurationConstraints"; + @SerializedName(SERIALIZED_NAME_CONFIGURATION_CONSTRAINTS) + private List configurationConstraints = null; + public SettingsKeyManagerConfigurationDTO type(String type) { @@ -145,6 +158,29 @@ public void setDefaultScopesClaim(String defaultScopesClaim) { } + public SettingsKeyManagerConfigurationDTO authConfigurations(List authConfigurations) { + + this.authConfigurations = authConfigurations; + return this; + } + + /** + * Get authConfigurations + * @return authConfigurations + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getAuthConfigurations() { + return authConfigurations; + } + + + public void setAuthConfigurations(List authConfigurations) { + this.authConfigurations = authConfigurations; + } + + public SettingsKeyManagerConfigurationDTO configurations(List configurations) { this.configurations = configurations; @@ -168,6 +204,52 @@ public void setConfigurations(List configurations) { } + public SettingsKeyManagerConfigurationDTO endpointConfigurations(List endpointConfigurations) { + + this.endpointConfigurations = endpointConfigurations; + return this; + } + + /** + * Get endpointConfigurations + * @return endpointConfigurations + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getEndpointConfigurations() { + return endpointConfigurations; + } + + + public void setEndpointConfigurations(List endpointConfigurations) { + this.endpointConfigurations = endpointConfigurations; + } + + + public SettingsKeyManagerConfigurationDTO configurationConstraints(List configurationConstraints) { + + this.configurationConstraints = configurationConstraints; + return this; + } + + /** + * Get configurationConstraints + * @return configurationConstraints + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getConfigurationConstraints() { + return configurationConstraints; + } + + + public void setConfigurationConstraints(List configurationConstraints) { + this.configurationConstraints = configurationConstraints; + } + + @Override public boolean equals(Object o) { if (this == o) { @@ -181,12 +263,15 @@ public boolean equals(Object o) { Objects.equals(this.displayName, settingsKeyManagerConfiguration.displayName) && Objects.equals(this.defaultConsumerKeyClaim, settingsKeyManagerConfiguration.defaultConsumerKeyClaim) && Objects.equals(this.defaultScopesClaim, settingsKeyManagerConfiguration.defaultScopesClaim) && - Objects.equals(this.configurations, settingsKeyManagerConfiguration.configurations); + Objects.equals(this.authConfigurations, settingsKeyManagerConfiguration.authConfigurations) && + Objects.equals(this.configurations, settingsKeyManagerConfiguration.configurations) && + Objects.equals(this.endpointConfigurations, settingsKeyManagerConfiguration.endpointConfigurations) && + Objects.equals(this.configurationConstraints, settingsKeyManagerConfiguration.configurationConstraints); } @Override public int hashCode() { - return Objects.hash(type, displayName, defaultConsumerKeyClaim, defaultScopesClaim, configurations); + return Objects.hash(type, displayName, defaultConsumerKeyClaim, defaultScopesClaim, authConfigurations, configurations, endpointConfigurations, configurationConstraints); } @@ -198,7 +283,10 @@ public String toString() { sb.append(" displayName: ").append(toIndentedString(displayName)).append("\n"); sb.append(" defaultConsumerKeyClaim: ").append(toIndentedString(defaultConsumerKeyClaim)).append("\n"); sb.append(" defaultScopesClaim: ").append(toIndentedString(defaultScopesClaim)).append("\n"); + sb.append(" authConfigurations: ").append(toIndentedString(authConfigurations)).append("\n"); sb.append(" configurations: ").append(toIndentedString(configurations)).append("\n"); + sb.append(" endpointConfigurations: ").append(toIndentedString(endpointConfigurations)).append("\n"); + sb.append(" configurationConstraints: ").append(toIndentedString(configurationConstraints)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SubscriptionThrottlePolicyAllOfDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SubscriptionThrottlePolicyAllOfDTO.java index d4ba063eec..fbb92eb260 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SubscriptionThrottlePolicyAllOfDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SubscriptionThrottlePolicyAllOfDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -51,6 +51,10 @@ public class SubscriptionThrottlePolicyAllOfDTO { @SerializedName(SERIALIZED_NAME_RATE_LIMIT_TIME_UNIT) private String rateLimitTimeUnit; + public static final String SERIALIZED_NAME_SUBSCRIBER_COUNT = "subscriberCount"; + @SerializedName(SERIALIZED_NAME_SUBSCRIBER_COUNT) + private Integer subscriberCount; + public static final String SERIALIZED_NAME_CUSTOM_ATTRIBUTES = "customAttributes"; @SerializedName(SERIALIZED_NAME_CUSTOM_ATTRIBUTES) private List customAttributes = null; @@ -67,10 +71,6 @@ public class SubscriptionThrottlePolicyAllOfDTO { @SerializedName(SERIALIZED_NAME_PERMISSIONS) private SubscriptionThrottlePolicyPermissionDTO permissions; - public static final String SERIALIZED_NAME_SUBSCRIBER_COUNT = "subscriberCount"; - @SerializedName(SERIALIZED_NAME_SUBSCRIBER_COUNT) - private Integer subscriberCount; - public SubscriptionThrottlePolicyAllOfDTO defaultLimit(ThrottleLimitDTO defaultLimit) { @@ -163,6 +163,29 @@ public void setRateLimitTimeUnit(String rateLimitTimeUnit) { } + public SubscriptionThrottlePolicyAllOfDTO subscriberCount(Integer subscriberCount) { + + this.subscriberCount = subscriberCount; + return this; + } + + /** + * Number of subscriptions allowed + * @return subscriberCount + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "10", value = "Number of subscriptions allowed") + + public Integer getSubscriberCount() { + return subscriberCount; + } + + + public void setSubscriberCount(Integer subscriberCount) { + this.subscriberCount = subscriberCount; + } + + public SubscriptionThrottlePolicyAllOfDTO customAttributes(List customAttributes) { this.customAttributes = customAttributes; @@ -255,29 +278,6 @@ public void setPermissions(SubscriptionThrottlePolicyPermissionDTO permissions) } - public SubscriptionThrottlePolicyAllOfDTO subscriberCount(Integer subscriberCount) { - - this.subscriberCount = subscriberCount; - return this; - } - - /** - * Number of subscriptions allowed - * @return subscriberCount - **/ - @javax.annotation.Nullable - @ApiModelProperty(example = "10", value = "Number of subscriptions allowed ") - - public Integer getSubscriberCount() { - return subscriberCount; - } - - - public void setSubscriberCount(Integer subscriberCount) { - this.subscriberCount = subscriberCount; - } - - @Override public boolean equals(Object o) { if (this == o) { @@ -291,16 +291,16 @@ public boolean equals(Object o) { Objects.equals(this.monetization, subscriptionThrottlePolicyAllOf.monetization) && Objects.equals(this.rateLimitCount, subscriptionThrottlePolicyAllOf.rateLimitCount) && Objects.equals(this.rateLimitTimeUnit, subscriptionThrottlePolicyAllOf.rateLimitTimeUnit) && + Objects.equals(this.subscriberCount, subscriptionThrottlePolicyAllOf.subscriberCount) && Objects.equals(this.customAttributes, subscriptionThrottlePolicyAllOf.customAttributes) && Objects.equals(this.stopOnQuotaReach, subscriptionThrottlePolicyAllOf.stopOnQuotaReach) && Objects.equals(this.billingPlan, subscriptionThrottlePolicyAllOf.billingPlan) && - Objects.equals(this.permissions, subscriptionThrottlePolicyAllOf.permissions) && - Objects.equals(this.subscriberCount, subscriptionThrottlePolicyAllOf.subscriberCount); + Objects.equals(this.permissions, subscriptionThrottlePolicyAllOf.permissions); } @Override public int hashCode() { - return Objects.hash(defaultLimit, monetization, rateLimitCount, rateLimitTimeUnit, customAttributes, stopOnQuotaReach, billingPlan, permissions, subscriberCount); + return Objects.hash(defaultLimit, monetization, rateLimitCount, rateLimitTimeUnit, subscriberCount, customAttributes, stopOnQuotaReach, billingPlan, permissions); } @@ -312,11 +312,11 @@ public String toString() { sb.append(" monetization: ").append(toIndentedString(monetization)).append("\n"); sb.append(" rateLimitCount: ").append(toIndentedString(rateLimitCount)).append("\n"); sb.append(" rateLimitTimeUnit: ").append(toIndentedString(rateLimitTimeUnit)).append("\n"); + sb.append(" subscriberCount: ").append(toIndentedString(subscriberCount)).append("\n"); sb.append(" customAttributes: ").append(toIndentedString(customAttributes)).append("\n"); sb.append(" stopOnQuotaReach: ").append(toIndentedString(stopOnQuotaReach)).append("\n"); sb.append(" billingPlan: ").append(toIndentedString(billingPlan)).append("\n"); sb.append(" permissions: ").append(toIndentedString(permissions)).append("\n"); - sb.append(" subscriberCount: ").append(toIndentedString(subscriberCount)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SubscriptionThrottlePolicyDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SubscriptionThrottlePolicyDTO.java index 7630737832..e4c5b77374 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SubscriptionThrottlePolicyDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SubscriptionThrottlePolicyDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -62,6 +62,10 @@ public class SubscriptionThrottlePolicyDTO extends ThrottlePolicyDTO { @SerializedName(SERIALIZED_NAME_RATE_LIMIT_TIME_UNIT) private String rateLimitTimeUnit; + public static final String SERIALIZED_NAME_SUBSCRIBER_COUNT = "subscriberCount"; + @SerializedName(SERIALIZED_NAME_SUBSCRIBER_COUNT) + private Integer subscriberCount; + public static final String SERIALIZED_NAME_CUSTOM_ATTRIBUTES = "customAttributes"; @SerializedName(SERIALIZED_NAME_CUSTOM_ATTRIBUTES) private List customAttributes = null; @@ -78,10 +82,6 @@ public class SubscriptionThrottlePolicyDTO extends ThrottlePolicyDTO { @SerializedName(SERIALIZED_NAME_PERMISSIONS) private SubscriptionThrottlePolicyPermissionDTO permissions; - public static final String SERIALIZED_NAME_SUBSCRIBER_COUNT = "subscriberCount"; - @SerializedName(SERIALIZED_NAME_SUBSCRIBER_COUNT) - private Integer subscriberCount; - public SubscriptionThrottlePolicyDTO graphQLMaxComplexity(Integer graphQLMaxComplexity) { @@ -220,6 +220,29 @@ public void setRateLimitTimeUnit(String rateLimitTimeUnit) { } + public SubscriptionThrottlePolicyDTO subscriberCount(Integer subscriberCount) { + + this.subscriberCount = subscriberCount; + return this; + } + + /** + * Number of subscriptions allowed + * @return subscriberCount + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "10", value = "Number of subscriptions allowed") + + public Integer getSubscriberCount() { + return subscriberCount; + } + + + public void setSubscriberCount(Integer subscriberCount) { + this.subscriberCount = subscriberCount; + } + + public SubscriptionThrottlePolicyDTO customAttributes(List customAttributes) { this.customAttributes = customAttributes; @@ -312,29 +335,6 @@ public void setPermissions(SubscriptionThrottlePolicyPermissionDTO permissions) } - public SubscriptionThrottlePolicyDTO subscriberCount(Integer subscriberCount) { - - this.subscriberCount = subscriberCount; - return this; - } - - /** - * Number of subscriptions allowed - * @return subscriberCount - **/ - @javax.annotation.Nullable - @ApiModelProperty(example = "10", value = "Number of subscriptions allowed ") - - public Integer getSubscriberCount() { - return subscriberCount; - } - - - public void setSubscriberCount(Integer subscriberCount) { - this.subscriberCount = subscriberCount; - } - - @Override public boolean equals(Object o) { if (this == o) { @@ -350,17 +350,17 @@ public boolean equals(Object o) { Objects.equals(this.monetization, subscriptionThrottlePolicy.monetization) && Objects.equals(this.rateLimitCount, subscriptionThrottlePolicy.rateLimitCount) && Objects.equals(this.rateLimitTimeUnit, subscriptionThrottlePolicy.rateLimitTimeUnit) && + Objects.equals(this.subscriberCount, subscriptionThrottlePolicy.subscriberCount) && Objects.equals(this.customAttributes, subscriptionThrottlePolicy.customAttributes) && Objects.equals(this.stopOnQuotaReach, subscriptionThrottlePolicy.stopOnQuotaReach) && Objects.equals(this.billingPlan, subscriptionThrottlePolicy.billingPlan) && Objects.equals(this.permissions, subscriptionThrottlePolicy.permissions) && - Objects.equals(this.subscriberCount, subscriptionThrottlePolicy.subscriberCount) && super.equals(o); } @Override public int hashCode() { - return Objects.hash(graphQLMaxComplexity, graphQLMaxDepth, defaultLimit, monetization, rateLimitCount, rateLimitTimeUnit, customAttributes, stopOnQuotaReach, billingPlan, permissions, subscriberCount, super.hashCode()); + return Objects.hash(graphQLMaxComplexity, graphQLMaxDepth, defaultLimit, monetization, rateLimitCount, rateLimitTimeUnit, subscriberCount, customAttributes, stopOnQuotaReach, billingPlan, permissions, super.hashCode()); } @@ -375,11 +375,11 @@ public String toString() { sb.append(" monetization: ").append(toIndentedString(monetization)).append("\n"); sb.append(" rateLimitCount: ").append(toIndentedString(rateLimitCount)).append("\n"); sb.append(" rateLimitTimeUnit: ").append(toIndentedString(rateLimitTimeUnit)).append("\n"); + sb.append(" subscriberCount: ").append(toIndentedString(subscriberCount)).append("\n"); sb.append(" customAttributes: ").append(toIndentedString(customAttributes)).append("\n"); sb.append(" stopOnQuotaReach: ").append(toIndentedString(stopOnQuotaReach)).append("\n"); sb.append(" billingPlan: ").append(toIndentedString(billingPlan)).append("\n"); sb.append(" permissions: ").append(toIndentedString(permissions)).append("\n"); - sb.append(" subscriberCount: ").append(toIndentedString(subscriberCount)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SubscriptionThrottlePolicyListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SubscriptionThrottlePolicyListDTO.java index 0afd5d72eb..75ab100e68 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SubscriptionThrottlePolicyListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SubscriptionThrottlePolicyListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SubscriptionThrottlePolicyPermissionDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SubscriptionThrottlePolicyPermissionDTO.java index f0acd88903..ac8fe6c859 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SubscriptionThrottlePolicyPermissionDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/SubscriptionThrottlePolicyPermissionDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/TenantInfoDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/TenantInfoDTO.java index 46498d2e52..4352ca07d3 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/TenantInfoDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/TenantInfoDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottleConditionDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottleConditionDTO.java index 4995950e5f..ece63dece1 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottleConditionDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottleConditionDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottleLimitBaseDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottleLimitBaseDTO.java index 051c229afa..99dbd6136e 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottleLimitBaseDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottleLimitBaseDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottleLimitDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottleLimitDTO.java index c5969fc7a6..d286fd6856 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottleLimitDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottleLimitDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottlePolicyDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottlePolicyDTO.java index fc025c814c..a2407bcf60 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottlePolicyDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottlePolicyDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottlePolicyDetailsDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottlePolicyDetailsDTO.java index 757039f135..ad25844312 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottlePolicyDetailsDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottlePolicyDetailsDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottlePolicyDetailsListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottlePolicyDetailsListDTO.java index 213cf220c0..57df094232 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottlePolicyDetailsListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottlePolicyDetailsListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottlePolicyListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottlePolicyListDTO.java new file mode 100644 index 0000000000..2105b88099 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/ThrottlePolicyListDTO.java @@ -0,0 +1,161 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import org.wso2.am.integration.clients.admin.api.dto.PaginationDTO; +import org.wso2.am.integration.clients.admin.api.dto.ThrottlePolicyDTO; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* ThrottlePolicyListDTO +*/ + +public class ThrottlePolicyListDTO { + public static final String SERIALIZED_NAME_COUNT = "count"; + @SerializedName(SERIALIZED_NAME_COUNT) + private Integer count; + + public static final String SERIALIZED_NAME_LIST = "list"; + @SerializedName(SERIALIZED_NAME_LIST) + private List list = null; + + public static final String SERIALIZED_NAME_PAGINATION = "pagination"; + @SerializedName(SERIALIZED_NAME_PAGINATION) + private PaginationDTO pagination; + + + public ThrottlePolicyListDTO count(Integer count) { + + this.count = count; + return this; + } + + /** + * Number of Throttling Policies returned. + * @return count + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "1", value = "Number of Throttling Policies returned. ") + + public Integer getCount() { + return count; + } + + + public void setCount(Integer count) { + this.count = count; + } + + + public ThrottlePolicyListDTO list(List list) { + + this.list = list; + return this; + } + + /** + * Get list + * @return list + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public List getList() { + return list; + } + + + public void setList(List list) { + this.list = list; + } + + + public ThrottlePolicyListDTO pagination(PaginationDTO pagination) { + + this.pagination = pagination; + return this; + } + + /** + * Get pagination + * @return pagination + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public PaginationDTO getPagination() { + return pagination; + } + + + public void setPagination(PaginationDTO pagination) { + this.pagination = pagination; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + ThrottlePolicyListDTO throttlePolicyList = (ThrottlePolicyListDTO) o; + return Objects.equals(this.count, throttlePolicyList.count) && + Objects.equals(this.list, throttlePolicyList.list) && + Objects.equals(this.pagination, throttlePolicyList.pagination); + } + + @Override + public int hashCode() { + return Objects.hash(count, list, pagination); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class ThrottlePolicyListDTO {\n"); + sb.append(" count: ").append(toIndentedString(count)).append("\n"); + sb.append(" list: ").append(toIndentedString(list)).append("\n"); + sb.append(" pagination: ").append(toIndentedString(pagination)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/TokenValidationDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/TokenValidationDTO.java index e0de4b27d8..226079dc54 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/TokenValidationDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/TokenValidationDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/TransactionCountDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/TransactionCountDTO.java new file mode 100644 index 0000000000..af3591aee3 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/TransactionCountDTO.java @@ -0,0 +1,99 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* TransactionCountDTO +*/ + +public class TransactionCountDTO { + public static final String SERIALIZED_NAME_COUNT = "count"; + @SerializedName(SERIALIZED_NAME_COUNT) + private Integer count; + + + public TransactionCountDTO count(Integer count) { + + this.count = count; + return this; + } + + /** + * Get count + * @return count + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "120", value = "") + + public Integer getCount() { + return count; + } + + + public void setCount(Integer count) { + this.count = count; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + TransactionCountDTO transactionCount = (TransactionCountDTO) o; + return Objects.equals(this.count, transactionCount.count); + } + + @Override + public int hashCode() { + return Objects.hash(count); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class TransactionCountDTO {\n"); + sb.append(" count: ").append(toIndentedString(count)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/UpdatePlatformGatewayRequestDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/UpdatePlatformGatewayRequestDTO.java new file mode 100644 index 0000000000..816f55ea44 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/UpdatePlatformGatewayRequestDTO.java @@ -0,0 +1,247 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.net.URI; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import org.wso2.am.integration.clients.admin.api.dto.UpdatePlatformGatewayRequestPermissionsDTO; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* Request body for PUT /gateways/{gatewayId}. Per PUT semantics, send the full resource representation. Name and vhost are immutable (server validates they match the existing gateway). +*/ + @ApiModel(description = "Request body for PUT /gateways/{gatewayId}. Per PUT semantics, send the full resource representation. Name and vhost are immutable (server validates they match the existing gateway). ") + +public class UpdatePlatformGatewayRequestDTO { + public static final String SERIALIZED_NAME_NAME = "name"; + @SerializedName(SERIALIZED_NAME_NAME) + private String name; + + public static final String SERIALIZED_NAME_VHOST = "vhost"; + @SerializedName(SERIALIZED_NAME_VHOST) + private URI vhost; + + public static final String SERIALIZED_NAME_DISPLAY_NAME = "displayName"; + @SerializedName(SERIALIZED_NAME_DISPLAY_NAME) + private String displayName; + + public static final String SERIALIZED_NAME_DESCRIPTION = "description"; + @SerializedName(SERIALIZED_NAME_DESCRIPTION) + private String description; + + public static final String SERIALIZED_NAME_PROPERTIES = "properties"; + @SerializedName(SERIALIZED_NAME_PROPERTIES) + private Map properties = null; + + public static final String SERIALIZED_NAME_PERMISSIONS = "permissions"; + @SerializedName(SERIALIZED_NAME_PERMISSIONS) + private UpdatePlatformGatewayRequestPermissionsDTO permissions; + + + public UpdatePlatformGatewayRequestDTO name(String name) { + + this.name = name; + return this; + } + + /** + * Gateway identifier (immutable; must match existing). Required for PUT full representation. + * @return name + **/ + @ApiModelProperty(required = true, value = "Gateway identifier (immutable; must match existing). Required for PUT full representation.") + + public String getName() { + return name; + } + + + public void setName(String name) { + this.name = name; + } + + + public UpdatePlatformGatewayRequestDTO vhost(URI vhost) { + + this.vhost = vhost; + return this; + } + + /** + * Gateway URL (immutable; must match existing). Same name as platform API; type is URL. Example https://mg.wso2.com + * @return vhost + **/ + @ApiModelProperty(example = "https://mg.wso2.com", required = true, value = "Gateway URL (immutable; must match existing). Same name as platform API; type is URL. Example https://mg.wso2.com") + + public URI getVhost() { + return vhost; + } + + + public void setVhost(URI vhost) { + this.vhost = vhost; + } + + + public UpdatePlatformGatewayRequestDTO displayName(String displayName) { + + this.displayName = displayName; + return this; + } + + /** + * Human-readable gateway name + * @return displayName + **/ + @ApiModelProperty(example = "Production Gateway 01", required = true, value = "Human-readable gateway name") + + public String getDisplayName() { + return displayName; + } + + + public void setDisplayName(String displayName) { + this.displayName = displayName; + } + + + public UpdatePlatformGatewayRequestDTO description(String description) { + + this.description = description; + return this; + } + + /** + * Optional description + * @return description + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "Optional description") + + public String getDescription() { + return description; + } + + + public void setDescription(String description) { + this.description = description; + } + + + public UpdatePlatformGatewayRequestDTO properties(Map properties) { + + this.properties = properties; + return this; + } + + /** + * Custom key-value properties for the gateway + * @return properties + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "{\"region\":\"us-west\",\"tier\":\"premium\"}", value = "Custom key-value properties for the gateway") + + public Map getProperties() { + return properties; + } + + + public void setProperties(Map properties) { + this.properties = properties; + } + + + public UpdatePlatformGatewayRequestDTO permissions(UpdatePlatformGatewayRequestPermissionsDTO permissions) { + + this.permissions = permissions; + return this; + } + + /** + * Get permissions + * @return permissions + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public UpdatePlatformGatewayRequestPermissionsDTO getPermissions() { + return permissions; + } + + + public void setPermissions(UpdatePlatformGatewayRequestPermissionsDTO permissions) { + this.permissions = permissions; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + UpdatePlatformGatewayRequestDTO updatePlatformGatewayRequest = (UpdatePlatformGatewayRequestDTO) o; + return Objects.equals(this.name, updatePlatformGatewayRequest.name) && + Objects.equals(this.vhost, updatePlatformGatewayRequest.vhost) && + Objects.equals(this.displayName, updatePlatformGatewayRequest.displayName) && + Objects.equals(this.description, updatePlatformGatewayRequest.description) && + Objects.equals(this.properties, updatePlatformGatewayRequest.properties) && + Objects.equals(this.permissions, updatePlatformGatewayRequest.permissions); + } + + @Override + public int hashCode() { + return Objects.hash(name, vhost, displayName, description, properties, permissions); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class UpdatePlatformGatewayRequestDTO {\n"); + sb.append(" name: ").append(toIndentedString(name)).append("\n"); + sb.append(" vhost: ").append(toIndentedString(vhost)).append("\n"); + sb.append(" displayName: ").append(toIndentedString(displayName)).append("\n"); + sb.append(" description: ").append(toIndentedString(description)).append("\n"); + sb.append(" properties: ").append(toIndentedString(properties)).append("\n"); + sb.append(" permissions: ").append(toIndentedString(permissions)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/UpdatePlatformGatewayRequestPermissionsDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/UpdatePlatformGatewayRequestPermissionsDTO.java new file mode 100644 index 0000000000..14209314ab --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/UpdatePlatformGatewayRequestPermissionsDTO.java @@ -0,0 +1,180 @@ +/* + * WSO2 API Manager - Admin + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) + * + * The version of the OpenAPI document: v4 + * Contact: architecture@wso2.com + * + * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech). + * https://openapi-generator.tech + * Do not edit the class manually. + */ + + +package org.wso2.am.integration.clients.admin.api.dto; + +import java.util.Objects; +import java.util.Arrays; +import com.google.gson.TypeAdapter; +import com.google.gson.annotations.JsonAdapter; +import com.google.gson.annotations.SerializedName; +import com.google.gson.stream.JsonReader; +import com.google.gson.stream.JsonWriter; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; +import com.fasterxml.jackson.annotation.JsonCreator; +/** +* Gateway visibility permissions (on-prem extension) +*/ + @ApiModel(description = "Gateway visibility permissions (on-prem extension)") + +public class UpdatePlatformGatewayRequestPermissionsDTO { + /** +* Gets or Sets permissionType +*/ + @JsonAdapter(PermissionTypeEnum.Adapter.class) +public enum PermissionTypeEnum { + PUBLIC("PUBLIC"), + + ALLOW("ALLOW"), + + DENY("DENY"); + +private String value; + +PermissionTypeEnum(String value) { +this.value = value; +} + +public String getValue() { +return value; +} + +@Override +public String toString() { +return String.valueOf(value); +} + +public static PermissionTypeEnum fromValue(String value) { + for (PermissionTypeEnum b : PermissionTypeEnum.values()) { + if (b.name().equals(value)) { + return b; + } +} + throw new IllegalArgumentException("Unexpected value '" + value + "'"); +} + + public static class Adapter extends TypeAdapter { + @Override + public void write(final JsonWriter jsonWriter, final PermissionTypeEnum enumeration) throws IOException { + jsonWriter.value(enumeration.getValue()); + } + + @Override + public PermissionTypeEnum read(final JsonReader jsonReader) throws IOException { + String value = jsonReader.nextString(); + return PermissionTypeEnum.fromValue(value); + } + } +} + + public static final String SERIALIZED_NAME_PERMISSION_TYPE = "permissionType"; + @SerializedName(SERIALIZED_NAME_PERMISSION_TYPE) + private PermissionTypeEnum permissionType = PermissionTypeEnum.PUBLIC; + + public static final String SERIALIZED_NAME_ROLES = "roles"; + @SerializedName(SERIALIZED_NAME_ROLES) + private List roles = null; + + + public UpdatePlatformGatewayRequestPermissionsDTO permissionType(PermissionTypeEnum permissionType) { + + this.permissionType = permissionType; + return this; + } + + /** + * Get permissionType + * @return permissionType + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "") + + public PermissionTypeEnum getPermissionType() { + return permissionType; + } + + + public void setPermissionType(PermissionTypeEnum permissionType) { + this.permissionType = permissionType; + } + + + public UpdatePlatformGatewayRequestPermissionsDTO roles(List roles) { + + this.roles = roles; + return this; + } + + /** + * List of roles for ALLOW/DENY permission types + * @return roles + **/ + @javax.annotation.Nullable + @ApiModelProperty(value = "List of roles for ALLOW/DENY permission types") + + public List getRoles() { + return roles; + } + + + public void setRoles(List roles) { + this.roles = roles; + } + + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + UpdatePlatformGatewayRequestPermissionsDTO updatePlatformGatewayRequestPermissions = (UpdatePlatformGatewayRequestPermissionsDTO) o; + return Objects.equals(this.permissionType, updatePlatformGatewayRequestPermissions.permissionType) && + Objects.equals(this.roles, updatePlatformGatewayRequestPermissions.roles); + } + + @Override + public int hashCode() { + return Objects.hash(permissionType, roles); + } + + +@Override +public String toString() { +StringBuilder sb = new StringBuilder(); +sb.append("class UpdatePlatformGatewayRequestPermissionsDTO {\n"); + sb.append(" permissionType: ").append(toIndentedString(permissionType)).append("\n"); + sb.append(" roles: ").append(toIndentedString(roles)).append("\n"); +sb.append("}"); +return sb.toString(); +} + +/** +* Convert the given object to string with each line indented by 4 spaces +* (except the first line). +*/ +private String toIndentedString(Object o) { +if (o == null) { +return "null"; +} +return o.toString().replace("\n", "\n "); +} + +} + diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/VHostDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/VHostDTO.java index 6bc178b659..8d426f14a1 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/VHostDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/VHostDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -49,10 +49,18 @@ public class VHostDTO { @SerializedName(SERIALIZED_NAME_WS_PORT) private Integer wsPort; + public static final String SERIALIZED_NAME_WS_HOST = "wsHost"; + @SerializedName(SERIALIZED_NAME_WS_HOST) + private String wsHost; + public static final String SERIALIZED_NAME_WSS_PORT = "wssPort"; @SerializedName(SERIALIZED_NAME_WSS_PORT) private Integer wssPort; + public static final String SERIALIZED_NAME_WSS_HOST = "wssHost"; + @SerializedName(SERIALIZED_NAME_WSS_HOST) + private String wssHost; + public VHostDTO host(String host) { @@ -168,6 +176,29 @@ public void setWsPort(Integer wsPort) { } + public VHostDTO wsHost(String wsHost) { + + this.wsHost = wsHost; + return this; + } + + /** + * Get wsHost + * @return wsHost + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "mg.wso2.com", value = "") + + public String getWsHost() { + return wsHost; + } + + + public void setWsHost(String wsHost) { + this.wsHost = wsHost; + } + + public VHostDTO wssPort(Integer wssPort) { this.wssPort = wssPort; @@ -191,6 +222,29 @@ public void setWssPort(Integer wssPort) { } + public VHostDTO wssHost(String wssHost) { + + this.wssHost = wssHost; + return this; + } + + /** + * Get wssHost + * @return wssHost + **/ + @javax.annotation.Nullable + @ApiModelProperty(example = "mg.wso2.com", value = "") + + public String getWssHost() { + return wssHost; + } + + + public void setWssHost(String wssHost) { + this.wssHost = wssHost; + } + + @Override public boolean equals(Object o) { if (this == o) { @@ -205,12 +259,14 @@ public boolean equals(Object o) { Objects.equals(this.httpPort, vhost.httpPort) && Objects.equals(this.httpsPort, vhost.httpsPort) && Objects.equals(this.wsPort, vhost.wsPort) && - Objects.equals(this.wssPort, vhost.wssPort); + Objects.equals(this.wsHost, vhost.wsHost) && + Objects.equals(this.wssPort, vhost.wssPort) && + Objects.equals(this.wssHost, vhost.wssHost); } @Override public int hashCode() { - return Objects.hash(host, httpContext, httpPort, httpsPort, wsPort, wssPort); + return Objects.hash(host, httpContext, httpPort, httpsPort, wsPort, wsHost, wssPort, wssHost); } @@ -223,7 +279,9 @@ public String toString() { sb.append(" httpPort: ").append(toIndentedString(httpPort)).append("\n"); sb.append(" httpsPort: ").append(toIndentedString(httpsPort)).append("\n"); sb.append(" wsPort: ").append(toIndentedString(wsPort)).append("\n"); + sb.append(" wsHost: ").append(toIndentedString(wsHost)).append("\n"); sb.append(" wssPort: ").append(toIndentedString(wssPort)).append("\n"); + sb.append(" wssHost: ").append(toIndentedString(wssHost)).append("\n"); sb.append("}"); return sb.toString(); } diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/WorkflowDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/WorkflowDTO.java index fe62b5590b..de3b9db4d6 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/WorkflowDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/WorkflowDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/WorkflowInfoDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/WorkflowInfoDTO.java index e4f7f61a73..5b3af53984 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/WorkflowInfoDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/WorkflowInfoDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com @@ -36,8 +36,6 @@ public class WorkflowInfoDTO { public enum WorkflowTypeEnum { APPLICATION_CREATION("APPLICATION_CREATION"), - APPLICATION_UPDATE("APPLICATION_UPDATE"), - SUBSCRIPTION_CREATION("SUBSCRIPTION_CREATION"), USER_SIGNUP("USER_SIGNUP"), @@ -50,13 +48,15 @@ public enum WorkflowTypeEnum { API_STATE("API_STATE"), + API_PRODUCT_STATE("API_PRODUCT_STATE"), + SUBSCRIPTION_DELETION("SUBSCRIPTION_DELETION"), SUBSCRIPTION_UPDATE("SUBSCRIPTION_UPDATE"), - API_PRODUCT_STATE("API_PRODUCT_STATE"), + REVISION_DEPLOYMENT("REVISION_DEPLOYMENT"), - REVISION_DEPLOYMENT("REVISION_DEPLOYMENT"); + APPLICATION_UPDATE("APPLICATION_UPDATE"); private String value; diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/WorkflowListDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/WorkflowListDTO.java index 52e957642d..2de7b1d937 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/WorkflowListDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/WorkflowListDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/WorkflowResponseDTO.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/WorkflowResponseDTO.java index edf55ed70a..e091f84a67 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/WorkflowResponseDTO.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/api/dto/WorkflowResponseDTO.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/ApiKeyAuth.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/ApiKeyAuth.java index d1b1189d2a..5ff15c13d3 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/ApiKeyAuth.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/ApiKeyAuth.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/Authentication.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/Authentication.java index 7b50d109d5..579c4b9468 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/Authentication.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/Authentication.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/HttpBasicAuth.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/HttpBasicAuth.java index 6b916d2153..7fbe03047e 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/HttpBasicAuth.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/HttpBasicAuth.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/HttpBearerAuth.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/HttpBearerAuth.java index 86bdb22982..3b121c0f89 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/HttpBearerAuth.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/HttpBearerAuth.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/OAuth.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/OAuth.java index 2a866991c0..a2973f857e 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/OAuth.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/OAuth.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/OAuthFlow.java b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/OAuthFlow.java index 9e8093ccad..e0925c5647 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/OAuthFlow.java +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/gen/java/org/wso2/am/integration/clients/admin/auth/OAuthFlow.java @@ -1,6 +1,6 @@ /* * WSO2 API Manager - Admin - * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.google.lk\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.google.lk\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.google.lk\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/token ``` **Sample request** ``` curl https://localhost:8243/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + * This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { \"callbackUrl\":\"www.example.com\", \"clientName\":\"rest_api_admin\", \"owner\":\"admin\", \"grantType\":\"client_credentials password refresh_token\", \"saasApp\":true } ``` Create a file (payload.json) with the above sample payload, and use the cURL shown bellow to invoke the DCR endpoint. Authorization header of this should contain the base64 encoded admin username and password. **Format of the request** ``` curl -X POST -H \"Authorization: Basic Base64(admin_username:admin_password)\" -H \"Content-Type: application/json\" \\ -d @payload.json https://:/client-registration/v0.17/register ``` **Sample request** ``` curl -X POST -H \"Authorization: Basic YWRtaW46YWRtaW4=\" -H \"Content-Type: application/json\" \\ -d @payload.json https://localhost:9443/client-registration/v0.17/register ``` Following is a sample response after invoking the above curl. ``` { \"clientId\": \"fOCi4vNJ59PpHucC2CAYfYuADdMa\", \"clientName\": \"rest_api_admin\", \"callBackURL\": \"www.example.com\", \"clientSecret\": \"a4FwHlq0iCIKVs2MPIIDnepZnYMa\", \"isSaasApplication\": true, \"appOwner\": \"admin\", \"jsonString\": \"{\\\"grant_types\\\":\\\"client_credentials password refresh_token\\\",\\\"redirect_uris\\\":\\\"www.example.com\\\",\\\"client_name\\\":\\\"rest_api_admin\\\"}\", \"jsonAppAttribute\": \"{}\", \"tokenType\": null } ``` Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section of this document and scope for each resource is given in **authorizations** section of resource documentation. Following is the format of the request if you are using the password grant type. ``` curl -k -d \"grant_type=password&username=&password=&scope=\" \\ -H \"Authorization: Basic base64(cliet_id:client_secret)\" \\ https://:/oauth2/token ``` **Sample request** ``` curl https://localhost:9443/oauth2/token -k \\ -H \"Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h\" \\ -d \"grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view\" ``` Shown below is a sample response to the above request. ``` { \"access_token\": \"e79bda48-3406-3178-acce-f6e4dbdcbb12\", \"refresh_token\": \"a757795d-e69f-38b8-bd85-9aded677a97c\", \"scope\": \"apim:admin apim:tier_view\", \"token_type\": \"Bearer\", \"expires_in\": 3600 } ``` Now you have a valid access token, which you can use to invoke an API. Navigate through the API descriptions to find the required API, obtain an access token as described above and invoke the API with the authentication header. If you use a different authentication mechanism, this process may change. # Try out in Postman If you want to try-out the embedded postman collection with \"Run in Postman\" option, please follow the guidelines listed below. * All of the OAuth2 secured endpoints have been configured with an Authorization Bearer header with a parameterized access token. Before invoking any REST API resource make sure you run the `Register DCR Application` and `Generate Access Token` requests to fetch an access token with all required scopes. * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) * * The version of the OpenAPI document: v4 * Contact: architecture@wso2.com diff --git a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/main/resources/admin-api.yaml b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/main/resources/admin-api.yaml index e90737aca9..9c7a74715f 100644 --- a/all-in-one-apim/modules/integration/tests-common/clients/admin/src/main/resources/admin-api.yaml +++ b/all-in-one-apim/modules/integration/tests-common/clients/admin/src/main/resources/admin-api.yaml @@ -17,17 +17,17 @@ info: title: WSO2 API Manager - Admin description: | This document specifies a **RESTful API** for WSO2 **API Manager** - **Admin Portal**. - Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. + Please see [full OpenAPI Specification](https://raw.githubusercontent.com/wso2/carbon-apimgt/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.admin.v1/src/main/resources/admin-api.yaml) of the API which is written using [OAS 3.0](http://swagger.io/) specification. # Authentication - Our REST APIs are protected using OAuth2 and access control is achieved through scopes. Before you start invoking + The Admin REST API is protected using OAuth2 and access control is achieved through scopes. Before you start invoking the the API you need to obtain an access token with the required scopes. This guide will walk you through the steps that you will need to follow to obtain an access token. First you need to obtain the consumer key/secret key pair by calling the dynamic client registration (DCR) endpoint. You can add your preferred grant types in the payload. A sample payload is shown below. ``` { - "callbackUrl":"www.google.lk", + "callbackUrl":"www.example.com", "clientName":"rest_api_admin", "owner":"admin", "grantType":"client_credentials password refresh_token", @@ -51,15 +51,18 @@ info: { "clientId": "fOCi4vNJ59PpHucC2CAYfYuADdMa", "clientName": "rest_api_admin", - "callBackURL": "www.google.lk", + "callBackURL": "www.example.com", "clientSecret": "a4FwHlq0iCIKVs2MPIIDnepZnYMa", "isSaasApplication": true, "appOwner": "admin", - "jsonString": "{\"grant_types\":\"client_credentials password refresh_token\",\"redirect_uris\":\"www.google.lk\",\"client_name\":\"rest_api_admin\"}", + "jsonString": "{\"grant_types\":\"client_credentials password refresh_token\",\"redirect_uris\":\"www.example.com\",\"client_name\":\"rest_api_admin\"}", "jsonAppAttribute": "{}", "tokenType": null } ``` + Note that in a distributed deployment or IS as KM separated environment to invoke RESTful APIs (product APIs), users must generate tokens through API-M Control Plane's token endpoint. + The tokens generated using third party key managers, are to manage end-user authentication when accessing APIs. + Next you must use the above client id and secret to obtain the access token. We will be using the password grant type for this, you can use any grant type you desire. You also need to add the proper **scope** when getting the access token. All possible scopes for Admin REST API can be viewed in **OAuth2 Security** section @@ -68,11 +71,11 @@ info: ``` curl -k -d "grant_type=password&username=&password=&scope=" \ -H "Authorization: Basic base64(cliet_id:client_secret)" - \ https://:/token + \ https://:/oauth2/token ``` **Sample request** ``` - curl https://localhost:8243/token -k \ + curl https://localhost:9443/oauth2/token -k \ -H "Authorization: Basic Zk9DaTR2Tko1OVBwSHVjQzJDQVlmWXVBRGRNYTphNEZ3SGxxMGlDSUtWczJNUElJRG5lcFpuWU1h" \ -d "grant_type=password&username=admin&password=admin&scope=apim:admin apim:tier_view" ``` @@ -96,10 +99,10 @@ info: * Make sure you have an API Manager instance up and running. * Update the `basepath` parameter to match the hostname and port of the APIM instance. - [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/f5ac2ca9fb22afef6ed6) + [![Run in Postman](https://run.pstmn.io/button.svg)](https://app.getpostman.com/run-collection/32294946-71bea2bc-f808-4208-a4f6-861ede6f0434) contact: name: WSO2 - url: http://wso2.com/products/api-manager/ + url: https://wso2.com/api-manager/ email: architecture@wso2.com license: name: Apache 2.0 @@ -114,7 +117,7 @@ paths: /throttling/policies/search: get: tags: - - Throttling Policy Search + - Unified Search summary: | Retrieve/Search Throttling Policies description: | @@ -124,7 +127,7 @@ paths: in: query description: | **Search**. - You can search by providing a keyword. Allowed to search by type only. + You can search by providing a keyword. Allowed to search by type and name only. schema: type: string responses: @@ -145,6 +148,8 @@ paths: - OAuth2Security: - apim:admin - apim:tier_view + - apim:admin_tier_view + - apim:policies_import_export x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" @@ -163,25 +168,12 @@ paths: Retrieves all existing application throttling policies. parameters: - $ref: '#/components/parameters/Accept' - - $ref: '#/components/parameters/If-None-Match' - - $ref: '#/components/parameters/If-Modified-Since' responses: 200: description: | OK. Policies returned headers: - ETag: - description: | - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string Content-Type: description: | The content type of the body. @@ -191,19 +183,15 @@ paths: application/json: schema: $ref: '#/components/schemas/ApplicationThrottlePolicyList' - 304: - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - content: {} 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:tier_view + - apim:admin_tier_view x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/application"' @@ -230,12 +218,6 @@ paths: Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string Location: description: | Location of the newly created Policy object. @@ -256,6 +238,7 @@ paths: displayName: 20PerMin description: Allows 20 request per minute isDeployed: true + type: ApplicationThrottlePolicy defaultLimit: type: REQUESTCOUNTLIMIT requestCount: @@ -270,8 +253,9 @@ paths: - OAuth2Security: - apim:admin - apim:tier_manage + - apim:admin_tier_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/application"' @@ -287,26 +271,12 @@ paths: Retrieves an application throttling policy. parameters: - $ref: '#/components/parameters/policyId' - - $ref: '#/components/parameters/If-None-Match' - - $ref: '#/components/parameters/If-Modified-Since' responses: 200: description: | OK. Policy returned headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string Content-Type: description: | The content type of the body. @@ -322,17 +292,13 @@ paths: displayName: 20PerMin description: Allows 20 request per minute isDeployed: true + type: ApplicationThrottlePolicy defaultLimit: type: REQUESTCOUNTLIMIT requestCount: timeUnit: min unitTime: 1 requestCount: 20 - 304: - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - content: {} 404: $ref: '#/components/responses/NotFound' 406: @@ -341,8 +307,9 @@ paths: - OAuth2Security: - apim:admin - apim:tier_view + - apim:admin_tier_view x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/application/4e098fff-7f94-459a-981f-d257332f69d0"' @@ -355,8 +322,6 @@ paths: parameters: - $ref: '#/components/parameters/policyId' - $ref: '#/components/parameters/Content-Type' - - $ref: '#/components/parameters/If-Match' - - $ref: '#/components/parameters/If-Unmodified-Since' requestBody: description: | Policy object that needs to be modified @@ -371,18 +336,6 @@ paths: OK. Policy updated. headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional request. - schema: - type: string - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional reuquests. - schema: - type: string Location: description: | The URL of the newly created resource. @@ -403,6 +356,7 @@ paths: displayName: 20PerMin description: Allows 20 request per minute isDeployed: true + type: ApplicationThrottlePolicy defaultLimit: type: REQUESTCOUNTLIMIT requestCount: @@ -413,14 +367,13 @@ paths: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' - 412: - $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:admin - apim:tier_manage + - apim:admin_tier_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/application/4e098fff-7f94-459a-981f-d257332f69d0"' @@ -432,8 +385,6 @@ paths: Deletes an application level throttling policy. parameters: - $ref: '#/components/parameters/policyId' - - $ref: '#/components/parameters/If-Match' - - $ref: '#/components/parameters/If-Unmodified-Since' responses: 200: description: | @@ -442,111 +393,83 @@ paths: content: {} 404: $ref: '#/components/responses/NotFound' - 412: - $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:admin - apim:tier_manage + - apim:admin_tier_manage + - apim:policies_import_export x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/application/4e098fff-7f94-459a-981f-d257332f69d0"' + ###################################################### - # The "Global Mediation Policy Collections" resource API + # The "Subscription Throttling Policy Collection" resource API ###################################################### - /policies/mediation: + /throttling/policies/subscription: get: tags: - - Mediation Policy (Collection) - summary: | - Get all Global Mediation Policies + - Subscription Policy (Collection) + summary: Get all Subscription Throttling Policies description: | - This operation provides you a list of all available global mediation policies. + This operation can be used to retrieve all Subscription level throttling policies. parameters: - - $ref: '#/components/parameters/limit' - - $ref: '#/components/parameters/offset' - - name: query - in: query - description: -Not supported yet- - schema: - type: string - $ref: '#/components/parameters/Accept' - - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. - List of mediation policies is returned. + Policies returned headers: - ETag: - description: | - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string Content-Type: - description: The content type of the body. + description: | + The content type of the body. schema: type: string content: application/json: schema: - $ref: '#/components/schemas/mediationList' - 304: - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - content: {} + $ref: '#/components/schemas/SubscriptionThrottlePolicyList' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - - apim:mediation_policy_view + - apim:tier_view + - apim:admin_tier_view x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/policies/mediation"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription"' post: tags: - - Mediation Policy (Collection) - summary: Add a Global Mediation Policy + - Subscription Policy (Collection) + summary: Add a Subscription Throttling Policy description: | - This operation can be used to add a new global mediation policy. + This operation can be used to add a Subscription level throttling policy specifying the details of the policy in the payload. parameters: - $ref: '#/components/parameters/Content-Type' - - $ref: '#/components/parameters/If-Match' - - $ref: '#/components/parameters/If-Unmodified-Since' requestBody: - description: mediation policy to upload + description: | + Subscripion level policy object that should to be added content: application/json: schema: - $ref: '#/components/schemas/Mediation' + $ref: '#/components/schemas/SubscriptionThrottlePolicy' required: true responses: - 200: + 201: description: | - OK. - Mediation policy added successfully. + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string Location: description: | - The URL of the uploaded thumbnail image of the API. + Location of the newly created Policy object. schema: type: string Content-Type: @@ -557,55 +480,57 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Mediation' + $ref: '#/components/schemas/SubscriptionThrottlePolicy' + example: + policyId: 78c3ebff-176d-40d8-9377-fb3276528291 + policyName: Gold + displayName: Gold + description: Allows 5000 requests per minute + isDeployed: true + graphQLMaxComplexity: 0 + graphQLMaxDepth: 0 + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 5000 + rateLimitCount: 0 + customAttributes: [] + stopOnQuotaReach: true + billingPlan: FREE 400: $ref: '#/components/responses/BadRequest' - 404: - $ref: '#/components/responses/NotFound' - 412: - $ref: '#/components/responses/PreconditionFailed' + 415: + $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:admin - - apim:mediation_policy_create + - apim:tier_manage + - apim:admin_tier_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/policies/mediation"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription"' ###################################################### - # The "Individual Global Mediation Policy" resource + # The "Individual Subscription Throttling Policy" resource API ###################################################### - /policies/mediation/{mediationPolicyId}: + /throttling/policies/subscription/{policyId}: get: tags: - - Mediation Policy (Individual) - summary: Get a Global Mediation Policy + - Subscription Policy (Individual) + summary: Get a Subscription Policy description: | - This operation can be used to retrieve a particular global mediation policy. + This operation can be used to retrieves subscription level throttling policy by specifying the Id of the policy as a path paramter parameters: - - $ref: '#/components/parameters/mediationPolicyId' - - $ref: '#/components/parameters/Accept' - - $ref: '#/components/parameters/If-None-Match' - - $ref: '#/components/parameters/If-Modified-Since' + - $ref: '#/components/parameters/policyId' responses: 200: description: | OK. - Mediation Policy returned. + Policy returned headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string Content-Type: description: | The content type of the body. @@ -614,12 +539,25 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Mediation' - 304: - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - content: {} + $ref: '#/components/schemas/SubscriptionThrottlePolicy' + example: + policyId: 78c3ebff-176d-40d8-9377-fb3276528291 + policyName: Gold + displayName: Gold + description: Allows 5000 requests per minute + isDeployed: true + graphQLMaxComplexity: 0 + graphQLMaxDepth: 0 + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 5000 + rateLimitCount: 0 + customAttributes: [] + stopOnQuotaReach: true + billingPlan: FREE 404: $ref: '#/components/responses/NotFound' 406: @@ -627,48 +565,36 @@ paths: security: - OAuth2Security: - apim:admin - - apim:mediation_policy_view + - apim:tier_view + - apim:admin_tier_view x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/policies/mediation/2253cf01-0356-4cc1-9941-3034a8c29007"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' put: tags: - - Mediation Policy (Individual) - summary: Update a Global Mediation Policy + - Subscription Policy (Individual) + summary: Update a Subscription Policy description: | - This operation can be used to update an existing global mediation policy. + Updates an existing subscription level throttling policy. parameters: - - $ref: '#/components/parameters/mediationPolicyId' + - $ref: '#/components/parameters/policyId' - $ref: '#/components/parameters/Content-Type' - - $ref: '#/components/parameters/If-Match' - - $ref: '#/components/parameters/If-Unmodified-Since' requestBody: description: | - Mediation policy object that needs to be updated + Policy object that needs to be modified content: application/json: schema: - $ref: '#/components/schemas/Mediation' + $ref: '#/components/schemas/SubscriptionThrottlePolicy' required: true responses: 200: description: | OK. - Successful response with updated mediation policy object + Policy updated. headers: - ETag: - description: | - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string Location: description: | The URL of the newly created resource. @@ -682,127 +608,126 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Mediation' + $ref: '#/components/schemas/SubscriptionThrottlePolicy' + example: + policyId: 78c3ebff-176d-40d8-9377-fb3276528291 + policyName: Gold + displayName: Gold + description: Allows 5000 requests per minute + isDeployed: true + graphQLMaxComplexity: 0 + graphQLMaxDepth: 0 + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 5000 + rateLimitCount: 0 + customAttributes: [] + stopOnQuotaReach: true + billingPlan: FREE 400: $ref: '#/components/responses/BadRequest' - 403: - $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' - 412: - $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:admin - - apim:mediation_policy_create + - apim:tier_manage + - apim:admin_tier_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/policies/mediation/2253cf01-0356-4cc1-9941-3034a8c29007"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' delete: tags: - - Mediation Policy (Individual) - summary: Delete a Global Mediation Policy + - Subscription Policy (Individual) + summary: Delete a Subscription Policy description: | - This operation can be used to delete an existing global mediation policy providing the Id of the mediation policy. + This operation can be used to delete a subscription level throttling policy by specifying the Id of the policy as a path paramter. parameters: - - $ref: '#/components/parameters/mediationPolicyId' - - $ref: '#/components/parameters/If-Match' - - $ref: '#/components/parameters/If-Unmodified-Since' + - $ref: '#/components/parameters/policyId' responses: 200: description: | OK. - Mediation policy successfully deleted. + Resource successfully deleted. content: {} - 403: - $ref: '#/components/responses/Forbidden' 404: $ref: '#/components/responses/NotFound' - 412: - $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:admin - - apim:mediation_policy_create + - apim:tier_manage + - apim:admin_tier_manage + - apim:policies_import_export x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/policies/mediation/2253cf01-0356-4cc1-9941-3034a8c29007"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' ###################################################### - # The "Subscription Throttling Policy Collection" resource API + # The "Custom Rules Collection" resource API ###################################################### - /throttling/policies/subscription: + /throttling/policies/custom: get: tags: - - Subscription Policy (Collection) - summary: Get all Subscription Throttling Policies + - Custom Rules (Collection) + summary: Get all Custom Rules description: | - This operation can be used to retrieve all Subscription level throttling policies. + Retrieves all custom rules. + + **NOTE:** + * Only super tenant users are allowed for this operation. parameters: - $ref: '#/components/parameters/Accept' - - $ref: '#/components/parameters/If-None-Match' - - $ref: '#/components/parameters/If-Modified-Since' responses: 200: description: | OK. Policies returned headers: - ETag: + Content-Type: description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). + The content type of the body. schema: type: string - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). + content: + application/json: schema: - type: string - Content-Type: - description: | - The content type of the body. - schema: - type: string - content: - application/json: - schema: - $ref: '#/components/schemas/SubscriptionThrottlePolicyList' - 304: - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - content: {} + $ref: '#/components/schemas/CustomRuleList' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:tier_view + - apim:admin_tier_view x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom"' post: tags: - - Subscription Policy (Collection) - summary: Add a Subscription Throttling Policy + - Custom Rules (Collection) + summary: Add a Custom Rule description: | - This operation can be used to add a Subscription level throttling policy specifying the details of the policy in the payload. + Adds a new custom rule. + + **NOTE:** + * Only super tenant users are allowed for this operation. parameters: - $ref: '#/components/parameters/Content-Type' requestBody: description: | - Subscripion level policy object that should to be added + Custom Rule object that should to be added content: application/json: schema: - $ref: '#/components/schemas/SubscriptionThrottlePolicy' + $ref: '#/components/schemas/CustomRule' required: true responses: 201: @@ -811,15 +736,9 @@ paths: Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string Location: description: | - Location of the newly created Policy object. + Location of the newly created resource. schema: type: string Content-Type: @@ -830,26 +749,19 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SubscriptionThrottlePolicy' + $ref: '#/components/schemas/CustomRule' example: - policyId: 78c3ebff-176d-40d8-9377-fb3276528291 - policyName: Gold - displayName: Gold - description: Allows 5000 requests per minute + policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 + policyName: custom + description: Allow 10 requests per minute for admin user isDeployed: true - graphQLMaxComplexity: 0 - graphQLMaxDepth: 0 - subscriberCount: 0 - defaultLimit: - type: REQUESTCOUNTLIMIT - requestCount: - timeUnit: min - unitTime: 1 - requestCount: 5000 - rateLimitCount: 0 - customAttributes: [] - stopOnQuotaReach: true - billingPlan: FREE + siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ + \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ + INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ + \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ + \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ + \ ResultStream;" + keyTemplate: $userId 400: $ref: '#/components/responses/BadRequest' 415: @@ -858,43 +770,33 @@ paths: - OAuth2Security: - apim:admin - apim:tier_manage + - apim:admin_tier_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom"' ###################################################### - # The "Individual Subscription Throttling Policy" resource API + # The "Individual Custom Rule" resource API ###################################################### - /throttling/policies/subscription/{policyId}: + /throttling/policies/custom/{ruleId}: get: tags: - - Subscription Policy (Individual) - summary: Get a Subscription Policy + - Custom Rules (Individual) + summary: Get a Custom Rule description: | - This operation can be used to retrieves subscription level throttling policy by specifying the Id of the policy as a path paramter + Retrieves a custom rule. We need to provide the policy Id as a path parameter. + + **NOTE:** + * Only super tenant users are allowed for this operation. parameters: - - $ref: '#/components/parameters/policyId' - - $ref: '#/components/parameters/If-None-Match' - - $ref: '#/components/parameters/If-Modified-Since' + - $ref: '#/components/parameters/ruleId' responses: 200: description: | OK. Policy returned headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string Content-Type: description: | The content type of the body. @@ -903,31 +805,19 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SubscriptionThrottlePolicy' + $ref: '#/components/schemas/CustomRule' example: - policyId: 78c3ebff-176d-40d8-9377-fb3276528291 - policyName: Gold - displayName: Gold - description: Allows 5000 requests per minute + policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 + policyName: custom + description: Allow 10 requests per minute for admin user isDeployed: true - graphQLMaxComplexity: 0 - graphQLMaxDepth: 0 - subscriberCount: 0 - defaultLimit: - type: REQUESTCOUNTLIMIT - requestCount: - timeUnit: min - unitTime: 1 - requestCount: 5000 - rateLimitCount: 0 - customAttributes: [] - stopOnQuotaReach: true - billingPlan: FREE - 304: - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - content: {} + siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ + \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ + INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ + \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ + \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ + \ ResultStream;" + keyTemplate: $userId 404: $ref: '#/components/responses/NotFound' 406: @@ -936,29 +826,31 @@ paths: - OAuth2Security: - apim:admin - apim:tier_view + - apim:admin_tier_view x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' put: tags: - - Subscription Policy (Individual) - summary: Update a Subscription Policy + - Custom Rules (Individual) + summary: Update a Custom Rule description: | - Updates an existing subscription level throttling policy. + Updates an existing custom rule. + + **NOTE:** + * Only super tenant users are allowed for this operation. parameters: - - $ref: '#/components/parameters/policyId' + - $ref: '#/components/parameters/ruleId' - $ref: '#/components/parameters/Content-Type' - - $ref: '#/components/parameters/If-Match' - - $ref: '#/components/parameters/If-Unmodified-Since' requestBody: description: | Policy object that needs to be modified content: application/json: schema: - $ref: '#/components/schemas/SubscriptionThrottlePolicy' + $ref: '#/components/schemas/CustomRule' required: true responses: 200: @@ -966,18 +858,6 @@ paths: OK. Policy updated. headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string Location: description: | The URL of the newly created resource. @@ -991,51 +871,44 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/SubscriptionThrottlePolicy' + $ref: '#/components/schemas/CustomRule' example: - policyId: 78c3ebff-176d-40d8-9377-fb3276528291 - policyName: Gold - displayName: Gold - description: Allows 5000 requests per minute + policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 + policyName: custom + description: Allow 10 requests per minute for admin user isDeployed: true - graphQLMaxComplexity: 0 - graphQLMaxDepth: 0 - subscriberCount: 0 - defaultLimit: - type: REQUESTCOUNTLIMIT - requestCount: - timeUnit: min - unitTime: 1 - requestCount: 5000 - rateLimitCount: 0 - customAttributes: [] - stopOnQuotaReach: true - billingPlan: FREE + siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ + \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ + INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ + \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ + \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ + \ ResultStream;" + keyTemplate: $userId 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' - 412: - $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:admin - apim:tier_manage + - apim:admin_tier_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' delete: tags: - - Subscription Policy (Individual) - summary: Delete a Subscription Policy + - Custom Rules (Individual) + summary: Delete a Custom Rule description: | - This operation can be used to delete a subscription level throttling policy by specifying the Id of the policy as a path paramter. + Delete a custom rule. We need to provide the Id of the policy as a path parameter. + + **NOTE:** + * Only super tenant users are allowed for this operation. parameters: - - $ref: '#/components/parameters/policyId' - - $ref: '#/components/parameters/If-Match' - - $ref: '#/components/parameters/If-Unmodified-Since' + - $ref: '#/components/parameters/ruleId' responses: 200: description: | @@ -1044,52 +917,35 @@ paths: content: {} 404: $ref: '#/components/responses/NotFound' - 412: - $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:admin - apim:tier_manage + - apim:admin_tier_manage + - apim:policies_import_export x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/subscription/c948c723-71dd-4d50-8c77-0a0e99c8cbb1"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' ###################################################### - # The "Custom Rules Collection" resource API + # The "Advanced Throttling Policy Collection" resource API ###################################################### - /throttling/policies/custom: + /throttling/policies/advanced: get: tags: - - Custom Rules (Collection) - summary: Get all Custom Rules + - Advanced Policy (Collection) + summary: Get all Advanced Throttling Policies description: | - Retrieves all custom rules. - - **NOTE:** - * Only super tenant users are allowed for this operation. + Retrieves all existing advanced throttling policies. parameters: - $ref: '#/components/parameters/Accept' - - $ref: '#/components/parameters/If-None-Match' - - $ref: '#/components/parameters/If-Modified-Since' responses: 200: description: | OK. Policies returned headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string Content-Type: description: | The content type of the body. @@ -1098,41 +954,34 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CustomRuleList' - 304: - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - content: {} + $ref: '#/components/schemas/AdvancedThrottlePolicyList' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - apim:tier_view + - apim:admin_tier_view x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced"' post: tags: - - Custom Rules (Collection) - summary: Add a Custom Rule + - Advanced Policy (Collection) + summary: Add an Advanced Throttling Policy description: | - Adds a new custom rule. - - **NOTE:** - * Only super tenant users are allowed for this operation. + Add a new advanced throttling policy. parameters: - $ref: '#/components/parameters/Content-Type' requestBody: description: | - Custom Rule object that should to be added + Advanced level policy object that should to be added content: application/json: schema: - $ref: '#/components/schemas/CustomRule' + $ref: '#/components/schemas/AdvancedThrottlePolicy' required: true responses: 201: @@ -1141,15 +990,9 @@ paths: Successful response with the newly created object as entity in the body. Location header contains URL of newly created entity. headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string Location: description: | - Location of the newly created resource. + Location of the newly created Advanced Throttling Policy. schema: type: string Content-Type: @@ -1160,19 +1003,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CustomRule' + $ref: '#/components/schemas/AdvancedThrottlePolicy' example: - policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 - policyName: custom - description: Allow 10 requests per minute for admin user + policyId: 4cf46441-a538-4f79-a499-ab81200c9bca + policyName: 10KPerMin + displayName: 10KPerMin + description: Allows 10000 requests per minute isDeployed: true - siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ - \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ - INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ - \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ - \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ - \ ResultStream;" - keyTemplate: $userId + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 10000 + conditionalGroups: [] 400: $ref: '#/components/responses/BadRequest' 415: @@ -1181,46 +1025,30 @@ paths: - OAuth2Security: - apim:admin - apim:tier_manage + - apim:admin_tier_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced"' ###################################################### - # The "Individual Custom Rule" resource API + # The "Individual Advanced Throttling Policy" resource API ###################################################### - /throttling/policies/custom/{ruleId}: + /throttling/policies/advanced/{policyId}: get: tags: - - Custom Rules (Individual) - summary: Get a Custom Rule + - Advanced Policy (Individual) + summary: Get an Advanced Throttling Policy description: | - Retrieves a custom rule. We need to provide the policy Id as a path parameter. - - **NOTE:** - * Only super tenant users are allowed for this operation. + Retrieves an advanced throttling policy. parameters: - - $ref: '#/components/parameters/ruleId' - - $ref: '#/components/parameters/If-None-Match' - - $ref: '#/components/parameters/If-Modified-Since' + - $ref: '#/components/parameters/policyId' responses: 200: description: | OK. Policy returned headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string Content-Type: description: | The content type of the body. @@ -1229,24 +1057,20 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CustomRule' + $ref: '#/components/schemas/AdvancedThrottlePolicy' example: - policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 - policyName: custom - description: Allow 10 requests per minute for admin user + policyId: 4cf46441-a538-4f79-a499-ab81200c9bca + policyName: 10KPerMin + displayName: 10KPerMin + description: Allows 10000 requests per minute isDeployed: true - siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ - \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ - INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ - \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ - \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ - \ ResultStream;" - keyTemplate: $userId - 304: - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - content: {} + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 10000 + conditionalGroups: [] 404: $ref: '#/components/responses/NotFound' 406: @@ -1255,32 +1079,28 @@ paths: - OAuth2Security: - apim:admin - apim:tier_view + - apim:admin_tier_view x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' put: tags: - - Custom Rules (Individual) - summary: Update a Custom Rule + - Advanced Policy (Individual) + summary: Update an Advanced Throttling Policy description: | - Updates an existing custom rule. - - **NOTE:** - * Only super tenant users are allowed for this operation. + Updates an existing Advanced throttling policy. parameters: - - $ref: '#/components/parameters/ruleId' + - $ref: '#/components/parameters/policyId' - $ref: '#/components/parameters/Content-Type' - - $ref: '#/components/parameters/If-Match' - - $ref: '#/components/parameters/If-Unmodified-Since' requestBody: description: | Policy object that needs to be modified content: application/json: schema: - $ref: '#/components/schemas/CustomRule' + $ref: '#/components/schemas/AdvancedThrottlePolicy' required: true responses: 200: @@ -1288,18 +1108,6 @@ paths: OK. Policy updated. headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string Location: description: | The URL of the newly created resource. @@ -1313,47 +1121,42 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/CustomRule' + $ref: '#/components/schemas/AdvancedThrottlePolicy' example: - policyId: 7c7ed7c4-5a7c-4e08-850a-a95bbfcc2fb6 - policyName: custom - description: Allow 10 requests per minute for admin user + policyId: 4cf46441-a538-4f79-a499-ab81200c9bca + policyName: 10KPerMin + displayName: 10KPerMin + description: Allows 10000 requests per minute isDeployed: true - siddhiQuery: "FROM RequestStream\nSELECT userId, ( userId == 'admin@carbon.super'\ - \ ) AS isEligible , str:concat('admin@carbon.super','') as throttleKey\n\ - INSERT INTO EligibilityStream; \n\nFROM EligibilityStream[isEligible==true]#throttler:timeBatch(1\ - \ min) \nSELECT throttleKey, (count(userId) >= 10) as isThrottled,\ - \ expiryTimeStamp group by throttleKey \nINSERT ALL EVENTS into\ - \ ResultStream;" - keyTemplate: $userId + defaultLimit: + type: REQUESTCOUNTLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 10000 + conditionalGroups: [] 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' - 412: - $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:admin - apim:tier_manage + - apim:admin_tier_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' delete: tags: - - Custom Rules (Individual) - summary: Delete a Custom Rule + - Advanced Policy (Individual) + summary: Delete an Advanced Throttling Policy description: | - Delete a custom rule. We need to provide the Id of the policy as a path parameter. - - **NOTE:** - * Only super tenant users are allowed for this operation. + Deletes an advanced throttling policy. parameters: - - $ref: '#/components/parameters/ruleId' - - $ref: '#/components/parameters/If-Match' - - $ref: '#/components/parameters/If-Unmodified-Since' + - $ref: '#/components/parameters/policyId' responses: 200: description: | @@ -1362,49 +1165,55 @@ paths: content: {} 404: $ref: '#/components/responses/NotFound' - 412: - $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:admin - apim:tier_manage + - apim:admin_tier_manage + - apim:policies_import_export x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/custom/33662a62-8db1-4d75-af08-afd63c6bd0b4"' - + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' ###################################################### - # The "Advanced Throttling Policy Collection" resource API + # "Export Throttling Policy" resource API ###################################################### - /throttling/policies/advanced: + /throttling/policies/export: get: tags: - - Advanced Policy (Collection) - summary: Get all Advanced Throttling Policies + - Import Export + summary: Export a Throttling Policy description: | - Retrieves all existing advanced throttling policies. + This operation can be used to export the details of a particular Throttling Policy. parameters: - - $ref: '#/components/parameters/Accept' - - $ref: '#/components/parameters/If-None-Match' - - $ref: '#/components/parameters/If-Modified-Since' + - name: policyId + in: query + description: UUID of the ThrottlingPolicy + schema: + type: string + - name: name + in: query + description: | + Throttling Policy Name + schema: + type: string + - name: type + in: query + description: | + Type of the Throttling Policy + schema: + type: string + enum: + - sub + - app + - api + - global responses: 200: description: | OK. - Policies returned + Export Successful. headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string Content-Type: description: | The content type of the body. @@ -1413,124 +1222,132 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AdvancedThrottlePolicyList' - 304: - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - content: {} - 406: - $ref: '#/components/responses/NotAcceptable' + $ref: '#/components/schemas/ExportThrottlePolicy' + example: + type: rate-limiting policy + subtype: application + version: v4.1.0 + data: + policyId: cd828243-a0db-430c-97e9-9e41fd865d48 + policyName: 50PerMin + displayName: 50PerMin + description: Allows 50 request per minute + isDeployed: true + type: ApplicationThrottlePolicy + defaultLimit: + type: BANDWIDTHLIMIT + requestCount: + timeUnit: min + unitTime: 1 + requestCount: 50 + bandwidth: + timeUnit: min + unitTime: 5 + dataAmount: 100 + dataUnit: MB + eventCount: + timeUnit: min + unitTime: 5 + eventCount: 16 + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:tier_view + - apim:tier_manage + - apim:admin_tier_manage + - apim:policies_import_export x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced"' - + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/export?policyId=96077508-fd01-4fae-bc64-5de0e2baf43c&name=Bronze&type=sub&format=YAML"' + operationId: exportThrottlingPolicy + #################################################################### + # Import Throttling Policy + #################################################################### + /throttling/policies/import: post: tags: - - Advanced Policy (Collection) - summary: Add an Advanced Throttling Policy + - Import Export + summary: Import a Throttling Policy description: | - Add a new advanced throttling policy. + This operation can be used to import a Throttling Policy parameters: - - $ref: '#/components/parameters/Content-Type' + - name: overwrite + in: query + description: | + Update an existing throttlingpolicy with the same name + required: false + schema: + type: boolean requestBody: - description: | - Advanced level policy object that should to be added content: - application/json: + multipart/form-data: schema: - $ref: '#/components/schemas/AdvancedThrottlePolicy' + required: + - file + properties: + file: + type: string + description: Json File + format: binary required: true responses: - 201: + 200: description: | Created. - Successful response with the newly created object as entity in the body. - Location header contains URL of newly created entity. - headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Location: - description: | - Location of the newly created Advanced Throttling Policy. - schema: - type: string - Content-Type: - description: | - The content type of the body. - schema: - type: string - content: - application/json: - schema: - $ref: '#/components/schemas/AdvancedThrottlePolicy' - example: - policyId: 4cf46441-a538-4f79-a499-ab81200c9bca - policyName: 10KPerMin - displayName: 10KPerMin - description: Allows 10000 requests per minute - isDeployed: true - defaultLimit: - type: REQUESTCOUNTLIMIT - requestCount: - timeUnit: min - unitTime: 1 - requestCount: 10000 - conditionalGroups: [] - 400: - $ref: '#/components/responses/BadRequest' - 415: - $ref: '#/components/responses/UnsupportedMediaType' + Throttling Policy Imported Successfully. + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 409: + $ref: '#/components/responses/Conflict' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - apim:tier_manage + - apim:admin_tier_manage + - apim:policies_import_export x-code-samples: - - lang: Shell - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced"' - + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/import?overwrite=True"' + operationId: importThrottlingPolicy ###################################################### - # The "Individual Advanced Throttling Policy" resource API + # The "Deny Policy Collection" resource API ###################################################### - /throttling/policies/advanced/{policyId}: + /throttling/deny-policies: get: tags: - - Advanced Policy (Individual) - summary: Get an Advanced Throttling Policy + - Deny Policies (Collection) + summary: Get all Deny Policies description: | - Retrieves an advanced throttling policy. + Retrieves all existing deny policies. parameters: - - $ref: '#/components/parameters/policyId' - - $ref: '#/components/parameters/If-None-Match' - - $ref: '#/components/parameters/If-Modified-Since' + - $ref: '#/components/parameters/Accept' + - name: query + in: query + description: | + **Search condition**. + You can search in attributes by using **"conditionType:"** modifier and **"conditionValue:"** modifier. + Eg. + The entry "conditionType:API" will result in a match with blocking conditions only if the conditionType is "API". Similarly, "conditionValue:test/1.0.0" will result in a match with blocking conditions only if the conditionValue is "test/1.0.0". + When you use "conditionType:API & conditionValue:test/1.0.0" as a combination, it will result in a match with blocking conditions only if both the conditionType is "API" and the conditionValue is "test/1.0.0". + If query attribute is provided, this returns the blocking conditions that match the specified attributes. + Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) + schema: + type: string responses: 200: description: | OK. - Policy returned + Deny Policies returned headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string Content-Type: description: | The content type of the body. @@ -1539,80 +1356,86 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AdvancedThrottlePolicy' - example: - policyId: 4cf46441-a538-4f79-a499-ab81200c9bca - policyName: 10KPerMin - displayName: 10KPerMin - description: Allows 10000 requests per minute - isDeployed: true - defaultLimit: - type: REQUESTCOUNTLIMIT - requestCount: - timeUnit: min - unitTime: 1 - requestCount: 10000 - conditionalGroups: [] - 304: - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - content: {} - 404: - $ref: '#/components/responses/NotFound' + $ref: '#/components/schemas/BlockingConditionList' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - - apim:tier_view + - apim:bl_view x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/deny-policies"' - put: + post: tags: - - Advanced Policy (Individual) - summary: Update an Advanced Throttling Policy + - Deny Policies (Collection) + summary: Add a deny policy description: | - Updates an existing Advanced throttling policy. + Adds a new deny policy parameters: - - $ref: '#/components/parameters/policyId' - $ref: '#/components/parameters/Content-Type' - - $ref: '#/components/parameters/If-Match' - - $ref: '#/components/parameters/If-Unmodified-Since' requestBody: description: | - Policy object that needs to be modified + Blocking condition object that should to be added content: application/json: schema: - $ref: '#/components/schemas/AdvancedThrottlePolicy' + $ref: '#/components/schemas/BlockingCondition' required: true responses: - 200: + 201: description: | - OK. - Policy updated. + Created. + Successful response with the newly created object as entity in the body. + Location header contains URL of newly created entity. headers: - ETag: + Location: description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). + Location of the newly created resource. schema: type: string - Last-Modified: + Content-Type: description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). + The content type of the body. schema: type: string - Location: - description: | - The URL of the newly created resource. + content: + application/json: schema: - type: string + $ref: '#/components/schemas/BlockingCondition' + 400: + $ref: '#/components/responses/BadRequest' + 415: + $ref: '#/components/responses/UnsupportedMediaType' + security: + - OAuth2Security: + - apim:admin + - apim:bl_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/deny-policies"' + + ###################################################### + # The "Individual Deny Policy" resource API + ###################################################### + /throttling/deny-policy/{conditionId}: + get: + tags: + - Deny Policy (Individual) + summary: Get a Deny Policy + description: | + Retrieves a Deny policy providing the condition Id + parameters: + - $ref: '#/components/parameters/conditionId' + responses: + 200: + description: | + OK. + Condition returned + headers: Content-Type: description: | The content type of the body. @@ -1621,45 +1444,28 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AdvancedThrottlePolicy' - example: - policyId: 4cf46441-a538-4f79-a499-ab81200c9bca - policyName: 10KPerMin - displayName: 10KPerMin - description: Allows 10000 requests per minute - isDeployed: true - defaultLimit: - type: REQUESTCOUNTLIMIT - requestCount: - timeUnit: min - unitTime: 1 - requestCount: 10000 - conditionalGroups: [] - 400: - $ref: '#/components/responses/BadRequest' + $ref: '#/components/schemas/BlockingCondition' 404: $ref: '#/components/responses/NotFound' - 412: - $ref: '#/components/responses/PreconditionFailed' + 406: + $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - - apim:tier_manage + - apim:bl_view x-code-samples: - - lang: Shell - source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/throttling/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' delete: tags: - - Advanced Policy (Individual) - summary: Delete an Advanced Throttling Policy + - Deny Policy (Individual) + summary: Delete a Deny Policy description: | - Deletes an advanced throttling policy. + Deletes an existing deny policy parameters: - - $ref: '#/components/parameters/policyId' - - $ref: '#/components/parameters/If-Match' - - $ref: '#/components/parameters/If-Unmodified-Since' + - $ref: '#/components/parameters/conditionId' responses: 200: description: | @@ -1668,55 +1474,107 @@ paths: content: {} 404: $ref: '#/components/responses/NotFound' - 412: - $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:admin - - apim:tier_manage + - apim:bl_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/advanced/229a3c46-c836-43c8-b988-8eebd9c7774b"' + "https://127.0.0.1:9443/api/am/admin/v4/throttling/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' - ###################################################### - # "Export Throttling Policy" resource API - ###################################################### - /throttling/policies/export: - get: + patch: tags: - - Import Export Throttling Policy - summary: Export a Throttling Policy + - Deny Policy (Individual) + summary: Update a Deny Policy description: | - This operation can be used to export the details of a particular Throttling Policy. + Update a deny policy by Id parameters: - - name: policyId - in: query - description: UUID of the ThrottlingPolicy - schema: - type: string - - name: name - in: query - description: | - Throttling Policy Name - schema: - type: string - - name: type + - $ref: '#/components/parameters/conditionId' + - $ref: '#/components/parameters/Content-Type' + requestBody: + description: | + Blocking condition with updated status + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingConditionStatus' + required: true + responses: + 200: + description: | + OK. + Resource successfully updated. + content: + application/json: + schema: + $ref: '#/components/schemas/BlockingCondition' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:bl_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PATCH -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' + + ###################################################### + # The "Application Collection" resource APIs + ###################################################### + /applications: + get: + tags: + - Application (Collection) + summary: | + Retrieve/Search Applications + description: | + This operation can be used to retrieve list of applications owned by the given user, If no user + is provided, the applications owned by the user associated with the provided access token will be returned. + parameters: + - $ref: '#/components/parameters/user' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/Accept' + - name: name in: query description: | - Type of the Throttling Policy + Application Name + schema: + type: string + - name: tenantDomain + in: query + description: | + Tenant domain of the applications to get. This has to be specified only if it is required to get applications of + a tenant other than the requester's tenant. So, if not specified, the default will be set as the + requester's tenant domain. This cross tenant Application access is allowed only for super tenant admin + users **only at a migration process**. + schema: + type: string + - name: sortBy + in: query schema: type: string enum: - - sub - - app - - api - - global + - name + - owner + default: name + - name: sortOrder + in: query + schema: + type: string + enum: + - asc + - desc + default: asc responses: 200: description: | OK. - Export Successful. + Application list returned. headers: Content-Type: description: | @@ -1726,540 +1584,595 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ExportThrottlePolicy' - example: - type: rate-limiting policy - subtype: application - version: v4.1.0 - data: - policyId: cd828243-a0db-430c-97e9-9e41fd865d48 - policyName: 50PerMin - displayName: 50PerMin - description: Allows 50 request per minute - isDeployed: true - type: ApplicationThrottlePolicy - defaultLimit: - type: BANDWIDTHLIMIT - requestCount: - timeUnit: min - unitTime: 1 - requestCount: 50 - bandwidth: - timeUnit: min - unitTime: 5 - dataAmount: 100 - dataUnit: MB - eventCount: - timeUnit: min - unitTime: 5 - eventCount: 16 + $ref: '#/components/schemas/ApplicationList' + 400: + $ref: '#/components/responses/BadRequest' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:app_settings_change + - apim:app_owner_change + - apim:app_import_export + - apim:admin_application_view + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/applications"' + + ###################################################### + # The "Individual Application" resource APIs + ###################################################### + /applications/{applicationId}: + get: + tags: + - Applications + summary: | + Get the details of an Application + description: | + This operation can be used to get the details of an application by specifying its id. + parameters: + - $ref: '#/components/parameters/applicationId' + responses: + 200: + description: | + OK. + Application details returned. + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + 400: + $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' - 500: - $ref: '#/components/responses/InternalServerError' + 406: + $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - - apim:tier_manage - - apim:policies_import_export + - apim:app_import_export + - apim:admin_application_view x-code-samples: - lang: Curl - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/export?policyId=96077508-fd01-4fae-bc64-5de0e2baf43c&name=Bronze&type=subscription&format=YAML"' - operationId: exportThrottlingPolicy - #################################################################### - # Import Throttling Policy - #################################################################### - /throttling/policies/import: + source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b"' + + delete: + tags: + - Applications + summary: | + Delete an Application + description: | + This operation can be used to delete an application by specifying its id. + parameters: + - $ref: '#/components/parameters/applicationId' + responses: + 200: + description: | + OK. + Resource successfully deleted. + content: {} + 202: + description: | + Accepted. + The request has been accepted. + headers: + Location: + description: | + Location of the existing Application. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/WorkflowResponse' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:app_import_export + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b"' + + /applications/{applicationId}/change-settings: post: tags: - - Import Export Throttling Policy - summary: Import a Throttling Policy + - Application + operationId: updateApplicationSettings + summary: Update Application Settings description: | - This operation can be used to import a Throttling Policy + This operation allows updating one or more settings of an application. parameters: - - name: overwrite + - $ref: '#/components/parameters/applicationId' + requestBody: + required: true + content: + application/json: + schema: + $ref: '#/components/schemas/ApplicationUpdateRequest' + responses: + 200: + description: Application updated successfully + content: + application/json: + schema: + $ref: '#/components/schemas/Application' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:app_settings_change + x-code-samples: + - lang: Curl + source: | + curl -k -X POST \ + -H "Authorization: Bearer " \ + -H "Content-Type: application/json" \ + -d '{ + "owner": "newOwner", + "tokenType": "JWT" + }' \ + "https://127.0.0.1:9443/api/am/admin/v4/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b" + + /applications/{applicationId}/change-owner: + post: + deprecated: true + tags: + - Application + summary: Change Application Owner + description: | + **Deprecated.** + This API will be removed in a future release. + Use `/applications/{applicationId}/change-settings` instead. + + This operation is used to change the owner of an Application. + In order to change the owner of an application, we need to pass the new application owner as a query parameter + parameters: + - name: owner in: query - description: | - Update an existing throttlingpolicy with the same name - required: false + required: true schema: - type: boolean + type: string + - $ref: '#/components/parameters/applicationId' + responses: + 200: + description: | + OK. + Application owner changed successfully. + content: {} + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:app_owner_change + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b/change-owner?owner=admin"' + + ###################################################### + # AI Service Providers resource APIs + ###################################################### + /ai-service-providers: + get: + tags: + - AIServiceProviders + summary: Get all AI Service providers + description: | + Get all AI Service providers + responses: + 200: + description: | + OK. + AI Service providers returned + content: + application/json: + schema: + $ref: '#/components/schemas/AIServiceProviderSummaryResponseList' + security: + - OAuth2Security: + - apim:admin + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers"' + operationId: getAIServiceProviders + + post: + tags: + - AIServiceProviders + summary: Add a AI Service provider + description: | + Add a new AI Service provider requestBody: + description: | + AI Service provider object that should to be added content: multipart/form-data: schema: - required: - - file - properties: - file: - type: string - description: Json File - format: binary + $ref: '#/components/schemas/AIServiceProviderRequest' required: true responses: - 200: + 201: description: | Created. - Throttling Policy Imported Successfully. - 403: - $ref: '#/components/responses/Forbidden' - 404: - $ref: '#/components/responses/NotFound' - 409: - $ref: '#/components/responses/Conflict' - 500: - $ref: '#/components/responses/InternalServerError' + Successful response with the newly created AI Service provider as entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/AIServiceProviderResponse' + 400: + $ref: '#/components/responses/BadRequest' security: - OAuth2Security: - apim:admin - - apim:tier_manage - - apim:policies_import_export + - apim:llm_provider_manage x-code-samples: - lang: Curl - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/import?overwrite=True"' - operationId: importThrottlingPolicy + source: 'curl -k -X POST -H "Authorization: Bearer " -H "Content-Type: multipart/form-data" + -F "name=AIServiceProviderName" -F "apiVersion=v1" -F "configurations={\"key\":\"value\"}" + -F "apiDefinition=@api_definition_file.json" + "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers"' + operationId: addAIServiceProvider + ###################################################### - # The "Deny Policy Collection" resource API + # The "Individual AI Service Provider" resource APIs ###################################################### - /throttling/deny-policies: - get: + /ai-service-providers/{aiServiceProviderId}: + put: tags: - - Deny Policies (Collection) - summary: Get all Deny Policies + - AIServiceProvider + summary: Update an AI Service provider description: | - Retrieves all existing deny policies. + Update a AI Service provider by AIServiceProviderId parameters: - - $ref: '#/components/parameters/Accept' - - $ref: '#/components/parameters/If-None-Match' - - $ref: '#/components/parameters/If-Modified-Since' - - name: query - in: query - description: | - **Search condition**. - You can search in attributes by using **"conditionType:"** modifier and **"conditionValue:"** modifier. - Eg. - The entry "conditionType:API" will result in a match with blocking conditions only if the conditionType is "API". Similarly, "conditionValue:test/1.0.0" will result in a match with blocking conditions only if the conditionValue is "test/1.0.0". - When you use "conditionType:API & conditionValue:test/1.0.0" as a combination, it will result in a match with blocking conditions only if both the conditionType is "API" and the conditionValue is "test/1.0.0". - If query attribute is provided, this returns the blocking conditions that match the specified attributes. - Please note that you need to use encoded URL (URL encoding) if you are using a client which does not support URL encoding (such as curl) - schema: - type: string + - $ref: '#/components/parameters/aiServiceProviderId' + requestBody: + description: | + AI Service Provider object with updated information + content: + multipart/form-data: + schema: + $ref: '#/components/schemas/AIServiceProviderRequest' + required: true responses: 200: description: | OK. - Deny Policies returned - headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). + AI Service Provider updated. + content: + application/json: schema: - type: string - Content-Type: - description: | - The content type of the body. + $ref: '#/components/schemas/AIServiceProviderResponse' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:llm_provider_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" \ + -F "name=UpdatedProviderName" \ + -F "apiVersion=v2" \ + -F "configurations={\"key\":\"value\"}" \ + -F "apiDefinition=@api_definition.json" \ + "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers/{aiServiceProviderId}"' + operationId: updateAIServiceProvider + + delete: + tags: + - AIServiceProvider + summary: Delete a AI Service Provider + description: | + Delete a AI Service Provider by aiServiceProviderId + parameters: + - $ref: '#/components/parameters/aiServiceProviderId' + responses: + 200: + description: | + OK. + AI Service provider successfully deleted. + content: { } + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + - apim:llm_provider_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' + operationId: deleteAIServiceProvider + + get: + tags: + - AIServiceProvider + summary: Get AI Service Provider + description: | + Get a AI Service Provider + parameters: + - $ref: '#/components/parameters/aiServiceProviderId' + responses: + 200: + description: | + OK. + OpenAPI specification + content: + application/json: schema: - type: string + $ref: '#/components/schemas/AIServiceProviderResponse' + security: + - OAuth2Security: + - apim:admin + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' + operationId: getAIServiceProvider + + ###################################################### + # LLM Providers resource APIs + ###################################################### + /llm-providers: + get: + deprecated: true + tags: + - LLMProviders + summary: Get all LLM providers + description: | + Get all LLM providers + responses: + 200: + description: | + OK. + LLM providers returned content: application/json: schema: - $ref: '#/components/schemas/BlockingConditionList' - 304: - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - content: {} - 406: - $ref: '#/components/responses/NotAcceptable' + $ref: '#/components/schemas/LLMProviderSummaryResponseList' security: - OAuth2Security: - apim:admin - - apim:bl_view x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/deny-policies"' + "https://127.0.0.1:9443/api/am/admin/v4/llm-providers"' + operationId: getLLMProviders post: + deprecated: true tags: - - Deny Policies (Collection) - summary: Add a deny policy + - LLMProviders + summary: Add a LLM provider description: | - Adds a new deny policy - parameters: - - $ref: '#/components/parameters/Content-Type' + Add a new LLM provider requestBody: description: | - Blocking condition object that should to be added + LLM provider object that should to be added content: - application/json: + multipart/form-data: schema: - $ref: '#/components/schemas/BlockingCondition' + required: + - name + - apiVersion + - configurations + - apiDefinition + $ref: '#/components/schemas/LLMProviderRequest' required: true responses: 201: description: | Created. - Successful response with the newly created object as entity in the body. - Location header contains URL of newly created entity. - headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Location: - description: | - Location of the newly created resource. - schema: - type: string - Content-Type: - description: | - The content type of the body. - schema: - type: string + Successful response with the newly created LLM provider as entity in the body. content: application/json: schema: - $ref: '#/components/schemas/BlockingCondition' + $ref: '#/components/schemas/LLMProviderResponse' 400: $ref: '#/components/responses/BadRequest' - 415: - $ref: '#/components/responses/UnsupportedMediaType' security: - OAuth2Security: - apim:admin - - apim:bl_manage + - apim:llm_provider_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/deny-policies"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/llm-providers"' + operationId: addLLMProvider ###################################################### - # The "Individual Deny Policy" resource API + # The "Individual LLM Provider" resource APIs ###################################################### - /throttling/deny-policy/{conditionId}: - get: + /llm-providers/{llmProviderId}: + put: + deprecated: true tags: - - Deny Policy (Individual) - summary: Get a Deny Policy + - LLMProvider + summary: Update an LLM provider description: | - Retrieves a Deny policy providing the condition Id + Update a LLM provider by LLMProviderId parameters: - - $ref: '#/components/parameters/conditionId' - - $ref: '#/components/parameters/If-None-Match' - - $ref: '#/components/parameters/If-Modified-Since' + - $ref: '#/components/parameters/llmProviderId' + requestBody: + description: | + LLM Provider object with updated information + content: + multipart/form-data: + schema: + required: + - apiDefinition + $ref: '#/components/schemas/LLMProviderRequest' + required: true responses: 200: description: | OK. - Condition returned - headers: - ETag: - description: | - Entity Tag of the response resource. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Last-Modified: - description: | - Date and time the resource has been modifed the last time. - Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Content-Type: - description: | - The content type of the body. - schema: - type: string + LLM Provider updated. content: application/json: schema: - $ref: '#/components/schemas/BlockingCondition' - 304: - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - content: {} + $ref: '#/components/schemas/LLMProviderResponse' + 400: + $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' - 406: - $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - - apim:bl_view + - apim:llm_provider_manage x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' + operationId: updateLLMProvider delete: + deprecated: true tags: - - Deny Policy (Individual) - summary: Delete a Deny Policy + - LLMProvider + summary: Delete a LLM Provider description: | - Deletes an existing deny policy + Delete a LLM Provider by llmProviderId parameters: - - $ref: '#/components/parameters/conditionId' - - $ref: '#/components/parameters/If-Match' - - $ref: '#/components/parameters/If-Unmodified-Since' + - $ref: '#/components/parameters/llmProviderId' responses: 200: description: | OK. - Resource successfully deleted. - content: {} + LLM provider successfully deleted. + content: { } 404: $ref: '#/components/responses/NotFound' - 412: - $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:admin - - apim:bl_manage + - apim:llm_provider_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' - - patch: - tags: - - Deny Policy (Individual) - summary: Update a Deny Policy - description: | - Update a deny policy by Id - parameters: - - $ref: '#/components/parameters/conditionId' - - $ref: '#/components/parameters/Content-Type' - - $ref: '#/components/parameters/If-Match' - - $ref: '#/components/parameters/If-Unmodified-Since' - requestBody: - description: | - Blocking condition with updated status - content: - application/json: - schema: - $ref: '#/components/schemas/BlockingConditionStatus' - required: true - responses: - 200: - description: | - OK. - Resource successfully updated. - content: - application/json: - schema: - $ref: '#/components/schemas/BlockingCondition' - 400: - $ref: '#/components/responses/BadRequest' - 404: - $ref: '#/components/responses/NotFound' - security: - - OAuth2Security: - - apim:admin - - apim:bl_manage - x-code-samples: - - lang: Shell - source: 'curl -k -X PATCH -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/throttling/policies/deny-policy/b513eb68-69e8-4c32-92cf-852c101363c"' + "https://127.0.0.1:9443/api/am/admin/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' + operationId: deleteLLMProvider - ###################################################### - # The "Application Collection" resource APIs - ###################################################### - /applications: get: tags: - - Application (Collection) - summary: | - Retrieve/Search Applications + - LLMProvider + summary: Get LLM Provider description: | - This operation can be used to retrieve list of applications owned by the given user, If no user - is provided, the applications owned by the user associated with the provided access token will be returned. + Get a LLM Provider parameters: - - $ref: '#/components/parameters/user' - - $ref: '#/components/parameters/limit' - - $ref: '#/components/parameters/offset' - - $ref: '#/components/parameters/Accept' - - $ref: '#/components/parameters/If-None-Match' - - name: name - in: query - description: | - Application Name - schema: - type: string - - name: tenantDomain - in: query - description: | - Tenant domain of the applications to get. This has to be specified only if it is required to get applications of - a tenant other than the requester's tenant. So, if not specified, the default will be set as the - requester's tenant domain. This cross tenant Application access is allowed only for super tenant admin - users **only at a migration process**. - schema: - type: string + - $ref: '#/components/parameters/llmProviderId' responses: 200: description: | OK. - Application list returned. - headers: - Content-Type: - description: | - The content type of the body. - schema: - type: string + OpenAPI specification content: application/json: schema: - $ref: '#/components/schemas/ApplicationList' - 304: - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - content: {} - 400: - $ref: '#/components/responses/BadRequest' - 406: - $ref: '#/components/responses/NotAcceptable' + $ref: '#/components/schemas/LLMProviderResponse' security: - OAuth2Security: - apim:admin - - apim:app_owner_change - - apim:app_import_export x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/applications"' + "https://127.0.0.1:9443/api/am/admin/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' + operationId: getLLMProvider ###################################################### - # The "Individual Application" resource APIs + # The "Environment" resource API ###################################################### - /applications/{applicationId}: - delete: + /environments: + get: tags: - - Applications - summary: | - Delete an Application + - Environments + summary: Get all registered Environments description: | - This operation can be used to delete an application by specifying its id. - parameters: - - $ref: '#/components/parameters/applicationId' - - $ref: '#/components/parameters/If-Match' - responses: - 200: - description: | - OK. - Resource successfully deleted. - content: {} - 202: + Get all Registered Environments + responses: + 200: description: | - Accepted. - The request has been accepted. - headers: - Location: - description: | - Location of the existing Application. - schema: - type: string + OK. + Environments returned content: application/json: schema: - $ref: '#/components/schemas/WorkflowResponse' - 404: - $ref: '#/components/responses/NotFound' - 412: - $ref: '#/components/responses/PreconditionFailed' + $ref: '#/components/schemas/EnvironmentList' security: - OAuth2Security: - apim:admin - - apim:app_import_export + - apim:environment_read x-code-samples: - - lang: Shell - source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b"' + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/environments"' - /applications/{applicationId}/change-owner: post: tags: - - Application - summary: Change Application Owner + - Environments + summary: Add an Environment description: | - This operation is used to change the owner of an Application. - In order to change the owner of an application, we need to pass the new application owner as a query parameter - parameters: - - name: owner - in: query - required: true - schema: - type: string - - $ref: '#/components/parameters/applicationId' + Add a new gateway environment + requestBody: + description: | + Environment object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' + required: true responses: - 200: + 201: description: | - OK. - Application owner changed successfully. - content: {} + Created. + Successful response with the newly created environment as entity in the body. + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' 400: $ref: '#/components/responses/BadRequest' - 404: - $ref: '#/components/responses/NotFound' - 412: - $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:admin - - apim:app_owner_change + - apim:environment_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/applications/0a043c2b-ee75-4ef3-9e1c-fc2610ccfa8b/change-owner?owner=admin"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/environments"' ###################################################### - # Export Resource API + # The "Individual Environment" resource APIs ###################################################### - /export/applications: + /environments/{environmentId}: get: tags: - - Application (Individual) - summary: Export an Application + - Environments + summary: Get a Gateway Environment Configuration description: | - This operation can be used to export the details of a particular application as a zip file. + Retrieve a single Gateway Environment Configuration. We should provide the Id of the Environment as a path parameter. parameters: - - name: appName - in: query - description: | - Application Name - required: true - schema: - type: string - - name: appOwner - in: query - description: | - Owner of the Application - required: true - schema: - type: string - - name: withKeys - in: query - description: | - Export application keys - schema: - type: boolean + - $ref: '#/components/parameters/environmentId' responses: 200: description: | OK. - Export Successful. + Gateway Environment Configuration returned headers: Content-Type: description: | @@ -2269,14 +2182,7 @@ paths: content: application/json: schema: - type: string - format: binary - application/zip: - schema: - type: string - format: binary - 400: - $ref: '#/components/responses/BadRequest' + $ref: '#/components/schemas/Environment' 404: $ref: '#/components/responses/NotFound' 406: @@ -2284,218 +2190,88 @@ paths: security: - OAuth2Security: - apim:admin - - apim:app_import_export + - apim:environment_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/export/applications?appName=sampleApp&appOwner=admin&withKeys=true" - > exported-application.zip' - - /export/api: - get: + "https://127.0.0.1:9443/api/am/admin/v4/environments/8d263942-a6df-4cc2-a804-7a2525501450"' + put: tags: - - API (Individual) - summary: Export an API + - Environments + summary: Update an Environment description: | - This operation can be used to export the details of a particular API as a zip file. + Update a gateway Environment by environment Id parameters: - - name: name - in: query - description: | - API Name - required: true - schema: - type: string - - name: version - in: query - description: | - Version of the API - required: true - schema: - type: string - - name: providerName - in: query - description: | - Provider name of the API - schema: - type: string - - name: format - in: query - description: | - Format of output documents. Can be YAML or JSON. - schema: - type: string - enum: - - JSON - - YAML - - name: preserveStatus - in: query - description: | - Preserve API Status on export - schema: - type: boolean + - $ref: '#/components/parameters/environmentId' + requestBody: + description: | + Environment object with updated information + content: + application/json: + schema: + $ref: '#/components/schemas/Environment' + required: true responses: 200: description: | OK. - Export Successful. - headers: - Content-Type: - description: | - The content type of the body. - schema: - type: string + Environment updated. content: - application/zip: + application/json: schema: - type: string - format: binary + $ref: '#/components/schemas/Environment' + 400: + $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' - 500: - $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:api_import_export + - apim:environment_manage x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/export/api?name=PizzaShackAPI&version=1.0.0&providerName=admin&format=YAML&preserveStatus=true" - > exportAPI.zip' + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/environments/d7cf8523-9180-4255-84fa-6cb171c1f779"' - /export/api-product: - get: + delete: tags: - - API Product (Individual) - summary: Export an API Product + - Environments + summary: Delete an Environment description: | - This operation can be used to export the details of a particular API Product as a zip file. + Delete a Environment by Environment Id parameters: - - name: name - in: query - description: | - API Product Name - required: true - schema: - type: string - - name: version - in: query - description: | - Version of the API Product - required: true - schema: - type: string - - name: providerName - in: query - description: | - Provider name of the API Product - schema: - type: string - - name: format - in: query - description: | - Format of output documents. Can be YAML or JSON. - schema: - type: string - enum: - - JSON - - YAML - - name: preserveStatus - in: query - description: | - Preserve API Product Status on export - schema: - type: boolean + - $ref: '#/components/parameters/environmentId' responses: 200: description: | OK. - Export Successful. - headers: - Content-Type: - description: | - The content type of the body. - schema: - type: string - content: - application/zip: - schema: - type: string - format: binary + Environment successfully deleted. + content: {} 404: $ref: '#/components/responses/NotFound' - 500: - $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:api_product_import_export + - apim:environment_manage x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/export/api-product?name=PizzaShackAPIProduct&version=1.0.0&providerName=admin&format=YAML&preserveStatus=true" - > exportAPIProduct.zip' + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/environments/d7cf8523-9180-4255-84fa-6cb171c1f779"' - ###################################################### - # Import Resource API - ###################################################### - /import/applications: - post: + /environments/{environmentId}/gateways: + get: tags: - - Application (Individual) - summary: Import an Application + - Environments + summary: Get Gateway Instances in a Gateway Environment description: | - This operation can be used to import an application. - parameters: - - name: preserveOwner - in: query - description: | - Preserve Original Creator of the Application - schema: - type: boolean - - name: skipSubscriptions - in: query - description: | - Skip importing Subscriptions of the Application - schema: - type: boolean - - name: appOwner - in: query - description: | - Expected Owner of the Application in the Import Environment - schema: - type: string - - name: skipApplicationKeys - in: query - description: | - Skip importing Keys of the Application - schema: - type: boolean - - name: update - in: query - description: | - Update if application exists - schema: - type: boolean - requestBody: - content: - multipart/form-data: - schema: - required: - - file - properties: - file: - type: string - description: | - Zip archive consisting of exported Application Configuration. - format: binary - required: true + Retrieve list of gateway Instances in the gateway environment. + parameters: + - $ref: '#/components/parameters/environmentId' responses: 200: description: | OK. - Successful response with the updated object information as entity in the body. + List of gateway Instances in the gateway environment returned headers: Content-Type: description: | @@ -2505,243 +2281,278 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/ApplicationInfo' - 207: - description: | - Multi Status. - Partially successful response with skipped APIs information object as entity in the body. - content: - application/json: - schema: - $ref: '#/components/schemas/APIInfoList' + $ref: '#/components/schemas/GatewayInstanceList' 400: $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' 406: $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - - apim:app_import_export + - apim:environment_read x-code-samples: - - lang: Shell - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -F file=@exported-application.zip "https://127.0.0.1:9443/api/am/admin/v4/import/applications?preserveOwner=true&skipSubscriptions=false&appOwner=admin&skipApplicationKeys=false&update=true"' + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/environments/8d263942-a6df-4cc2-a804-7a2525501450/gateways"' - /import/api: - post: + ###################################################### + # The "Platform Gateways" resource API (platform / self-hosted gateway registration) + ###################################################### + /gateways: + get: + operationId: getPlatformGateways tags: - - API (Individual) - summary: Import an API + - Platform Gateways + summary: Get all platform gateways description: | - This operation can be used to import an API. - parameters: - - name: preserveProvider - in: query - description: | - Preserve Original Provider of the API. This is the user choice to keep or replace the API provider. - schema: - type: boolean - - name: overwrite - in: query + Get all registered platform gateways for the organization. + responses: + 200: description: | - Whether to update the API or not. This is used when updating already existing APIs. - schema: - type: boolean + OK. + List of platform gateways returned (without registration tokens). + content: + application/json: + schema: + $ref: '#/components/schemas/GatewayList' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/gateways"' + post: + operationId: createPlatformGateway + tags: + - Platform Gateways + summary: Register a platform gateway + description: | + Register a new platform gateway. A registration token is generated and returned + once in the response; store it (e.g. as GATEWAY_CONTROL_PLANE_TOKEN in Docker Compose) for the + gateway to connect to the control plane WebSocket. The token is stored hashed and cannot be retrieved later. requestBody: + required: true content: - multipart/form-data: + application/json: schema: - required: - - file - properties: - file: - type: string - description: | - Zip archive consisting on exported api configuration - format: binary - required: true + $ref: '#/components/schemas/CreatePlatformGatewayRequest' responses: - 200: + 201: description: | Created. - API Imported Successfully. - content: {} - 403: - $ref: '#/components/responses/Forbidden' + Gateway and registration token (returned once) in the response body. + content: + application/json: + schema: + $ref: '#/components/schemas/GatewayResponseWithToken' + 400: + $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' 409: $ref: '#/components/responses/Conflict' - 500: - $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:api_import_export x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -F file=@admin-PizzaShackAPI-1.0.0.zip "https://127.0.0.1:9443/api/am/admin/v4/import/api?preserveProvider=false&overwrite=false"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/gateways"' - /import/api-product: + /gateways/{gatewayId}/regenerate-token: post: + operationId: regeneratePlatformGatewayToken tags: - - API Product (Individual) - summary: Import an API Product + - Platform Gateways + summary: Regenerate registration token for a platform gateway description: | - This operation can be used to import an API Product. + Regenerate the registration token for an existing platform gateway. The old token is revoked + and a new one is generated. Store the new token (e.g. as GATEWAY_CONTROL_PLANE_TOKEN in Docker Compose) + for the gateway to reconnect to the control plane WebSocket. The token is returned only once. parameters: - - name: preserveProvider - in: query - description: | - Preserve Original Provider of the API Product. This is the user choice to keep or replace the API Product provider. - schema: - type: boolean - - name: importAPIs - in: query - description: | - Whether to import the dependent APIs or not. - schema: - type: boolean - - name: overwriteAPIProduct - in: query - description: | - Whether to update the API Product or not. This is used when updating already existing API Products. + - name: gatewayId + in: path + description: Gateway UUID + required: true schema: - type: boolean - - name: overwriteAPIs - in: query + type: string + responses: + 200: description: | - Whether to update the dependent APIs or not. This is used when updating already existing dependent APIs of an API Product. + OK. + Gateway and new registration token (returned once) in the response body. + content: + application/json: + schema: + $ref: '#/components/schemas/GatewayResponseWithToken' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/gateways/{gatewayId}/regenerate-token"' + + /gateways/{gatewayId}: + put: + operationId: updatePlatformGateway + tags: + - Platform Gateways + summary: Update a platform gateway + description: | + Update platform gateway metadata. Request body must include all updatable fields (displayName, + description, properties, permissions). Name and vhost cannot be changed. UI should send + the full resource representation to align with PUT semantics. + parameters: + - name: gatewayId + in: path + description: Gateway UUID + required: true schema: - type: boolean + type: string requestBody: + required: true content: - multipart/form-data: + application/json: schema: - required: - - file - properties: - file: - type: string - description: | - Zip archive consisting on exported API Product configuration - format: binary - required: true + $ref: '#/components/schemas/UpdatePlatformGatewayRequest' responses: 200: - description: | - Created. - API Product Imported Successfully. - content: {} - 403: - $ref: '#/components/responses/Forbidden' + description: OK. Updated platform gateway in the response body. + content: + application/json: + schema: + $ref: '#/components/schemas/PlatformGatewayResponse' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + security: + - OAuth2Security: + - apim:admin + delete: + operationId: deletePlatformGateway + tags: + - Platform Gateways + summary: Delete a platform gateway + description: | + Delete a platform gateway and all its references (tokens, instance mappings, revision deployment + records, gateway environment, permissions). Fails with 409 if any API revisions are currently + deployed to this gateway; undeploy all APIs from the gateway first. + parameters: + - name: gatewayId + in: path + description: Gateway UUID + required: true + schema: + type: string + responses: + 200: + description: OK. Gateway and all references removed. 404: $ref: '#/components/responses/NotFound' 409: - $ref: '#/components/responses/Conflict' - 500: - $ref: '#/components/responses/InternalServerError' + description: Conflict. Cannot delete gateway while API revisions are deployed to it. + content: + application/json: + schema: + $ref: '#/components/schemas/Error' security: - OAuth2Security: - apim:admin - - apim:api_product_import_export - x-code-samples: - - lang: Shell - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -F file=@exportAPIProduct.zip "https://127.0.0.1:9443/api/am/admin/v4/import/api-product?preserveProvider=false&overwriteAPIProduct=false&overwriteAPIs=false&importAPIs=false"' ###################################################### - # The "Label" resource API + # The "Organizations" resource API ###################################################### - /labels: + /organizations: get: tags: - - Label Collection - summary: Get all registered Labels + - Organizations + summary: Get all registered Organizations description: | - Get all Registered Labels + Get all Registered Organizations responses: 200: description: | OK. - Labels returned + Organizations returned content: application/json: schema: - $ref: '#/components/schemas/LabelList' + $ref: '#/components/schemas/OrganizationList' security: - OAuth2Security: - apim:admin - - apim:label_read + - apim:organization_read x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/labels"' + "https://127.0.0.1:9443/api/am/admin/v4/organizations"' post: tags: - - Label - summary: Add a Label + - Organizations + summary: Add an Organizations description: | - Add a new gateway label + Add a new organization requestBody: description: | - Label object that should to be added + Organization object that should to be added content: application/json: schema: - $ref: '#/components/schemas/Label' + $ref: '#/components/schemas/Organization' required: true responses: 201: description: | Created. - Successful response with the newly created object as entity in the body. + Successful response with the newly created organization as entity in the body. content: application/json: schema: - $ref: '#/components/schemas/Label' + $ref: '#/components/schemas/Organization' 400: $ref: '#/components/responses/BadRequest' security: - OAuth2Security: - apim:admin - - apim:label_manage + - apim:organization_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/labels"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/organizations"' ###################################################### - # The "Individual label" resource APIs + # The "Individual Environment" resource APIs ###################################################### - /labels/{labelId}: - put: + /organizations/{organizationId}: + get: tags: - - Label - summary: Update a Label + - Organizations + summary: Get an Organization description: | - Update a Label by label Id + Get an organization by organization Id parameters: - - $ref: '#/components/parameters/labelId' - requestBody: - description: | - Label object with updated information - content: - application/json: - schema: - $ref: '#/components/schemas/Label' - required: true + - $ref: '#/components/parameters/organizationId' responses: 200: description: | OK. - Label updated. + Organization. content: application/json: schema: - $ref: '#/components/schemas/Label' + $ref: '#/components/schemas/Organization' 400: $ref: '#/components/responses/BadRequest' 404: @@ -2749,300 +2560,338 @@ paths: security: - OAuth2Security: - apim:admin - - apim:label_manage + - apim:organization_read x-code-samples: - - lang: Shell - source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/labels/d7cf8523-9180-4255-84fa-6cb171c1f779"' - - delete: + - lang: Curl + source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' + put: tags: - - Label - summary: Delete a Label + - Organizations + summary: Update an Organization description: | - Delete a Label by label Id + Update an organization by organization Id parameters: - - $ref: '#/components/parameters/labelId' - - $ref: '#/components/parameters/If-Match' - - $ref: '#/components/parameters/If-Unmodified-Since' + - $ref: '#/components/parameters/organizationId' + requestBody: + description: | + Organization object with updated information + content: + application/json: + schema: + $ref: '#/components/schemas/Organization' + required: true responses: 200: description: | OK. - Label successfully deleted. - content: {} + Organization updated. + content: + application/json: + schema: + $ref: '#/components/schemas/Organization' + 400: + $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - - apim:label_manage + - apim:organization_manage x-code-samples: - - lang: Shell - source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/labels/d7cf8523-9180-4255-84fa-6cb171c1f779"' - - ###################################################### - # AI Service Providers resource APIs - ###################################################### - /ai-service-providers: - get: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' + + delete: tags: - - AIServiceProviders - summary: Get all AI Service providers + - Organizations + summary: Delete an Organization description: | - Get all AI Service providers + Delete an organization by organization Id + parameters: + - $ref: '#/components/parameters/organizationId' responses: 200: description: | OK. - AI Service providers returned - content: - application/json: - schema: - $ref: '#/components/schemas/AIServiceProviderSummaryResponseList' + Organization successfully deleted. + content: {} + 404: + $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin + - apim:organization_manage x-code-samples: - lang: Curl - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers"' - operationId: getAIServiceProviders + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' - post: + /me/organization-information: + get: tags: - - AIServiceProviders - summary: Add a AI Service provider + - Users + summary: Get the Organization information of the user description: | - Add a new AI Service provider - requestBody: - description: | - AI Service provider object that should to be added - content: - multipart/form-data: - schema: - $ref: '#/components/schemas/AIServiceProviderRequest' - required: true + Using this operation, logged-in user can get their organization information. + operationId: organizationInformation responses: - 201: + 200: description: | - Created. - Successful response with the newly created AI Service provider as entity in the body. + OK. + Key Manager list returned content: application/json: schema: - $ref: '#/components/schemas/AIServiceProviderResponse' + $ref: '#/components/schemas/OrganizationInfo' 400: $ref: '#/components/responses/BadRequest' security: - OAuth2Security: - apim:admin - - apim:llm_provider_manage + - apim:admin_settings x-code-samples: - lang: Curl - source: 'curl -k -X POST -H "Authorization: Bearer " -H "Content-Type: multipart/form-data" - -F "name=AIServiceProviderName" -F "apiVersion=v1" -F "configurations={\"key\":\"value\"}" - -F "apiDefinition=@api_definition_file.json" - "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers"' - operationId: addAIServiceProvider - + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/publisher/v4/me/organization"' ###################################################### - # The "Individual AI Service Provider" resource APIs + # The Bot Detection Data API resources ###################################################### - /ai-service-providers/{aiServiceProviderId}: - put: + /bot-detection-data: + get: tags: - - AIServiceProvider - summary: Update an AI Service provider + - Bot Detection Data + summary: | + Get all Bot Detected Data description: | - Update a AI Service provider by AIServiceProviderId - parameters: - - $ref: '#/components/parameters/aiServiceProviderId' - requestBody: - description: | - AI Service Provider object with updated information - content: - multipart/form-data: - schema: - $ref: '#/components/schemas/AIServiceProviderRequest' - required: true + Get all bot detected data + operationId: getBotDetectionData responses: 200: description: | OK. - AI Service Provider updated. + Bot detected data returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string content: application/json: schema: - $ref: '#/components/schemas/AIServiceProviderResponse' - 400: - $ref: '#/components/responses/BadRequest' + $ref: '#/components/schemas/BotDetectionDataList' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - - apim:llm_provider_manage + - apim:bot_data x-code-samples: - lang: Curl - source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" \ - -F "name=UpdatedProviderName" \ - -F "apiVersion=v2" \ - -F "configurations={\"key\":\"value\"}" \ - -F "apiDefinition=@api_definition.json" \ - "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers/{aiServiceProviderId}"' - operationId: updateAIServiceProvider + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/bot-detection-data"' - delete: + ###################################################### + # The "Monetization" resource APIs + ###################################################### + /monetization/publish-usage: + post: tags: - - AIServiceProvider - summary: Delete a AI Service Provider + - Monetization (Collection) + summary: Publish Usage Records description: | - Delete a AI Service Provider by aiServiceProviderId - parameters: - - $ref: '#/components/parameters/aiServiceProviderId' + Publish usage records of monetized APIs responses: 200: - description: | - OK. - AI Service provider successfully deleted. - content: { } + description: Usage records successfully published. + content: + application/json: + schema: + $ref: '#/components/schemas/PublishStatus' + 202: + description: Request is sucessfully accepted for processing. + content: + application/json: + schema: + $ref: '#/components/schemas/PublishStatus' 404: $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:llm_provider_manage + - apim:monetization_usage_publish x-code-samples: - lang: Curl - source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' - operationId: deleteAIServiceProvider + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/monetization/publish-usage"' + /monetization/publish-usage/status: get: tags: - - AIServiceProvider - summary: Get AI Service Provider + - Monetization (Collection) + summary: Get the Status of Monetization Usage Publisher description: | - Get a AI Service Provider - parameters: - - $ref: '#/components/parameters/aiServiceProviderId' + Get the status of monetization usage publisher responses: 200: description: | OK. - OpenAPI specification + Status returned content: application/json: schema: - $ref: '#/components/schemas/AIServiceProviderResponse' + $ref: '#/components/schemas/MonetizationUsagePublishInfo' security: - OAuth2Security: - apim:admin + - apim:monetization_usage_publish x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/ai-service-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' - operationId: getAIServiceProvider + "https://127.0.0.1:9443/api/am/admin/v4/monetization/publish-usage/status"' ###################################################### - # LLM Providers resource APIs + # The "Workflow Collection" resource APIs ###################################################### - /llm-providers: + /workflows: get: tags: - - LLMProviders - summary: Get all LLM providers + - Workflow (Collection) + summary: | + Retrieve All Pending Workflow Processes description: | - Get all LLM providers + This operation can be used to retrieve list of workflow pending processes. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/Accept' + - name: workflowType + in: query + description: | + We need to show the values of each workflow process separately .for that we use workflow type. + Workflow type can be AM_APPLICATION_CREATION, AM_SUBSCRIPTION_CREATION, AM_USER_SIGNUP, AM_APPLICATION_REGISTRATION_PRODUCTION, AM_APPLICATION_REGISTRATION_SANDBOX. + schema: + type: string + enum: + - AM_APPLICATION_CREATION + - AM_SUBSCRIPTION_CREATION + - AM_USER_SIGNUP + - AM_APPLICATION_REGISTRATION_PRODUCTION + - AM_APPLICATION_REGISTRATION_SANDBOX + - AM_SUBSCRIPTION_DELETION + - AM_APPLICATION_DELETION + - AM_API_STATE + - AM_API_PRODUCT_STATE + - AM_REVISION_DEPLOYMENT responses: 200: description: | OK. - LLM providers returned + Workflow pendding process list returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string content: application/json: schema: - $ref: '#/components/schemas/LLMProviderSummaryResponseList' + $ref: '#/components/schemas/WorkflowList' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin + - apim:api_workflow_view x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/llm-providers"' + "https://127.0.0.1:9443/api/am/admin/v4/workflows"' - post: + /workflows/{externalWorkflowRef}: + get: tags: - - LLMProviders - summary: Add a LLM provider + - Workflows (Individual) + summary: | + Get Pending Workflow Details by External Workflow Reference description: | - Add a new LLM provider - requestBody: - description: | - LLM provider object that should to be added - content: - multipart/form-data: - schema: - required: - - name - - apiVersion - - configurations - - apiDefinition - $ref: '#/components/schemas/LLMProviderRequest' - required: true + Using this operation, you can retrieve complete details of a pending workflow request that either belongs to application creation, application subscription, application registration, api state change, user self sign up.. You need to provide the External_Workflow_Reference of the workflow Request to retrive it. + parameters: + - name: externalWorkflowRef + in: path + description: | + from the externel workflow reference we decide what is the the pending request that the are requesting. + required: true + schema: + type: string responses: - 201: + 200: description: | - Created. - Successful response with the newly created LLM provider as entity in the body. + OK. + Requested Workflow Pending is returned content: - application/json: - schema: - $ref: '#/components/schemas/LLMProviderResponse' - 400: - $ref: '#/components/responses/BadRequest' + application/json: + schema: + $ref: '#/components/schemas/WorkflowInfo' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource. + content: {} + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - - apim:llm_provider_manage + - apim:api_workflow_view x-code-samples: - lang: Curl - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/llm-providers"' + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/workflows/c43a325c-260b-4302-81cb-768eafaa3aed"' - ###################################################### - # The "Individual LLM Provider" resource APIs - ###################################################### - /llm-providers/{llmProviderId}: - put: + /workflows/update-workflow-status: + post: tags: - - LLMProvider - summary: Update an LLM provider + - Workflows (Individual) + summary: Update Workflow Status description: | - Update a LLM provider by LLMProviderId + This operation can be used to approve or reject a workflow task. parameters: - - $ref: '#/components/parameters/llmProviderId' + - $ref: '#/components/parameters/workflowReferenceId-Q' requestBody: description: | - LLM Provider object with updated information + Workflow event that need to be updated content: - multipart/form-data: + application/json: schema: - required: - - apiDefinition - $ref: '#/components/schemas/LLMProviderRequest' + $ref: '#/components/schemas/Workflow' required: true responses: 200: description: | OK. - LLM Provider updated. + Workflow request information is returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string content: application/json: schema: - $ref: '#/components/schemas/LLMProviderResponse' + $ref: '#/components/schemas/Workflow' 400: $ref: '#/components/responses/BadRequest' 404: @@ -3050,103 +2899,151 @@ paths: security: - OAuth2Security: - apim:admin - - apim:llm_provider_manage + - apim:api_workflow_approve x-code-samples: - lang: Curl - source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/workflows/update-workflow-status?workflowReferenceId=56e3a170-a7a7-45f8-b051-7e43a58a67e1"' - delete: + ###################################################### + # The Tenant Info resource API + ###################################################### + /tenant-info/{username}: + get: tags: - - LLMProvider - summary: Delete a LLM Provider + - Tenants + summary: | + Get Tenant Id of User description: | - Delete a LLM Provider by llmProviderId + This operation is to get tenant id of the provided user + operationId: getTenantInfoByUsername parameters: - - $ref: '#/components/parameters/llmProviderId' + - name: username + in: path + description: | + The state represents the current state of the tenant. Supported states are [ active, inactive] + required: true + schema: + type: string + default: john responses: 200: description: | OK. - LLM provider successfully deleted. - content: { } + Tenant id of the user retrieved. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/TenantInfo' 404: $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - - apim:llm_provider_manage + - apim:tenantInfo x-code-samples: - lang: Curl - source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/tenant-info/john"' + ###################################################### + # The Custom URL Info resource API + ###################################################### + /custom-urls/{tenantDomain}: get: tags: - - LLMProvider - summary: Get LLM Provider + - Tenants + summary: | + Get Custom URL Info of a Tenant Domain description: | - Get a LLM Provider + This operation is to get custom-url information of the provided tenant-domain + operationId: getCustomUrlInfoByTenantDomain parameters: - - $ref: '#/components/parameters/llmProviderId' + - name: tenantDomain + in: path + description: | + The tenant domain name. + required: true + schema: + type: string responses: 200: description: | OK. - OpenAPI specification + Custom url info of the tenant is retrieved. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string content: application/json: schema: - $ref: '#/components/schemas/LLMProviderResponse' + $ref: '#/components/schemas/CustomUrlInfo' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin + - apim:tenantInfo x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/llm-providers/a2f1e643-9b2a-4f58-bd7a-8c2d3f1e9d6f"' + "https://127.0.0.1:9443/api/am/admin/v4/custom-urls/wso2.com"' ###################################################### - # The "Environment" resource API + # The "Category Collection" resource API ###################################################### - /environments: + /api-categories: get: tags: - - Environment Collection - summary: Get all registered Environments + - API Category (Collection) + summary: Get all API Categories description: | - Get all Registered Environments + Get all API categories responses: 200: description: | OK. - Environments returned + Categories returned content: application/json: schema: - $ref: '#/components/schemas/EnvironmentList' + $ref: '#/components/schemas/APICategoryList' security: - OAuth2Security: - apim:admin - - apim:environment_read + - apim:admin_operations + - apim:api_category x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/environments"' + "https://127.0.0.1:9443/api/am/admin/v4/api-categories"' post: tags: - - Environment - summary: Add an Environment + - API Category (Individual) + summary: Add API Category description: | - Add a new geteway environment + Add a new API category requestBody: description: | - Environment object that should to be added + API Category object that should to be added content: application/json: schema: - $ref: '#/components/schemas/Environment' + $ref: '#/components/schemas/APICategory' required: true responses: 201: @@ -3156,47 +3053,48 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Environment' + $ref: '#/components/schemas/APICategory' 400: $ref: '#/components/responses/BadRequest' security: - OAuth2Security: - apim:admin - - apim:environment_manage + - apim:admin_operations + - apim:api_category x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/environments"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/api-categories"' ###################################################### - # The "Individual Environment" resource APIs + # The "Individual Category" resource APIs ###################################################### - /environments/{environmentId}: + /api-categories/{apiCategoryId}: put: tags: - - Environment - summary: Update an Environment + - API Category (Individual) + summary: Update an API Category description: | - Update a gateway Environment by environment Id + Update an API Category by category Id parameters: - - $ref: '#/components/parameters/environmentId' + - $ref: '#/components/parameters/apiCategoryId' requestBody: description: | - Environment object with updated information + API Category object with updated information content: application/json: schema: - $ref: '#/components/schemas/Environment' + $ref: '#/components/schemas/APICategory' required: true responses: 200: description: | OK. - Environment updated. + Label updated. content: application/json: schema: - $ref: '#/components/schemas/Environment' + $ref: '#/components/schemas/APICategory' 400: $ref: '#/components/responses/BadRequest' 404: @@ -3204,277 +3102,230 @@ paths: security: - OAuth2Security: - apim:admin - - apim:environment_manage + - apim:admin_operations + - apim:api_category x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/environments/d7cf8523-9180-4255-84fa-6cb171c1f779"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/api-categories/d7cf8523-9180-4255-84fa-6cb171c1f779"' delete: tags: - - Environment - summary: Delete an Environment + - API Category (Individual) + summary: Delete an API Category description: | - Delete a Environment by Environment Id + Delete an API Category by API Category Id parameters: - - $ref: '#/components/parameters/environmentId' + - $ref: '#/components/parameters/apiCategoryId' responses: 200: description: | OK. - Environment successfully deleted. + API Category successfully deleted. content: {} 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - - apim:environment_manage + - apim:admin_operations + - apim:api_category x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/environments/d7cf8523-9180-4255-84fa-6cb171c1f779"' + "https://127.0.0.1:9443/api/am/admin/v4/api-categories/d7cf8523-9180-4255-84fa-6cb171c1f779"' - /environments/{environmentId}/gateways: - get: - tags: - - Environments - summary: Get Gateway Instances in a Gateway Environment - description: | - Retrieve list of gateway Instances in the gateway environment. - parameters: - - $ref: '#/components/parameters/environmentId' - responses: - 200: - description: | - OK. - List of gateway Instances in the gateway environment returned - headers: - Content-Type: - description: | - The content type of the body. - schema: - type: string - content: - application/json: - schema: - $ref: '#/components/schemas/GatewayInstanceList' - 400: - $ref: '#/components/responses/BadRequest' - 404: - $ref: '#/components/responses/NotFound' - 406: - $ref: '#/components/responses/NotAcceptable' - security: - - OAuth2Security: - - apim:admin - - apim:environment_read - x-code-samples: - - lang: Curl - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" "https://127.0.0.1:9443/api/am/admin/v4/environments/8d263942-a6df-4cc2-a804-7a2525501450/gateways"' ###################################################### - # The "Organizations" resource API + # The Admin settings List ###################################################### - /organizations: + /settings: get: tags: - - Organizations - summary: Get all registered Organizations + - Settings + summary: Retreive Admin Settings description: | - Get all Registered Organizations + Retreive admin settings responses: 200: description: | OK. - Organizations returned + Settings returned content: application/json: schema: - $ref: '#/components/schemas/OrganizationList' + $ref: '#/components/schemas/Settings' + 404: + $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - - apim:organization_read + - apim:admin_settings x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/organizations"' + "https://127.0.0.1:9443/api/am/admin/v4/settings"' - post: + #################################################### + # The Admin alert management resources + #################################################### + /alert-types: + get: tags: - - Organizations - summary: Add an Organizations + - Alerts + summary: | + Get all Admin Alert Types description: | - Add a new organization - requestBody: - description: | - Organization object that should to be added - content: - application/json: - schema: - $ref: '#/components/schemas/Organization' - required: true + This operation is used to get the list of supportd alert types for the apim admin dashboard + operationId: getAdminAlertTypes responses: - 201: + 200: description: | - Created. - Successful response with the newly created organization as entity in the body. + OK. + The list of admin alert types are returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string content: application/json: schema: - $ref: '#/components/schemas/Organization' - 400: - $ref: '#/components/responses/BadRequest' + $ref: '#/components/schemas/AlertTypesList' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:organization_manage + - apim:admin_alert_manage x-code-samples: - lang: Curl - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/organizations"' + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/alert-types"' - ###################################################### - # The "Individual Environment" resource APIs - ###################################################### - /organizations/{organizationId}: + /alert-subscriptions: get: tags: - - Organizations - summary: Get an Organization + - Alert Subscriptions + summary: | + Get Subscribed Alert Types description: | - Get an organization by organization Id - parameters: - - $ref: '#/components/parameters/organizationId' + This operation is used to get the list of subscribed alert types by the user. + operationId: getSubscribedAlertTypes responses: 200: description: | OK. - Organization. + The list of subscribed alert types are returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string content: application/json: schema: - $ref: '#/components/schemas/Organization' - 400: - $ref: '#/components/responses/BadRequest' - 404: - $ref: '#/components/responses/NotFound' + $ref: '#/components/schemas/AlertsSubscription' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:organization_read + - apim:admin_alert_manage x-code-samples: - lang: Curl - source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions"' + put: tags: - - Organizations - summary: Update an Organization + - Alert Subscriptions + summary: | + Subscribe to an Admin Alert description: | - Update an organization by organization Id - parameters: - - $ref: '#/components/parameters/organizationId' + This operation is used to subscribe to admin alerts + operationId: subscribeToAlerts requestBody: - description: | - Organization object with updated information + description: The alerts list and the email list to subscribe. content: application/json: schema: - $ref: '#/components/schemas/Organization' + $ref: '#/components/schemas/AlertsSubscription' required: true responses: 200: description: | OK. - Organization updated. + Successful response with the newly subscribed alerts. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string content: application/json: schema: - $ref: '#/components/schemas/Organization' + $ref: '#/components/schemas/AlertsSubscription' 400: $ref: '#/components/responses/BadRequest' - 404: - $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:organization_manage + - apim:admin_alert_manage x-code-samples: - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions"' delete: tags: - - Organizations - summary: Delete an Organization + - Alert Subscriptions + summary: | + Unsubscribe User from all Admin Alerts description: | - Delete an organization by organization Id - parameters: - - $ref: '#/components/parameters/organizationId' + This operation is used to unsubscribe the respective user from all the admin alert types. + operationId: unsubscribeAllAlerts responses: 200: description: | OK. - Organization successfully deleted. + The user is unsubscribed from the alerts successfully. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string content: {} - 404: - $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:organization_manage + - apim:admin_alert_manage x-code-samples: - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/organizations/d7cf8523-9180-4255-84fa-6cb171c1f779"' - - /me/organization-information: - get: - tags: - - Users - summary: Get the Organization information of the user - description: | - Using this operation, logged-in user can get their organization information. - operationId: organizationInformation - responses: - 200: - description: | - OK. - Key Manager list returned - content: - application/json: - schema: - $ref: '#/components/schemas/OrganizationInfo' - 400: - $ref: '#/components/responses/BadRequest' - security: - - OAuth2Security: - - apim:admin - - apim:admin_settings - x-code-samples: - - lang: Curl - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -X POST -d @data.json "https://localhost:9443/api/am/publisher/v4/me/organization"' - - ###################################################### - # The Bot Detection Data API resources - ###################################################### - /bot-detection-data: + "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions"' + + /alert-subscriptions/bot-detection: get: tags: - - Bot Detection Data + - Bot Detection Alert Subscriptions summary: | - Get all Bot Detected Data + Get Subscriptions for Bot Detection description: | - Get all bot detected data - operationId: getBotDetectionData + Get the list of subscriptions which are subscribed to receive email alerts for bot detection + operationId: getBotDetectionAlertSubscriptions responses: 200: description: | OK. - Bot detected data returned. + The list of bot detection alert subscriptions are returned. headers: Content-Type: description: | @@ -3484,215 +3335,197 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/BotDetectionDataList' - 404: - $ref: '#/components/responses/NotFound' + $ref: '#/components/schemas/BotDetectionAlertSubscriptionList' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:bot_data + - apim:admin_alert_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/bot-detection-data"' + "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions/bot-detection"' - ###################################################### - # The "Monetization" resource APIs - ###################################################### - /monetization/publish-usage: post: tags: - - Monetization (Collection) - summary: Publish Usage Records + - Bot Detection Alert Subscriptions + summary: Subscribe for Bot Detection Alerts description: | - Publish usage records of monetized APIs + Register a subscription for bot detection alerts + operationId: subscribeForBotDetectionAlerts + requestBody: + description: | + The email to register to receive bot detection alerts + content: + application/json: + schema: + $ref: '#/components/schemas/BotDetectionAlertSubscription' + required: true responses: 200: - description: Usage records successfully published. - content: - application/json: + description: | + OK. + Bot detection alert subscription is registered successfully. + headers: + Content-Type: + description: | + The content type of the body. schema: - $ref: '#/components/schemas/PublishStatus' - 202: - description: Request is sucessfully accepted for processing. + type: string content: application/json: schema: - $ref: '#/components/schemas/PublishStatus' - 404: - $ref: '#/components/responses/NotFound' + $ref: '#/components/schemas/BotDetectionAlertSubscription' + 400: + $ref: '#/components/responses/BadRequest' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:monetization_usage_publish + - apim:admin_alert_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/monetization/publish-usage"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions/bot-detection"' - /monetization/publish-usage/status: - get: + /alert-subscriptions/bot-detection/{uuid}: + delete: tags: - - Monetization (Collection) - summary: Get the Status of Monetization Usage Publisher + - Bot Detection Alert Subscriptions + summary: Unsubscribe from bot detection alerts. description: | - Get the status of monetization usage publisher + Delete a Bot Detection Alert Subscription + operationId: unsubscribeFromBotDetectionAlerts + parameters: + - name: uuid + in: path + description: uuid of the subscription + required: true + schema: + type: string responses: 200: description: | OK. - Status returned - content: - application/json: + Bot detection alert subscription is deleted successfully. + headers: + Content-Type: + description: | + The content type of the body. schema: - $ref: '#/components/schemas/MonetizationUsagePublishInfo' + type: string + content: {} + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:monetization_usage_publish + - apim:admin_alert_manage x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/monetization/publish-usage/status"' + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions/bot-detection/7c9ee02d-37f5-4694-b99c-6d5641b28645"' ###################################################### - # The "Workflow Collection" resource APIs + # System scopes resource API ###################################################### - /workflows: + /system-scopes/{scopeName}: get: tags: - - Workflow (Collection) - summary: | - Retrieve All Pending Workflow Processes + - System Scopes + summary: Retrieve Scopes for a Particular User description: | - This operation can be used to retrieve list of workflow pending processes. + This operation will return the scope list of particular user + In order to get it, we need to pass the userId as a query parameter + operationId: systemScopesScopeNameGet parameters: - - $ref: '#/components/parameters/limit' - - $ref: '#/components/parameters/offset' - - $ref: '#/components/parameters/Accept' - - $ref: '#/components/parameters/If-None-Match' - - name: workflowType + - name: username in: query - description: | - We need to show the values of each workflow process separately .for that we use workflow type. - Workflow type can be AM_APPLICATION_CREATION, AM_SUBSCRIPTION_CREATION, AM_USER_SIGNUP, AM_APPLICATION_REGISTRATION_PRODUCTION, AM_APPLICATION_REGISTRATION_SANDBOX, AM_APPLICATION_UPDATE. schema: type: string - enum: - - AM_APPLICATION_CREATION - - AM_SUBSCRIPTION_CREATION - - AM_APPLICATION_UPDATE - - AM_USER_SIGNUP - - AM_APPLICATION_REGISTRATION_PRODUCTION - - AM_APPLICATION_REGISTRATION_SANDBOX - - AM_SUBSCRIPTION_DELETION - - AM_APPLICATION_DELETION - - AM_API_STATE - - AM_API_PRODUCT_STATE - - AM_REVISION_DEPLOYMENT + - $ref: '#/components/parameters/scopeName' responses: 200: description: | OK. - Workflow pendding process list returned. - headers: - Content-Type: - description: | - The content type of the body. - schema: - type: string + Particular scope exists for the given user. content: application/json: schema: - $ref: '#/components/schemas/WorkflowList' - 304: - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - content: {} + $ref: '#/components/schemas/ScopeSettings' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' - 406: - $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - - apim:api_workflow_view + - apim:scope_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/workflows"' + "https://127.0.0.1:9443/api/am/admin/v4/system-scopes/YXBpbTpzdWJzY3JpYmU?username=john"' - /workflows/{externalWorkflowRef}: + /system-scopes: get: tags: - - Workflows (Individual) + - System Scopes summary: | - Get Pending Workflow Details by External Workflow Reference + Get Role Scope Mappings description: | - Using this operation, you can retrieve complete details of a pending workflow request that either belongs to application creation, application subscription, application registration, api state change, user self sign up.. You need to provide the External_Workflow_Reference of the workflow Request to retrive it. - parameters: - - name: externalWorkflowRef - in: path - description: | - from the externel workflow reference we decide what is the the pending request that the are requesting. - required: true - schema: - type: string - - $ref: '#/components/parameters/If-None-Match' + This operation is used to get the list of role scope mapping from tenant-conf for the apim admin dashboard + operationId: systemScopesGet responses: 200: description: | OK. - Requested Workflow Pending is returned + The list of role scope mappings are returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string content: application/json: schema: - $ref: '#/components/schemas/WorkflowInfo' - 304: - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource. - content: {} - 404: - $ref: '#/components/responses/NotFound' - 406: - $ref: '#/components/responses/NotAcceptable' + $ref: '#/components/schemas/ScopeList' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: + - apim:scope_manage - apim:admin - - apim:api_workflow_view x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/workflows/c43a325c-260b-4302-81cb-768eafaa3aed"' + "https://127.0.0.1:9443/api/am/admin/v4/system-scopes"' - /workflows/update-workflow-status: - post: + put: tags: - - Workflows (Individual) - summary: Update Workflow Status + - System Scopes + summary: | + Update Roles For Scope description: | - This operation can be used to approve or reject a workflow task. - parameters: - - $ref: '#/components/parameters/workflowReferenceId-Q' + This operation is used to update the roles for all scopes + operationId: updateRolesForScope requestBody: description: | - Workflow event that need to be updated + Scope list object with updated scope to role mappings content: application/json: schema: - $ref: '#/components/schemas/Workflow' + $ref: '#/components/schemas/ScopeList' required: true responses: 200: description: | OK. - Workflow request information is returned. + Successful response with the newly added roles. headers: Content-Type: description: | @@ -3702,46 +3535,32 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Workflow' + $ref: '#/components/schemas/ScopeList' 400: $ref: '#/components/responses/BadRequest' - 404: - $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:api_workflow_approve + - apim:scope_manage x-code-samples: - - lang: Shell - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/workflows/update-workflow-status?workflowReferenceId=56e3a170-a7a7-45f8-b051-7e43a58a67e1"' + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/system-scopes"' - ###################################################### - # The Tenant Info resource API - ###################################################### - /tenant-info/{username}: + /system-scopes/role-aliases: get: tags: - - Tenants - summary: | - Get Tenant Id of User + - System Scopes + summary: Retrieve Role Alias Mappings description: | - This operation is to get tenant id of the provided user - operationId: getTenantInfoByUsername - parameters: - - name: username - in: path - description: | - The state represents the current state of the tenant. Supported states are [ active, inactive] - required: true - schema: - type: string - default: john + This operation can be used to retreive role alias mapping responses: 200: description: | OK. - Tenant id of the user retrieved. + The list of role mappings are returned. headers: Content-Type: description: | @@ -3751,281 +3570,370 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/TenantInfo' + $ref: '#/components/schemas/RoleAliasList' 404: $ref: '#/components/responses/NotFound' - 406: - $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - - apim:tenantInfo + - apim:scope_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/tenant-info/john"' + "https://127.0.0.1:9443/api/am/admin/v4/system-scopes/role-aliases"' - ###################################################### - # The Custom URL Info resource API - ###################################################### - /custom-urls/{tenantDomain}: - get: + put: tags: - - Tenants - summary: | - Get Custom URL Info of a Tenant Domain + - System Scopes + summary: Add a New Role Alias description: | - This operation is to get custom-url information of the provided tenant-domain - operationId: getCustomUrlInfoByTenantDomain - parameters: - - name: tenantDomain - in: path - description: | - The tenant domain name. - required: true - schema: - type: string + This operation can be used to add a new role alias mapping for system scope roles + requestBody: + description: role-alias mapping + content: + application/json: + schema: + $ref: '#/components/schemas/RoleAliasList' + required: true responses: 200: description: | OK. - Custom url info of the tenant is retrieved. - headers: - Content-Type: - description: | - The content type of the body. - schema: - type: string + Role mapping alias returned content: application/json: schema: - $ref: '#/components/schemas/CustomUrlInfo' + $ref: '#/components/schemas/RoleAliasList' + 400: + $ref: '#/components/responses/BadRequest' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:scope_manage + - apim:admin + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/system-scopes/role-aliases"' + + ###################################################### + # Roles resource APIs + ###################################################### + /roles/{roleId}: + head: + tags: + - Roles + summary: Check Whether Given Role Name already Exist + description: | + Using this operation, user can check a given role name exists or not. + operationId: validateSystemRole + parameters: + - $ref: '#/components/parameters/roleId' + responses: + 200: + description: OK. Requested role name exists. + content: {} 404: $ref: '#/components/responses/NotFound' - 406: - $ref: '#/components/responses/NotAcceptable' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:tenantInfo + - apim:role_manage x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/custom-urls/wso2.com"' + - lang: Curl + source: 'curl -k -I -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/roles/SW50ZXJuYWwvcHVibGlzaGVyCQ"' ###################################################### - # The "Category Collection" resource API + # The Tenant Theme resource APIs ###################################################### - /api-categories: + /tenant-theme: get: tags: - - API Category (Collection) - summary: Get all API Categories + - Tenant Theme + summary: Export a DevPortal Tenant Theme description: | - Get all API categories + This operation can be used to export a DevPortal tenant theme as a zip file. + operationId: exportTenantTheme responses: 200: description: | OK. - Categories returned + Tenant Theme Exported Successfully. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string content: - application/json: + application/zip: schema: - $ref: '#/components/schemas/APICategoryList' + type: string + format: binary + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:admin_operations + - apim:tenant_theme_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/api-categories"' + "https://127.0.0.1:9443/api/am/admin/v4/tenant-theme" > theme.zip' - post: + put: tags: - - API Category (Individual) - summary: Add API Category + - Tenant Theme + summary: Import a DevPortal Tenant Theme description: | - Add a new API category + This operation can be used to import a DevPortal tenant theme. + operationId: importTenantTheme requestBody: - description: | - API Category object that should to be added content: - application/json: + multipart/form-data: schema: - $ref: '#/components/schemas/APICategory' + required: + - file + properties: + file: + type: string + description: | + Zip archive consisting of tenant theme configuration + format: binary required: true responses: - 201: + 200: description: | - Created. - Successful response with the newly created object as entity in the body. + Ok. + Tenant Theme Imported Successfully. + content: {} + 403: + $ref: '#/components/responses/Forbidden' + 413: + $ref: '#/components/responses/PayloadTooLarge' + 500: + $ref: '#/components/responses/InternalServerError' + security: + - OAuth2Security: + - apim:admin + - apim:tenant_theme_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F file=@theme.zip "https://127.0.0.1:9443/api/am/admin/v4/tenant-theme"' + + ###################################################### + # Organization theme of Devportal related APIs + ###################################################### + /org-themes: + get: + operationId: getOrgThemes + summary: Retrieve UUIDs of org-theme contents + description: Returns the UUIDs of org-theme contents and their publish status. + parameters: + - name: publish + in: query + description: Filter themes based on published status + required: false + schema: + type: boolean + responses: + 200: + description: List of org themes content: application/json: schema: - $ref: '#/components/schemas/APICategory' + type: array + items: + $ref: '#/components/schemas/ContentPublishStatusResponse' + 404: + $ref: '#/components/responses/NotFound' 400: $ref: '#/components/responses/BadRequest' + 403: + $ref: '#/components/responses/Forbidden' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:admin_operations + - apim:tenant_theme_manage x-code-samples: - - lang: Shell - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/api-categories"' + - lang: Curl + source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/org-themes?publish=true"' - ###################################################### - # The "Individual Category" resource APIs - ###################################################### - /api-categories/{apiCategoryId}: - put: - tags: - - API Category (Individual) - summary: Update an API Category - description: | - Update an API Category by category Id - parameters: - - $ref: '#/components/parameters/apiCategoryId' + post: + operationId: importOrgTheme + summary: Import org theme + description: Imports a drafted zip of an org theme to APIM. requestBody: - description: | - API Category object with updated information + required: true content: - application/json: + multipart/form-data: schema: - $ref: '#/components/schemas/APICategory' - required: true + required: + - file + properties: + file: + type: string + description: | + The org-content.zip file + format: binary responses: 200: - description: | - OK. - Label updated. - content: - application/json: - schema: - $ref: '#/components/schemas/APICategory' + description: Successfully imported 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' + 403: + $ref: '#/components/responses/Forbidden' + 413: + $ref: '#/components/responses/PayloadTooLarge' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:admin_operations + - apim:tenant_theme_manage x-code-samples: - - lang: Shell - source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/api-categories/d7cf8523-9180-4255-84fa-6cb171c1f779"' + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F "file=@org-content.zip" + "https://127.0.0.1:9443/api/am/admin/v4/org-themes"' - delete: - tags: - - API Category (Individual) - summary: Delete an API Category - description: | - Delete an API Category by API Category Id + /org-themes/{id}/content: + get: + operationId: getOrgThemeContent + summary: Retrieve org theme as zip + description: Returns the org theme as a zip file for the given ID. parameters: - - $ref: '#/components/parameters/apiCategoryId' - - $ref: '#/components/parameters/If-Match' - - $ref: '#/components/parameters/If-Unmodified-Since' + - name: id + in: path + required: true + schema: + type: string responses: 200: - description: | - OK. - API Category successfully deleted. - content: {} + description: Returns the org theme zip + content: + application/zip: + schema: + type: string + format: binary 404: $ref: '#/components/responses/NotFound' + 400: + $ref: '#/components/responses/BadRequest' + 403: + $ref: '#/components/responses/Forbidden' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:admin_operations + - apim:tenant_theme_manage x-code-samples: - - lang: Shell - source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/api-categories/d7cf8523-9180-4255-84fa-6cb171c1f779"' + - lang: Curl + source: 'curl -k -X GET -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/org-themes/{id}/content" + -o org-content.zip' - ###################################################### - # The Admin settings List - ###################################################### - /settings: - get: - tags: - - Settings - summary: Retreive Admin Settings - description: | - Retreive admin settings + /org-themes/{id}: + delete: + operationId: deleteOrgTheme + summary: Delete an org theme + description: Deletes the org theme for the given ID. + parameters: + - name: id + in: path + required: true + schema: + type: string responses: 200: - description: | - OK. - Settings returned - content: - application/json: - schema: - $ref: '#/components/schemas/Settings' + description: Successfully deleted 404: $ref: '#/components/responses/NotFound' + 400: + $ref: '#/components/responses/BadRequest' + 403: + $ref: '#/components/responses/Forbidden' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:admin_settings + - apim:tenant_theme_manage x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/settings"' - - #################################################### - # The Admin alert management resources - #################################################### - /alert-types: - get: - tags: - - Alerts - summary: | - Get all Admin Alert Types - description: | - This operation is used to get the list of supportd alert types for the apim admin dashboard - operationId: getAdminAlertTypes + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/org-themes/{id}"' + + /org-themes/{id}/status: + post: + operationId: updateOrgThemeStatus + summary: Update publish status of an org theme + description: Publishes or unpublishes an org theme to the dev portal. + parameters: + - name: id + in: path + required: true + schema: + type: string + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/ContentPublishStatus" responses: 200: - description: | - OK. - The list of admin alert types are returned. - headers: - Content-Type: - description: | - The content type of the body. - schema: - type: string - content: - application/json: - schema: - $ref: '#/components/schemas/AlertTypesList' + description: Successfully updated status + 400: + $ref: '#/components/responses/BadRequest' + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:admin_alert_manage + - apim:tenant_theme_manage x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/alert-types"' + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" + -d ''{"ACTION": "PUBLISH"}'' + "https://127.0.0.1:9443/api/am/admin/v4/org-themes/{id}/status"' - /alert-subscriptions: + ###################################################### + # The Tenant config resource APIs + ###################################################### + /tenant-config: get: tags: - - Alert Subscriptions - summary: | - Get Subscribed Alert Types + - Tenant Config + summary: Export a tenant-Config. description: | - This operation is used to get the list of subscribed alert types by the user. - operationId: getSubscribedAlertTypes + This operation can be used to export a tenant-config.json used in deployment. + operationId: exportTenantConfig responses: 200: description: | OK. - The list of subscribed alert types are returned. + Tenant config Exported Successfully. headers: Content-Type: description: | @@ -4035,341 +3943,349 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/AlertsSubscription' + type: string + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:admin_alert_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions"' - + "https://127.0.0.1:9443/api/am/admin/v4/tenant-config" > tenant-config.json' put: tags: - - Alert Subscriptions - summary: | - Subscribe to an Admin Alert + - Tenant Config + summary: Update a tenant-config. description: | - This operation is used to subscribe to admin alerts - operationId: subscribeToAlerts + This operation can be used to update tenant-config. + operationId: updateTenantConfig requestBody: - description: The alerts list and the email list to subscribe. + description: tenant-config content: application/json: schema: - $ref: '#/components/schemas/AlertsSubscription' + type: string required: true responses: 200: description: | OK. - Successful response with the newly subscribed alerts. - headers: - Content-Type: - description: | - The content type of the body. - schema: - type: string + Role mapping alias returned content: application/json: schema: - $ref: '#/components/schemas/AlertsSubscription' - 400: - $ref: '#/components/responses/BadRequest' + type: object + 403: + $ref: '#/components/responses/Forbidden' + 413: + $ref: '#/components/responses/PayloadTooLarge' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:admin_alert_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions"' + "https://127.0.0.1:9443/api/am/admin/v4/tenant-config"' - delete: + ###################################################### + # The Tenant config schema resource APIs + ###################################################### + /tenant-config-schema: + get: tags: - - Alert Subscriptions - summary: | - Unsubscribe User from all Admin Alerts + - Tenant Config Schema + summary: Export a tenant-Config-Schema. description: | - This operation is used to unsubscribe the respective user from all the admin alert types. - operationId: unsubscribeAllAlerts + This operation can be used to export a tenant-config-schema.json used in deployment. + operationId: exportTenantConfigSchema responses: 200: description: | OK. - The user is unsubscribed from the alerts successfully. + Tenant config schema exported successfully. headers: Content-Type: description: | The content type of the body. schema: type: string - content: {} + content: + application/json: + schema: + type: string + 403: + $ref: '#/components/responses/Forbidden' + 404: + $ref: '#/components/responses/NotFound' 500: $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:admin_alert_manage x-code-samples: - - lang: Shell - source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions"' + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/tenant-config-schema" > tenant-config-schema.json' - /alert-subscriptions/bot-detection: + ###################################################### + # The "Key Manager Collection" resource API + ###################################################### + /key-managers: get: tags: - - Bot Detection Alert Subscriptions - summary: | - Get Subscriptions for Bot Detection + - Key Manager (Collection) + summary: Get all Key managers description: | - Get the list of subscriptions which are subscribed to receive email alerts for bot detection - operationId: getBotDetectionAlertSubscriptions + Get all Key managers responses: 200: description: | OK. - The list of bot detection alert subscriptions are returned. - headers: - Content-Type: - description: | - The content type of the body. - schema: - type: string + KeyManagers returned content: application/json: schema: - $ref: '#/components/schemas/BotDetectionAlertSubscriptionList' - 500: - $ref: '#/components/responses/InternalServerError' + $ref: '#/components/schemas/KeyManagerList' security: - OAuth2Security: - apim:admin - - apim:admin_alert_manage + - apim:admin_operations + - apim:keymanagers_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions/bot-detection"' + "https://127.0.0.1:9443/api/am/admin/v4/key-managers"' post: tags: - - Bot Detection Alert Subscriptions - summary: Subscribe for Bot Detection Alerts + - Key Manager (Collection) + summary: Add a new API Key Manager description: | - Register a subscription for bot detection alerts - operationId: subscribeForBotDetectionAlerts + Add a new API Key Manager requestBody: description: | - The email to register to receive bot detection alerts + Key Manager object that should to be added content: application/json: schema: - $ref: '#/components/schemas/BotDetectionAlertSubscription' + $ref: '#/components/schemas/KeyManager' required: true responses: - 200: + 201: description: | - OK. - Bot detection alert subscription is registered successfully. - headers: - Content-Type: - description: | - The content type of the body. - schema: - type: string + Created. + Successful response with the newly created object as entity in the body. content: application/json: schema: - $ref: '#/components/schemas/BotDetectionAlertSubscription' + $ref: '#/components/schemas/KeyManager' 400: $ref: '#/components/responses/BadRequest' - 500: - $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:admin_alert_manage + - apim:admin_operations + - apim:keymanagers_manage x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions/bot-detection"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/key-managers"' - /alert-subscriptions/bot-detection/{uuid}: - delete: + ###################################################### + # The "Individual KeyManager" resource APIs + ###################################################### + /key-managers/{keyManagerId}: + get: tags: - - Bot Detection Alert Subscriptions - summary: Unsubscribe from bot detection alerts. + - Key Manager (Individual) + summary: Get a Key Manager Configuration description: | - Delete a Bot Detection Alert Subscription - operationId: unsubscribeFromBotDetectionAlerts + Retrieve a single Key Manager Configuration. We should provide the Id of the KeyManager as a path parameter. parameters: - - name: uuid - in: path - description: uuid of the subscription - required: true - schema: - type: string + - $ref: '#/components/parameters/keyManagerId' responses: 200: description: | OK. - Bot detection alert subscription is deleted successfully. + KeyManager Configuration returned headers: Content-Type: description: | The content type of the body. schema: - type: string - content: {} + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + - apim:keymanagers_manage + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + + put: + tags: + - Key Manager (Individual) + summary: Update a Key Manager + description: | + Update a Key Manager by keyManager id + parameters: + - $ref: '#/components/parameters/keyManagerId' + requestBody: + description: | + Key Manager object with updated information + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + required: true + responses: + 200: + description: | + OK. + Label updated. + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManager' + 400: + $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' - 500: - $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:admin_alert_manage + - apim:admin_operations + - apim:keymanagers_manage x-code-samples: - - lang: Shell - source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/alert-subscriptions/bot-detection"' + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' - ###################################################### - # System scopes resource API - ###################################################### - /system-scopes/{scopeName}: - get: + delete: tags: - - System Scopes - summary: Retrieve Scopes for a Particular User + - Key Manager (Individual) + summary: Delete a Key Manager description: | - This operation will return the scope list of particular user - In order to get it, we need to pass the userId as a query parameter - operationId: systemScopesScopeNameGet + Delete a Key Manager by keyManager id parameters: - - name: username - in: query - schema: - type: string - - $ref: '#/components/parameters/scopeName' + - $ref: '#/components/parameters/keyManagerId' responses: 200: description: | OK. - Particular scope exists for the given user. - content: - application/json: - schema: - $ref: '#/components/schemas/ScopeSettings' - 400: - $ref: '#/components/responses/BadRequest' + Key Manager successfully deleted. + content: { } 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - - apim:scope_manage + - apim:admin_operations x-code-samples: - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/system-scopes/YXBpbTpzdWJzY3JpYmU?username=john"' + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' - /system-scopes: + ###################################################### + # The "Global Key Manager Collection" resource API + ###################################################### + /global-key-managers: get: tags: - - System Scopes - summary: | - Get Role Scope Mappings + - Global Key Manager (Collection) + summary: Get all Global Key managers description: | - This operation is used to get the list of role scope mapping from tenant-conf for the apim admin dashboard - operationId: systemScopesGet + Get all Global Key managers responses: 200: description: | OK. - The list of role scope mappings are returned. - headers: - Content-Type: - description: | - The content type of the body. - schema: - type: string + KeyManagers returned content: application/json: schema: - $ref: '#/components/schemas/ScopeList' - 500: - $ref: '#/components/responses/InternalServerError' + $ref: '#/components/schemas/KeyManagerList' security: - OAuth2Security: - - apim:scope_manage - apim:admin + - apim:admin_operations + - apim:keymanagers_manage x-code-samples: - lang: Shell source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/system-scopes"' + "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers"' - put: + post: tags: - - System Scopes - summary: | - Update Roles For Scope + - Global Key Manager (Collection) + summary: Add a new Global Key Manager description: | - This operation is used to update the roles for all scopes - operationId: updateRolesForScope + Add a new Global Key Manager requestBody: description: | - Scope list object with updated scope to role mappings + Key Manager object that should to be added content: application/json: schema: - $ref: '#/components/schemas/ScopeList' + $ref: '#/components/schemas/KeyManager' required: true responses: - 200: + 201: description: | - OK. - Successful response with the newly added roles. - headers: - Content-Type: - description: | - The content type of the body. - schema: - type: string + Created. + Successful response with the newly created object as entity in the body. content: application/json: schema: - $ref: '#/components/schemas/ScopeList' + $ref: '#/components/schemas/KeyManager' 400: $ref: '#/components/responses/BadRequest' - 500: - $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:scope_manage + - apim:admin_operations + - apim:keymanagers_manage x-code-samples: - lang: Shell - source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/system-scopes"' + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json + "https://127.0.0.1:9443/api/am/admin/v2/global-key-managers"' - /system-scopes/role-aliases: + ###################################################### + # The "Global Individual KeyManager" resource APIs + ###################################################### + /global-key-managers/{keyManagerId}: get: tags: - - System Scopes - summary: Retrieve Role Alias Mappings + - Global Key Manager (Individual) + summary: Get a Global Key Manager Configuration description: | - This operation can be used to retreive role alias mapping + Retrieve a single Global Key Manager Configuration. We should provide the Id of the KeyManager as a path + parameter. + parameters: + - $ref: '#/components/parameters/keyManagerId' responses: 200: description: | OK. - The list of role mappings are returned. + KeyManager Configuration returned headers: Content-Type: description: | @@ -4379,152 +4295,182 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/RoleAliasList' + $ref: '#/components/schemas/KeyManager' 404: $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - - apim:scope_manage + - apim:admin_operations + - apim:keymanagers_manage x-code-samples: - lang: Shell source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/system-scopes/role-aliases"' + "https://127.0.0.1:9443/api/am/admin/v3/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' put: tags: - - System Scopes - summary: Add a New Role Alias + - Global Key Manager (Individual) + summary: Update a Global Key Manager description: | - This operation can be used to add a new role alias mapping for system scope roles + Update a Global Key Manager by keyManager id + parameters: + - $ref: '#/components/parameters/keyManagerId' requestBody: - description: role-alias mapping + description: | + Key Manager object with updated information content: application/json: schema: - $ref: '#/components/schemas/RoleAliasList' + $ref: '#/components/schemas/KeyManager' required: true responses: 200: description: | OK. - Role mapping alias returned + Label updated. content: application/json: schema: - $ref: '#/components/schemas/RoleAliasList' + $ref: '#/components/schemas/KeyManager' 400: $ref: '#/components/responses/BadRequest' - 500: - $ref: '#/components/responses/InternalServerError' + 404: + $ref: '#/components/responses/NotFound' security: - OAuth2Security: - - apim:scope_manage - apim:admin + - apim:admin_operations + - apim:keymanagers_manage x-code-samples: - lang: Shell source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/system-scopes/role-aliases"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v3/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' - ###################################################### - # The Tenant Theme resource APIs - ###################################################### - /tenant-theme: - get: + delete: tags: - - Tenant Theme - summary: Export a DevPortal Tenant Theme + - Global Key Manager (Individual) + summary: Delete a Global Key Manager description: | - This operation can be used to export a DevPortal tenant theme as a zip file. - operationId: exportTenantTheme + Delete a Global Key Manager by keyManager id + parameters: + - $ref: '#/components/parameters/keyManagerId' responses: 200: description: | OK. - Tenant Theme Exported Successfully. - headers: - Content-Type: - description: | - The content type of the body. - schema: - type: string - content: - application/zip: - schema: - type: string - format: binary - 403: - $ref: '#/components/responses/Forbidden' + Key Manager successfully deleted. + content: {} 404: $ref: '#/components/responses/NotFound' - 500: - $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:tenant_theme_manage + - apim:admin_operations + - apim:keymanagers_manage x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/tenant-theme" > theme.zip' + - lang: Curl + source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' - put: + /key-managers/discover: + post: tags: - - Tenant Theme - summary: Import a DevPortal Tenant Theme + - Key Manager (Collection) + summary: Retrieve Well-known information from Key Manager Well-known Endpoint description: | - This operation can be used to import a DevPortal tenant theme. - operationId: importTenantTheme + Retrieve well-known information from key manager's well-known endpoint requestBody: content: multipart/form-data: schema: - required: - - file properties: - file: + url: + type: string + description: Well-Known Endpoint + type: type: string description: | - Zip archive consisting of tenant theme configuration - format: binary - required: true + Key Manager Type + default: "false" responses: 200: description: | - Ok. - Tenant Theme Imported Successfully. - content: {} - 403: - $ref: '#/components/responses/Forbidden' - 413: - $ref: '#/components/responses/PayloadTooLarge' - 500: - $ref: '#/components/responses/InternalServerError' + OK. + KeyManagers returned + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManagerWellKnownResponse' + security: + - OAuth2Security: + - apim:admin + - apim:admin_operations + - apim:keymanagers_manage + x-code-samples: + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -F "type=WSO2-IS" "https://127.0.0.1:9443/api/am/admin/v4/key-managers/discover"' + + /key-managers/{keyManagerId}/api-usages: + get: + tags: + - Key Manager (Individual) + summary: Retrieve Key Manager Usages (APIs) + description: | + Retrieves a list of APIs that are specifically utilizing the Key Manager identified by the provided ID. + The Key Manager ID should be provided as a path parameter. + parameters: + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/keyManagerId' + responses: + 200: + description: | + OK. + KeyManager API usages returned. + headers: + Content-Type: + description: | + The content type of the body. + schema: + type: string + content: + application/json: + schema: + $ref: '#/components/schemas/KeyManagerAPIUsages' + 404: + $ref: '#/components/responses/NotFound' + 406: + $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin - - apim:tenant_theme_manage + - apim:admin_operations x-code-samples: - - lang: Shell - source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -F file=@theme.zip "https://127.0.0.1:9443/api/am/admin/v4/tenant-theme"' + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450/api-usages"' - ###################################################### - # The Tenant config resource APIs - ###################################################### - /tenant-config: + /key-managers/{keyManagerId}/app-usages: get: tags: - - Tenant Config - summary: Export a tenant-Config. + - Key Manager (Individual) + summary: Retrieve Key Manager Usages (Appilcations) description: | - This operation can be used to export a tenant-config.json used in deployment. - operationId: exportTenantConfig + Retrieves a list of Applications that are specifically utilizing the Key Manager identified by the provided ID. + The Key Manager ID should be provided as a path parameter. + parameters: + - $ref: '#/components/parameters/offset' + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/keyManagerId' responses: 200: description: | OK. - Tenant config Exported Successfully. + KeyManager application usages returned. headers: Content-Type: description: | @@ -4534,214 +4480,306 @@ paths: content: application/json: schema: - type: string - 403: - $ref: '#/components/responses/Forbidden' + $ref: '#/components/schemas/KeyManagerAppUsages' 404: $ref: '#/components/responses/NotFound' - 500: - $ref: '#/components/responses/InternalServerError' + 406: + $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin + - apim:admin_operations x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/tenant-config" > tenant-config.json' - put: + "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450/app-usages"' + + ###################################################### + # The "API Collection" resource APIs + ###################################################### + /apis: + get: tags: - - Tenant Config - summary: Update a tenant-config. + - APIs + summary: | + Retrieve/Search APIs description: | - This operation can be used to update tenant-config. - operationId: updateTenantConfig - requestBody: - description: tenant-config - content: - application/json: - schema: - type: object - required: true + This operation provides you a list of available APIs qualifying under a given search condition. + Each retrieved API is represented with a minimal amount of attributes. If you want to get complete details of an API, you need to use **Get details of an API** operation. + parameters: + - $ref: '#/components/parameters/limit' + - $ref: '#/components/parameters/offset' + - name: query + in: query + description: | + **Search and get all apis in admin portal**. + + You can search by proving a keyword. + schema: + type: string + - $ref: '#/components/parameters/If-None-Match' responses: 200: description: | OK. - Role mapping alias returned + List of qualifying APIs is returned. + headers: + ETag: + description: | + Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string content: application/json: schema: - type: object - 403: - $ref: '#/components/responses/Forbidden' - 413: - $ref: '#/components/responses/PayloadTooLarge' - 500: - $ref: '#/components/responses/InternalServerError' + $ref: '#/components/schemas/SearchResultList' + 304: + description: | + Not Modified. + Empty body because the client has already the latest version of the requested resource (Will be supported in future). + content: {} + 406: + $ref: '#/components/responses/NotAcceptable' security: - OAuth2Security: - apim:admin + - apim:api_provider_change x-code-samples: - - lang: Shell - source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/tenant-config"' - + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/publisher/v4/apis"' + operationId: getAllAPIs ###################################################### - # The Tenant config schema resource APIs + # Change Api Provider ###################################################### - /tenant-config-schema: - get: + /apis/{apiId}/change-provider: + post: tags: - - Tenant Config Schema - summary: Export a tenant-Config-Schema. + - Api Provider Change + summary: Update the api provider description: | - This operation can be used to export a tenant-config-schema.json used in deployment. - operationId: exportTenantConfigSchema + Update the api provider + operationId: providerNamePost + parameters: + - name: provider + in: query + required: true + schema: + type: string + - $ref: '#/components/parameters/apiId' responses: 200: description: | OK. - Tenant config schema exported successfully. + Api Provider updated. headers: Content-Type: description: | The content type of the body. schema: type: string - content: - application/json: - schema: - type: object - 403: - $ref: '#/components/responses/Forbidden' + 400: + $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' - 500: - $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin + - apim:api_provider_change x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/tenant-config-schema" > tenant-config-schema.json' - + - lang: Curl + source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" "https://127.0.0.1:9443/api/am/admin/v4/provider/admin/apis/33662a62-8db1-4d75-af08-afd63c6bd0b4/change-provider?provider=user1"' ###################################################### - # The "Key Manager Collection" resource API + # The "Transaction Count" resource API ###################################################### - /key-managers: + /transaction-count: get: tags: - - Key Manager (Collection) - summary: Get all Key managers - description: | - Get all Key managers + - "Transaction Records" + summary: "Get transaction count" + description: "This endpoint retrieves the transaction count based on various filter parameters." + parameters: + - name: "startTime" + in: "query" + description: "Start time for the transaction count retrieval" + required: true + schema: + type: "string" + - name: "endTime" + in: "query" + description: "End time for the transaction count retrieval" + required: true + schema: + type: "string" responses: 200: - description: | - OK. - KeyManagers returned + description: "Transaction count retrieved successfully" content: application/json: schema: - $ref: '#/components/schemas/KeyManagerList' + $ref: "#/components/schemas/TransactionCount" + default: + description: "Unexpected error" + content: + application/json: + schema: + $ref: "#/components/schemas/Error" security: - OAuth2Security: - apim:admin - - apim:admin_operations - x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/key-managers"' - - post: + ###################################################### + # Export API Consumption Data + ###################################################### + /export-consumption: + get: tags: - - Key Manager (Collection) - summary: Add a new API Key Manager + - Consumption + summary: | + Export API Consumption Data description: | - Add a new API Key Manager - requestBody: - description: | - Key Manager object that should to be added - content: - application/json: - schema: - $ref: '#/components/schemas/KeyManager' - required: true + This operation provides a ZIP archive containing API consumption/usage data + for a given date range. + parameters: + - name: fromDate + in: query + description: | + Start date of the export range (inclusive). Format: YYYY-MM-DD. + required: true + schema: + type: string + - name: toDate + in: query + description: | + End date of the export range (inclusive). Format: YYYY-MM-DD. + required: true + schema: + type: string responses: - 201: + 200: description: | - Created. - Successful response with the newly created object as entity in the body. + OK. + Consumption data exported successfully as a ZIP file. + headers: + Content-Disposition: + description: | + Indicates the filename for the download (e.g., consumption-report.zip). + schema: + type: string + Content-Type: + description: The content type of the body. + schema: + type: string content: - application/json: + application/zip: schema: - $ref: '#/components/schemas/KeyManager' + type: string + format: binary 400: $ref: '#/components/responses/BadRequest' + 401: + $ref: '#/components/responses/Unauthorized' + 403: + $ref: '#/components/responses/Forbidden' + 500: + $ref: '#/components/responses/InternalServerError' security: - OAuth2Security: - apim:admin - - apim:admin_operations x-code-samples: - - lang: Shell - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/key-managers"' - + - lang: Curl + source: | + curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" \ + "https://127.0.0.1:9443/api/am/admin/v4/export-consumption?fromDate=2026-01-01&toDate=2026-03-31" \ + > consumption-report.zip + operationId: exportConsumptionData ###################################################### - # The "Individual KeyManager" resource APIs + # The "Label Collection" resource API ###################################################### - /key-managers/{keyManagerId}: + /labels: get: tags: - - Key Manager (Individual) - summary: Get a Key Manager Configuration + - Labels (Collection) + summary: Get all Labels description: | - Retrieve a single Key Manager Configuration. We should provide the Id of the KeyManager as a path parameter. - parameters: - - $ref: '#/components/parameters/keyManagerId' + Get all Labels responses: 200: description: | OK. - KeyManager Configuration returned - headers: - Content-Type: - description: | - The content type of the body. + Labels returned + content: + application/json: schema: - type: string + $ref: '#/components/schemas/LabelList' + security: + - OAuth2Security: + - apim:admin + x-code-samples: + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/labels"' + operationId: getAllLabels + + post: + tags: + - Label (Individual) + summary: Add a new Label + description: | + Add a new Label + requestBody: + description: | + Label object that should to be added + content: + application/json: + schema: + $ref: '#/components/schemas/Label' + required: true + responses: + 201: + description: | + Created. + Successful response with the newly created object as entity in the body. content: application/json: schema: - $ref: '#/components/schemas/KeyManager' - 404: - $ref: '#/components/responses/NotFound' - 406: - $ref: '#/components/responses/NotAcceptable' + $ref: '#/components/schemas/Label' + 400: + $ref: '#/components/responses/BadRequest' + 409: + $ref: '#/components/responses/Conflict' security: - OAuth2Security: - apim:admin - - apim:admin_operations x-code-samples: - - lang: Shell - source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + - lang: Curl + source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/labels"' + operationId: createLabel + ###################################################### + # The "Individual Label" resource APIs + ###################################################### + /labels/{labelId}: put: tags: - - Key Manager (Individual) - summary: Update a Key Manager + - Label (Individual) + summary: Update a Label description: | - Update a Key Manager by keyManager id + Update a Label by label id parameters: - - $ref: '#/components/parameters/keyManagerId' + - $ref: '#/components/parameters/labelId' requestBody: description: | - Key Manager object with updated information + Label object with updated information content: application/json: schema: - $ref: '#/components/schemas/KeyManager' + $ref: '#/components/schemas/Label' required: true responses: 200: @@ -4751,182 +4789,149 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/KeyManager' + $ref: '#/components/schemas/Label' 400: $ref: '#/components/responses/BadRequest' 404: $ref: '#/components/responses/NotFound' + 409: + $ref: '#/components/responses/Conflict' security: - OAuth2Security: - apim:admin - - apim:admin_operations x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + -H "Content-Type: application/json" -d @data.json "https://127.0.0.1:9443/api/am/admin/v4/labels/d7cf8523-9180-4255-84fa-6cb171c1f779"' + operationId: updateLabel delete: tags: - - Key Manager (Individual) - summary: Delete a Key Manager + - Label (Individual) + summary: Delete a Label description: | - Delete a Key Manager by keyManager id + Delete a Label by label id parameters: - - $ref: '#/components/parameters/keyManagerId' + - $ref: '#/components/parameters/labelId' responses: 200: description: | OK. - Key Manager successfully deleted. + Label successfully deleted. content: {} + 409: + $ref: '#/components/responses/Conflict' 404: $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - - apim:admin_operations x-code-samples: - - lang: Shell + - lang: Curl source: 'curl -k -X DELETE -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/admin/v4/key-managers/8d263942-a6df-4cc2-a804-7a2525501450"' + "https://127.0.0.1:9443/api/am/admin/v4/labels/d7cf8523-9180-4255-84fa-6cb171c1f779"' + operationId: deleteLabel - /key-managers/discover: - post: + ###################################################### + # The "Label Usage Individual" resource API + ###################################################### + /labels/{labelId}/usage: + get: tags: - - Key Manager (Collection) - summary: Retrieve Well-known information from Key Manager Well-known Endpoint + - Label (Individual) + summary: Get a Label Usage description: | - Retrieve well-known information from key manager's well-known endpoint - requestBody: - content: - multipart/form-data: - schema: - properties: - url: - type: string - description: Well-Known Endpoint - type: - type: string - description: | - Key Manager Type - default: "false" + Retrieve a single Label Usage. We should provide the Id of the Label as a path parameter. + parameters: + - $ref: '#/components/parameters/labelId' responses: 200: description: | OK. - KeyManagers returned + Label Usage returned content: application/json: schema: - $ref: '#/components/schemas/KeyManagerWellKnownResponse' + $ref: '#/components/schemas/LabelUsage' + 404: + $ref: '#/components/responses/NotFound' security: - OAuth2Security: - apim:admin - - apim:admin_operations x-code-samples: - - lang: Shell - source: 'curl -k -X POST -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -F "type=WSO2-IS" "https://127.0.0.1:9443/api/am/admin/v4/key-managers/discover"' + - lang: Curl + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" + "https://127.0.0.1:9443/api/am/admin/v4/labels/d7cf8523-9180-4255-84fa-6cb171c1f779/usage"' + operationId: getLabelUsage + ###################################################### - # The "API Collection" resource APIs + # The "API Key Collection" resource API ###################################################### - /apis: + /api-keys: get: tags: - - APIs - summary: | - Retrieve/Search APIs + - APIKeys + summary: Get all API Keys description: | - This operation provides you a list of available APIs qualifying under a given search condition. - Each retrieved API is represented with a minimal amount of attributes. If you want to get complete details of an API, you need to use **Get details of an API** operation. - parameters: - - $ref: '#/components/parameters/limit' - - $ref: '#/components/parameters/offset' - - name: query - in: query - description: | - **Search and get all apis in admin portal**. - - You can search by proving a keyword. - schema: - type: string - - $ref: '#/components/parameters/If-None-Match' + Retrieve all API Keys. + operationId: getAllAPIKeys responses: 200: description: | OK. - List of qualifying APIs is returned. - headers: - ETag: - description: | - Entity Tag of the response resource. Used by caches, or in conditional requests (Will be supported in future). - schema: - type: string - Content-Type: - description: The content type of the body. - schema: - type: string + API keys returned. content: application/json: schema: - $ref: '#/components/schemas/SearchResultList' - 304: - description: | - Not Modified. - Empty body because the client has already the latest version of the requested resource (Will be supported in future). - content: { } - 406: - $ref: '#/components/responses/NotAcceptable' + $ref: '#/components/schemas/APIKeyList' + 400: + $ref: '#/components/responses/BadRequest' + 404: + $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:admin - - apim:api_provider_change x-code-samples: - lang: Curl source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - "https://127.0.0.1:9443/api/am/publisher/v4/apis"' - operationId: getAllAPIs - ###################################################### - # Change Api Provider - ###################################################### - /apis/{apiId}/change-provider: + -H "Content-Type: application/json" -X GET "https://127.0.0.1:9443/api/am/admin/v4/api-keys"' + + /api-keys/revoke: post: tags: - - Api Provider Change - summary: Update the api provider + - APIKeys + summary: Revoke an API Key description: | - Update the api provider - operationId: providerNamePost - parameters: - - name: provider - in: query - required: true - schema: - type: string - - $ref: '#/components/parameters/apiId' + Revoke an API Key for the API + operationId: revokeAPIKeyFromAdmin + requestBody: + description: | + API key revoke object + content: + application/json: + schema: + $ref: '#/components/schemas/APIKeyRevokeRequest' + required: true responses: 200: description: | OK. - Api Provider updated. - headers: - Content-Type: - description: | - The content type of the body. - schema: - type: string + Api key revoked successfully. + content: { } 400: $ref: '#/components/responses/BadRequest' - 404: - $ref: '#/components/responses/NotFound' + 412: + $ref: '#/components/responses/PreconditionFailed' security: - OAuth2Security: - apim:admin - - apim:api_provider_change x-code-samples: - lang: Curl - source: 'curl -k -X PUT -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" - -H "Content-Type: application/json" "https://127.0.0.1:9443/api/am/admin/v4/provider/admin/apis/33662a62-8db1-4d75-af08-afd63c6bd0b4"' + source: 'curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" -H "Content-Type: application/json" -X POST -d @data.json + "https://127.0.0.1:9443/api/am/admin/v4/api-keys/ght65523-7650-4255-84fa-6cb171c1f779/d7cf8523-9180-4255-84fa-6cb171c1f779/PRODUCTION/revoke"' + components: schemas: Error: @@ -4972,6 +4977,40 @@ components: type: string description: | Description about individual errors occurred + ContentPublishStatus: + type: object + properties: + action: + type: string + enum: + - PUBLISH + - UNPUBLISH + example: + action: PUBLISH + ContentPublishStatusResponse: + type: object + properties: + id: + type: string + description: UUID of the org-theme + published: + type: boolean + description: Publish status of the org-theme + ThrottlePolicyList: + title: Throttle Policy List + type: object + properties: + count: + type: integer + description: | + Number of Throttling Policies returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/ThrottlePolicy' + pagination: + $ref: '#/components/schemas/Pagination' ThrottlePolicyDetailsList: title: Policy List type: object @@ -5155,6 +5194,10 @@ components: type: string description: Burst control time unit example: min + subscriberCount: + type: integer + description: Number of subscriptions allowed + example: 10 customAttributes: type: array description: | @@ -5174,11 +5217,6 @@ components: example: FREE permissions: $ref: '#/components/schemas/SubscriptionThrottlePolicyPermission' - subscriberCount: - type: integer - description: | - Number of subscriptions allowed - example: 10 SubscriptionThrottlePolicyPermission: title: SubscriptionThrottlePolicyPermission required: @@ -5363,8 +5401,6 @@ components: description: Value of the header IPCondition: title: IP based throttling condition - required: - - specificIP type: object properties: ipConditionType: @@ -5467,7 +5503,6 @@ components: MonetizationInfo: title: API monetization details object required: - - monetizationPlan - properties type: object properties: @@ -5628,83 +5663,10 @@ components: type: string description: Name of the custom attribute example: customAttr1 - value: - type: string - description: Value of the custom attribute - example: value1 - mediationList: - title: Mediation List - type: object - properties: - count: - type: integer - description: | - Number of mediation sequences returned. - example: 1 - next: - type: string - description: | - Link to the next subset of sequences qualified. - Empty if no more sequences are to be returned. - example: "" - previous: - type: string - description: | - Link to the previous subset of sequences qualified. - Empty if current subset is the first subset returned. - example: "" - list: - type: array - items: - $ref: '#/components/schemas/MediationInfo' - MediationInfo: - title: MediationInfo - required: - - id - - name - - type - type: object - properties: - name: - type: string - example: json_fault.xml - id: - type: string - example: 01234567-0123-0123-0123-012345678901 - type: - type: string - example: in - enum: - - in - - out - - fault - Mediation: - title: Mediation - required: - - config - - name - - type - type: object - properties: - id: - type: string - readOnly: true - example: 01234567-0123-0123-0123-012345678901 - name: - type: string - example: custom_log_in_message.xml - type: + value: type: string - example: IN - enum: - - IN - - OUT - - FAULT - config: - type: string - example: - - + description: Value of the custom attribute + example: value1 ApplicationList: title: Application List type: object @@ -5714,22 +5676,12 @@ components: description: | Number of applications returned. example: 1 - next: - type: string - description: | - Link to the next subset of resources qualified. - Empty if no more resources are to be returned. - example: /applications?limit=1&offset=2&user= - previous: - type: string - description: | - Link to the previous subset of resources qualified. - Empty if current subset is the first subset returned. - example: /applications?limit=1&offset=0&user= list: type: array items: $ref: '#/components/schemas/ApplicationInfo' + pagination: + $ref: '#/components/schemas/Pagination' ApplicationInfo: title: Application info object with basic application details type: object @@ -5743,12 +5695,96 @@ components: owner: type: string example: admin + tokenType: + type: string + enum: + - OAUTH + - JWT + createdTime: + type: string + readOnly: true + example: "1651555310208" + keyManagers: + type: array + items: + $ref: '#/components/schemas/KeyManagerInfo' status: type: string example: APPROVED groupId: type: string example: "" + Application: + title: Application object with all the application details + type: object + properties: + applicationId: + type: string + example: 01234567-0123-0123-0123-012345678901 + name: + type: string + example: CalculatorApp + throttlingPolicy: + type: string + example: Unlimited + description: + type: string + example: Sample calculator application + tokenType: + type: string + enum: + - OAUTH + - JWT + description: | + Type of the access token generated for this application. + **OAUTH:** A UUID based access token which is issued by default. + **JWT:** A self-contained, signed JWT based access token. **Note:** This can be only used in Microgateway environments. + default: JWT + example: JWT + status: + type: string + example: APPROVED + default: "" + groups: + type: array + items: + type: string + example: "" + subscriptionCount: + type: integer + attributes: + type: object + additionalProperties: + type: string + example: External Reference ID, Billing Tier + subscriptionScopes: + type: array + items: + $ref: '#/components/schemas/ScopeInfo' + owner: + description: | + Application created user + type: string + example: admin + ScopeInfo: + title: API Scope info object with scope details + type: object + properties: + key: + type: string + example: admin_scope + name: + type: string + example: admin scope + roles: + type: array + items: + type: string + description: Allowed roles for the scope + example: ["manager","developer"] + description: + type: string + description: Description of the scope APIInfoList: title: API Info List type: object @@ -5770,6 +5806,13 @@ components: type: string description: The name of the API. example: PizzaShackAPI + displayName: + type: string + example: PizzaShack API + description: | + Display name of the API. + This is the name that will be displayed in the Publisher and DevPortal. + If not provided, the name will be used as the display name. version: type: string description: The version of the API @@ -5778,43 +5821,6 @@ components: type: string description: The provider of the API example: admin - Label: - title: Label - required: - - name - type: object - properties: - id: - type: string - readOnly: true - example: ece92bdc-e1e6-325c-b6f4-656208a041e9 - name: - maxLength: 255 - minLength: 1 - type: string - example: Public - description: - maxLength: 1024 - type: string - example: Label to use for public Gateway - accessUrls: - type: array - items: - type: string - example: http://localhost:9443/ - LabelList: - title: Label List - type: object - properties: - count: - type: integer - description: | - Number of Labels returned. - example: 1 - list: - type: array - items: - $ref: '#/components/schemas/Label' Environment: title: Environment required: @@ -5829,7 +5835,7 @@ components: name: maxLength: 255 minLength: 1 - pattern: '(^[^~!@#;:%^*()+={}|\\<>"'',&$\s+]*$)' + pattern: '^[a-zA-Z0-9_-]+$' type: string example: us-region displayName: @@ -5837,21 +5843,39 @@ components: minLength: 1 type: string example: US Region - description: - maxLength: 1023 - type: string - example: Gateway environment in US Region provider: type: string example: wso2 + type: + type: string + default: hybrid + example: hybrid gatewayType: type: string example: Regular default: Regular + description: + maxLength: 1023 + type: string + example: Gateway environment in US Region isReadOnly: type: boolean - readOnly: true example: false + default: false + deprecated: true + mode: + type: string + enum: + - READ_ONLY + - READ_WRITE + - WRITE_ONLY + example: READ_WRITE + default: WRITE_ONLY + description: | + The mode of the environment. This indicates whether the environment is in read-only or read-write mode. + **READ_ONLY:** The environment is in read-only mode. API cannot be deployed, only discovery is possible. + **READ_WRITE:** The environment is in read-write mode. APIs can be deployed and discovered. + **WRITE_ONLY:** The environment is in write-only mode/ APIs only can be deployed. apiDiscoveryScheduledWindow: type: integer description: | @@ -5876,64 +5900,279 @@ components: properties: permissionType: type: string - example: ALLOW + example: ALLOW + default: PUBLIC + enum: + - PUBLIC + - ALLOW + - DENY + roles: + type: array + items: + type: string + example: Internal/everyone + status: + type: string + readOnly: true + description: For platform gateway environments (gatewayType Universal), connection status to the control plane (Active or Inactive). + example: Active + default: Active + enum: + - Active + - Inactive + vhost: + type: string + format: uri + readOnly: true + description: For platform gateway environments, the gateway URL (e.g. https://host:9443). Same as Platform Gateways API; only set when this environment represents a platform gateway. + example: https://mg.wso2.com + universalGatewayVersion: + type: string + readOnly: true + description: Universal Gateway version from config (e.g. "1.0.0"). Set for deploy targets so UI can show quick-start version; from apim.universal_gateway.version. + example: "1.0.0" + EnvironmentList: + title: Environment List + type: object + properties: + count: + type: integer + description: | + Number of Environments returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/Environment' + GatewayInstanceList: + title: Gateway instance list + type: object + properties: + count: + type: integer + description: | + Number of Gateway Instances returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/GatewayInstance' + GatewayInstance: + title: Gateway instance in the gateway environment + type: object + required: + - gatewayId + properties: + gatewayId: + type: string + example: "Env1_1372344" + lastActive: + type: string + example: "2025-06-26T06:47:50Z" + status: + type: string + example: ACTIVE + default: ACTIVE + enum: + - ACTIVE + - EXPIRED + ApplicationUpdateRequest: + type: object + description: Request body to update application attributes + properties: + owner: + type: string + description: The new owner of the application + tokenType: + type: string + description: The type of token for the application (e.g., JWT) + enum: + - JWT + CreatePlatformGatewayRequest: + title: Create Platform Gateway Request + description: Request body for creating a platform gateway (name, displayName, vhost as URL, optional properties). Same property name as platform API; type is URL. + required: + - name + - displayName + - vhost + type: object + properties: + name: + type: string + pattern: '^[a-z0-9-]+$' + minLength: 3 + maxLength: 64 + description: URL-friendly gateway identifier (lowercase alphanumeric with hyphens, unique per organization) + example: prod-gateway-01 + displayName: + type: string + minLength: 1 + maxLength: 128 + description: Human-readable gateway name + example: Production Gateway 01 + description: + type: string + maxLength: 1023 + description: Optional description + vhost: + type: string + format: uri + description: Gateway URL (e.g. https://mg.example.com:9443). Same name as platform API; type is URL. Server persists host internally. + example: https://mg.wso2.com + properties: + type: object + additionalProperties: true + description: Custom key-value properties for the gateway + example: {"region": "us-west", "tier": "premium"} + permissions: + type: object + description: Gateway visibility permissions configuration + properties: + permissionType: + type: string + enum: [PUBLIC, ALLOW, DENY] + default: PUBLIC + description: | + Permission type for gateway visibility: + - PUBLIC: Gateway is visible to all users + - ALLOW: Gateway is visible only to specified roles + - DENY: Gateway is hidden from specified roles + roles: + type: array + items: + type: string + description: List of roles for ALLOW/DENY permission types + example: ["admin", "publisher"] + example: + permissionType: ALLOW + roles: ["admin", "publisher"] + UpdatePlatformGatewayRequest: + title: Update Platform Gateway Request + description: | + Request body for PUT /gateways/{gatewayId}. Per PUT semantics, send the full resource + representation. Name and vhost are immutable (server validates they match the existing gateway). + required: + - name + - displayName + - vhost + type: object + properties: + name: + type: string + pattern: '^[a-z0-9-]+$' + minLength: 3 + maxLength: 64 + description: Gateway identifier (immutable; must match existing). Required for PUT full representation. + vhost: + type: string + format: uri + description: Gateway URL (immutable; must match existing). Same name as platform API; type is URL. Example https://mg.wso2.com + example: https://mg.wso2.com + displayName: + type: string + minLength: 1 + maxLength: 128 + description: Human-readable gateway name + example: Production Gateway 01 + description: + type: string + maxLength: 1023 + description: Optional description + properties: + type: object + additionalProperties: true + description: Custom key-value properties for the gateway + example: {"region": "us-west", "tier": "premium"} + permissions: + type: object + description: Gateway visibility permissions (on-prem extension) + properties: + permissionType: + type: string + enum: [PUBLIC, ALLOW, DENY] + default: PUBLIC + roles: + type: array + items: + type: string + description: List of roles for ALLOW/DENY permission types + PlatformGatewayResponse: + title: Platform Gateway Response + description: Platform gateway response (without registration token). Used for list and get. + type: object + properties: + id: + type: string + readOnly: true + description: Gateway UUID + name: + type: string + displayName: + type: string + description: + type: string + properties: + type: object + additionalProperties: true + description: Custom key-value properties + vhost: + type: string + format: uri + readOnly: true + description: Gateway URL (e.g. https://host or https://host:9443). Same name as platform API; type is URL. + isActive: + type: boolean + readOnly: true + description: Indicates if the gateway is currently connected to the control plane via WebSocket + permissions: + type: object + description: Gateway visibility permissions configuration + properties: + permissionType: + type: string + enum: [PUBLIC, ALLOW, DENY] default: PUBLIC - enum: - - PUBLIC - - ALLOW - - DENY + description: | + Permission type for gateway visibility: + - PUBLIC: Gateway is visible to all users + - ALLOW: Gateway is visible only to specified roles + - DENY: Gateway is hidden from specified roles roles: type: array items: type: string - example: - - Subscriber - - Internal/subscriber - EnvironmentList: - title: Environment List - type: object - properties: - count: - type: integer - description: | - Number of Environments returned. - example: 1 - list: - type: array - items: - $ref: '#/components/schemas/Environment' - GatewayInstanceList: - title: Gateway instance list + description: List of roles for ALLOW/DENY permission types + createdAt: + type: string + format: date-time + readOnly: true + updatedAt: + type: string + format: date-time + readOnly: true + GatewayResponseWithToken: + title: Gateway Response With Token + description: Platform gateway response including the one-time registration token (POST create or regenerate-token). + allOf: + - $ref: '#/components/schemas/PlatformGatewayResponse' + - type: object + properties: + registrationToken: + type: string + description: | + Registration token (returned only once on create or regenerate). Use as api-key when connecting + the gateway to the control plane WebSocket. Store e.g. as GATEWAY_REGISTRATION_TOKEN. + GatewayList: + title: Gateway List type: object properties: count: type: integer - description: | - Number of Gateway Instances returned. - example: 1 + description: Number of platform gateways returned list: type: array items: - $ref: '#/components/schemas/GatewayInstance' - GatewayInstance: - title: Gateway instance in the gateway environment - type: object - required: - - gatewayId - properties: - gatewayId: - type: string - example: "Env1_1372344" - lastActive: - type: string - example: "2025-06-26T06:47:50Z" - status: - type: string - example: ACTIVE - default: ACTIVE - enum: - - ACTIVE - - EXPIRED + $ref: '#/components/schemas/PlatformGatewayResponse' Organization: title: Organization required: @@ -6075,6 +6314,10 @@ components: description: List of model providers supported by the AI Service Provider items: $ref: '#/components/schemas/ModelProvider' + deprecated: + type: boolean + description: Indicates if the LLM provider is deprecated + example: false AIServiceProviderSummaryResponse: title: AIServiceProviderSummaryResponse type: object @@ -6103,6 +6346,10 @@ components: maxLength: 1023 type: string example: OpenAI LLM Provider + deprecated: + type: boolean + description: Indicates if the LLM provider is deprecated + example: false AIServiceProviderSummaryResponseList: title: AIServiceProviderSummaryResponseList type: object @@ -6227,13 +6474,12 @@ components: host: maxLength: 255 minLength: 1 - # hostname regex as per RFC 1123 (http://tools.ietf.org/html/rfc1123) and appended * - pattern: '^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$' type: string example: mg.wso2.com httpContext: maxLength: 255 minLength: 0 + # TODO (renuka) check this regex: not allowed: (_ .) and allowed: (- /) pattern: '^\/?([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])*$' type: string example: pets @@ -6246,9 +6492,15 @@ components: wsPort: type: integer example: 9099 + wsHost: + type: string + example: mg.wso2.com wssPort: type: integer example: 8099 + wssHost: + type: string + example: mg.wso2.com AdditionalProperty: title: Additional Gateway Properties type: object @@ -6423,6 +6675,14 @@ components: type: array items: type: string + IsJWTEnabledForLoginTokens: + type: boolean + default: false + orgAccessControlEnabled: + type: boolean + description: | + Is Organization-based access control configuration enabled + example: true keyManagerConfiguration: type: array items: @@ -6440,14 +6700,65 @@ components: defaultScopesClaim: type: string example: scope + authConfigurations: + type: array + items: + $ref: '#/components/schemas/KeyManagerConfiguration' configurations: type: array items: $ref: '#/components/schemas/KeyManagerConfiguration' + endpointConfigurations: + type: array + items: + $ref: '#/components/schemas/KeyManagerConfiguration' + configurationConstraints: + type: array + items: + $ref: '#/components/schemas/ConfigurationConstraint' + gatewayConfiguration: + type: array + items: + type: object + properties: + type: + type: string + example: default + displayName: + type: string + example: default + supportedModes: + type: array + items: + type: string + example: 'READ_WRITE' + configurations: + type: array + items: + $ref: '#/components/schemas/GatewayConfiguration' + defaultHostnameTemplate: + type: string + example: '{apiId}.execute-api.{region}.amazonaws.com' analyticsEnabled: type: boolean description: To determine whether analytics is enabled or not example: false + transactionCounterEnable: + type: boolean + description: To determine whether the transaction counter is enabled or not + example: false + isGatewayNotificationEnabled: + type: boolean + description: Is Gateway Notification Enabled + default: false + universalGatewayVersion: + type: string + description: Universal Gateway version for quick-start guide (e.g. "1.0.0") + example: "1.0.0" + consumptionExportEnabled: + type: boolean + description: Whether the ConsumptionDataExportService OSGi service is available + example: false ScopeList: title: Scope Role Mapping List type: object @@ -6539,27 +6850,39 @@ components: introspectionEndpoint: type: string example: https://localhost:9444/oauth2/introspect + deprecated: true clientRegistrationEndpoint: type: string example: https://localhost:9444/keymanager-operations/dcr/register + deprecated: true tokenEndpoint: type: string example: https://localhost:9444/oauth2/token + deprecated: true displayTokenEndpoint: type: string example: https://localhost:9444/oauth2/token + deprecated: true revokeEndpoint: type: string example: https://localhost:9444/oauth2/revoke + deprecated: true displayRevokeEndpoint: type: string example: https://localhost:9444/oauth2/revoke + deprecated: true userInfoEndpoint: type: string example: https://localhost:9444/oauth2/userinfo?schema=openid + deprecated: true authorizeEndpoint: type: string example: https://localhost:9444/oauth2/authorize + deprecated: true + endpoints: + type: array + items: + $ref: '#/components/schemas/KeyManagerEndpoint' certificates: type: object properties: @@ -6582,6 +6905,7 @@ components: scopeManagementEndpoint: type: string example: https://wso2is.com:9444/api/identity/oauth2/v1.0/scopes + deprecated: true availableGrantTypes: type: array items: @@ -6627,9 +6951,12 @@ components: enabled: type: boolean example: true + global: + type: boolean + example: true additionalProperties: type: object - properties: { } + properties: {} example: self_validate_jwt: true Username: admin @@ -6653,7 +6980,7 @@ components: tokenType: type: string description: The type of the tokens to be used (exchanged or without exchanged). - Accepted values are EXCHANGED and DIRECT. + Accepted values are EXCHANGED, DIRECT and BOTH. example: EXCHANGED default: DIRECT enum: @@ -6664,6 +6991,19 @@ components: type: array items: type: string + KeyManagerEndpoint: + title: Key Manager Endpoint. + required: + - name + - value + type: object + properties: + name: + type: string + example: 'token_endpoint' + value: + type: string + example: 'https://localhost:9443/oauth2/token' KeyManagerInfo: title: Key Manager Info required: @@ -6686,10 +7026,16 @@ components: enabled: type: boolean example: true + isGlobal: + type: boolean + example: true + isUsed: + type: boolean + example: true tokenType: type: string description: The type of the tokens to be used (exchanged or without exchanged). - Accepted values are EXCHANGED and DIRECT. + Accepted values are EXCHANGED, DIRECT and BOTH. example: EXCHANGED default: DIRECT enum: @@ -6702,47 +7048,219 @@ components: properties: name: type: string - example: consumer_key - label: + example: consumer_key + label: + type: string + example: Consumer Key + type: + type: string + example: select + required: + type: boolean + example: true + mask: + type: boolean + example: true + multiple: + type: boolean + example: true + tooltip: + type: string + example: Enter username to connect to key manager + default: + type: object + properties: { } + example: admin + values: + type: array + items: + type: object + properties: { } + updateDisabled: + type: boolean + description: Indicates that this configuration field cannot be modified once the Key Manager is created. + default: false + example: true + ConfigurationConstraint: + title: Configurable Configuration Constraints + type: object + properties: + name: + type: string + example: application_access_token_expiry_time + label: + type: string + example: Access Token Expiry + type: + type: string + example: input + multiple: + type: boolean + example: true + tooltip: + type: string + example: Define the valid range for token expiration in seconds. + constraintType: + type: string + example: RANGE + values: + type: array + items: + type: object + properties: { } + default: + type: object + properties: { } + GatewayConfiguration: + title: Gateway Configuration + type: object + properties: + name: + type: string + example: consumer_key + label: + type: string + example: Consumer Key + type: + type: string + example: select + required: + type: boolean + example: true + mask: + type: boolean + example: true + multiple: + type: boolean + example: true + tooltip: + type: string + example: Enter username + default: + type: object + properties: {} + example: admin + values: + type: array + items: + type: object + properties: {} + KeyManagerList: + title: Key Manager List + type: object + properties: + count: + type: integer + description: | + Number of Key managers returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/KeyManagerInfo' + + KeyManagerAppUsages: + title: Key Manager Application Usages. + required: + - applicationCount + - applications + type: object + properties: + applicationCount: + type: integer + description: The total count of applications. + applications: + type: array + items: + $ref: '#/components/schemas/ApplicationInfoKeyManager' + + ApplicationInfoKeyManager: + type: object + properties: + name: + type: string + description: The name of the application. + uuid: + type: string + description: The UUID of the application. + organizationId: + type: string + nullable: true + description: The ID of the organization to which the application belongs. + owner: + type: string + description: The owner of the application. + organization: + type: string + description: The organization of the application. + required: + - name + - uuid + - owner + - organization + + KeyManagerAPIUsages: + title: Key Manager API Usages. + required: + - apiCount + - apis + type: object + properties: + apiCount: + type: integer + description: The total count of APIs. + apis: + type: array + items: + $ref: '#/components/schemas/APIInfoKeyManager' + + APIInfoKeyManager: + type: object + properties: + id: + type: string + description: The ID of the API. + type: + type: string + description: The type of the entry (e.g., "API"). + name: + type: string + description: The name of the API. + transportType: type: string - example: Consumer Key - type: + description: The transport type of the API. + description: type: string - example: select - required: - type: boolean - example: true - mask: - type: boolean - example: true - multiple: + nullable: true + description: The description of the API. + context: + type: string + description: The context of the API. + version: + type: string + description: The version of the API. + provider: + type: string + description: The provider of the API. + status: + type: string + description: The status of the API. + thumbnailUri: + type: string + nullable: true + description: The URI of the thumbnail of the API. + advertiseOnly: type: boolean - example: true - tooltip: + description: Indicates if the API is advertised only. + keyManagerEntry: type: string - example: Entet username to connect to key manager - default: - type: object - properties: {} - example: admin - values: - type: array - items: - type: object - properties: {} - KeyManagerList: - title: Key Manager List - type: object - properties: - count: - type: integer - description: | - Number of Key managers returned. - example: 1 - list: - type: array - items: - $ref: '#/components/schemas/KeyManagerInfo' + description: The key manager entry related to the API. + required: + - id + - name + - version + - provider + ClaimMappingEntry: title: Claim Mapping Configuration type: object @@ -6880,17 +7398,17 @@ components: example: APPLICATION_CREATION enum: - APPLICATION_CREATION - - APPLICATION_UPDATE - SUBSCRIPTION_CREATION - USER_SIGNUP - APPLICATION_REGISTRATION_PRODUCTION - APPLICATION_REGISTRATION_SANDBOX - APPLICATION_DELETION - API_STATE + - API_PRODUCT_STATE - SUBSCRIPTION_DELETION - SUBSCRIPTION_UPDATE - - API_PRODUCT_STATE - REVISION_DEPLOYMENT + - APPLICATION_UPDATE workflowStatus: type: string description: | @@ -6994,7 +7512,7 @@ components: example: 01234567-0123-0123-0123-012345678901 name: type: string - example: My Organization + example: My Organization RoleAliasList: title: Role alias list type: object @@ -7023,6 +7541,54 @@ components: - Internal/subscriber items: type: string + Pagination: + title: Pagination + type: object + properties: + offset: + type: integer + example: 0 + limit: + type: integer + example: 1 + total: + type: integer + example: 10 + next: + type: string + description: | + Link to the next subset of resources qualified. + Empty if no more resources are to be returned. + example: "" + previous: + type: string + description: | + Link to the previous subset of resources qualified. + Empty if current subset is the first subset returned. + example: "" + PaginationApis: + title: Pagination + type: object + properties: + offset: + type: integer + example: 0 + limit: + type: integer + example: 1 + total: + type: integer + example: 10 + next: + type: string + description: | + Link to the next subset of resources qualified. + Empty if no more resources are to be returned. + previous: + type: string + description: | + Link to the previous subset of resources qualified. + Empty if current subset is the first subset returned. SearchResultList: title: Unified Search Result List type: object @@ -7049,31 +7615,132 @@ components: type: string id: type: string - Pagination: - title: Pagination + TransactionCount: type: object properties: - offset: + count: type: integer - example: 0 - limit: + example: 120 + Label: + title: Label + required: + - name + type: object + properties: + id: + type: string + readOnly: true + example: d7cf8523-9180-4255-84fa-6cb171c1f779 + name: + maxLength: 255 + minLength: 1 + type: string + example: Health + description: + maxLength: 1024 + type: string + example: Health related APIs + LabelList: + title: Label List + type: object + properties: + count: type: integer + description: Number of labels returned. example: 1 - total: - type: integer - example: 10 - next: - type: string + list: + type: array + description: List of labels. + items: + $ref: '#/components/schemas/Label' + pagination: + $ref: '#/components/schemas/Pagination' + LabelUsage: + title: Label Usage + type: object + properties: + apis: + type: object description: | - Link to the next subset of resources qualified. - Empty if no more resources are to be returned. - example: "" - previous: + List of APIs associated with the label. + properties: + count: + type: integer + description: Number of APIs associated with the label. + example: 1 + list: + type: array + description: List of APIs associated with the label. + items: + $ref: '#/components/schemas/ApiResult' + APIKey: + title: API Key details to invoke APIs + type: object + properties: + keyUUID: + type: string + description: The UUID of the API key + keyName: type: string + description: API Key name + example: Test_Key + apiName: + type: string + description: API Name + example: NotificationsAPI + applicationName: + type: string + description: Application Name + example: DefaultApplication + keyType: + type: string + description: Application Key Type + example: PRODUCTION + enum: + - PRODUCTION + - SANDBOX + user: + type: string + description: Owner of the Application + example: Bob + issuedOn: + type: integer + format: int64 + description: Created time in Unix epoch milliseconds + example: 1599196134000 + validityPeriod: + type: integer + format: int64 + example: 3600 + lastUsed: + type: integer + format: int64 + nullable: true + description: Last used time in Unix epoch milliseconds + example: 1599196134000 + APIKeyList: + title: API Keys List + type: object + properties: + count: + type: integer description: | - Link to the previous subset of resources qualified. - Empty if current subset is the first subset returned. - example: "" + Number of API keys returned. + example: 1 + list: + type: array + items: + $ref: '#/components/schemas/APIKey' + APIKeyRevokeRequest: + title: API Key revoke request object + type: object + required: + - keyUUID + properties: + keyUUID: + type: string + description: The UUID of the API key + responses: BadRequest: description: Bad Request. Invalid request or validation error. @@ -7203,6 +7870,46 @@ components: moreInfo: "" error: [] parameters: + If-None-Match: + name: If-None-Match + in: header + description: | + Validator for conditional requests; based on the ETag of the formerly retrieved + variant of the resource. + schema: + type: string + requestedTenant: + name: X-WSO2-Tenant + in: header + description: | + For cross-tenant invocations, this is used to specify the tenant domain, where the resource need to be + retirieved from. + schema: + type: string + sortBy: + name: sortBy + in: query + description: | + Criteria for sorting. + schema: + type: string + default: createdTime + enum: + - apiName + - version + - createdTime + - status + sortOrder: + name: sortOrder + in: query + description: | + Order of sorting(ascending/descending). + schema: + type: string + default: desc + enum: + - asc + - desc username: name: username in: query @@ -7215,15 +7922,7 @@ components: name: scopeName in: path description: | - scope name to be validated - required: true - schema: - type: string - labelId: - name: labelId - in: path - description: | - Label UUID + Base64 URL encoded value of the scope name to be validated required: true schema: type: string @@ -7231,7 +7930,8 @@ components: name: environmentId in: path description: | - Environment UUID (or Environment name defined in config) + Environment UUID (or Environment name defined in config), in case the ID contains special characters it should + be base64 encoded required: true schema: type: string @@ -7308,36 +8008,6 @@ components: schema: type: string default: application/json - If-None-Match: - name: If-None-Match - in: header - description: | - Validator for conditional requests; based on the ETag of the formerly retrieved - variant of the resource (Will be supported in future). - schema: - type: string - If-Modified-Since: - name: If-Modified-Since - in: header - description: | - Validator for conditional requests; based on Last Modified header of the - formerly retrieved variant of the resource (Will be supported in future). - schema: - type: string - If-Match: - name: If-Match - in: header - description: | - Validator for conditional requests; based on ETag (Will be supported in future). - schema: - type: string - If-Unmodified-Since: - name: If-Unmodified-Since - in: header - description: | - Validator for conditional requests; based on Last Modified header (Will be supported in future). - schema: - type: string limit: name: limit in: query @@ -7354,14 +8024,6 @@ components: schema: type: integer default: 0 - mediationPolicyId: - name: mediationPolicyId - in: path - description: | - Mediation policy Id - required: true - schema: - type: string user: name: user in: query @@ -7393,6 +8055,16 @@ components: required: true schema: type: string + roleId: + name: roleId + in: path + description: | + The Base 64 URL encoded role name with domain. If the given role is in PRIMARY user-store, role ID should be + derived as Base64URLEncode(role-name). If the given role is in secondary user-store, role ID should be + derived as Base64URLEncode({user-store-name}/{role-name}). + required: true + schema: + type: string apiId: name: apiId in: path @@ -7401,6 +8073,25 @@ components: required: true schema: type: string + labelId: + name: labelId + in: path + description: | + Label UUID + required: true + schema: + type: string + keyType: + name: keyType + in: path + description: | + **Application Key Type** standing for the type of the keys (i.e. Production or Sandbox). + required: true + schema: + type: string + enum: + - PRODUCTION + - SANDBOX securitySchemes: OAuth2Security: type: oauth2 @@ -7413,17 +8104,18 @@ components: apim:admin: Manage all admin operations apim:tier_view: View throttling policies apim:tier_manage: Update and delete throttling policies + apim:admin_tier_view: View throttling policies + apim:admin_tier_manage: Update and delete throttling policies apim:bl_view: View deny policies apim:bl_manage: Update and delete deny policies apim:mediation_policy_view: View mediation policies apim:mediation_policy_create: Create and update mediation policies apim:app_owner_change: Retrieve and manage applications + apim:app_settings_change: Change Application Settings apim:app_import_export: Import and export applications related operations apim:api_import_export: Import and export APIs related operations apim:api_product_import_export: Import and export API Products related operations - apim:label_manage: Manage microgateway labels - apim:label_read: Retrieve microgateway labels apim:environment_manage: Manage gateway environments apim:environment_read: Retrieve gateway environments apim:monetization_usage_publish: Retrieve and publish Monetization related @@ -7434,10 +8126,20 @@ components: apim:tenant_theme_manage: Manage tenant themes apim:admin_operations: Manage API categories and Key Managers related operations + apim:api_category: Manage API categories apim:admin_settings: Retrieve admin settings apim:admin_alert_manage: Manage admin alerts apim:api_workflow_view: Retrive workflow requests apim:scope_manage: Manage system scopes + apim:role_manage: Manage system roles + apim:admin_application_view: View Applications + apim:keymanagers_manage: Manage Key Managers + apim:api_provider_change: Retrieve and manage applications apim:llm_provider_manage: Manage LLM Providers + apim:gov_policy_read: Retrieve governance policies + apim:gov_policy_manage: Manage governance policies + apim:gov_result_read: Retrieve governance results + apim:gov_rule_read: Retrieve governance rules + apim:gov_rule_manage: Manage governance rules apim:organization_manage: Manage Organizations - apim:organization_read: Read Organizations + apim:organization_read: Read Organizations \ No newline at end of file diff --git a/all-in-one-apim/modules/integration/tests-common/integration-test-utils/src/main/java/org/wso2/am/integration/test/helpers/AdminApiTestHelper.java b/all-in-one-apim/modules/integration/tests-common/integration-test-utils/src/main/java/org/wso2/am/integration/test/helpers/AdminApiTestHelper.java index db5919ef0c..e1a510ad55 100644 --- a/all-in-one-apim/modules/integration/tests-common/integration-test-utils/src/main/java/org/wso2/am/integration/test/helpers/AdminApiTestHelper.java +++ b/all-in-one-apim/modules/integration/tests-common/integration-test-utils/src/main/java/org/wso2/am/integration/test/helpers/AdminApiTestHelper.java @@ -150,8 +150,6 @@ public void verifyLabelDTO(LabelDTO expectedLabel, LabelDTO actualLabel) { "Label name does not match with the expected name"); Assert.assertEquals(actualLabel.getDescription(), expectedLabel.getDescription(), "Label description does not match with the expected description"); - boolean isAccessUrlsEqual = actualLabel.getAccessUrls().equals(expectedLabel.getAccessUrls()); - Assert.assertTrue(isAccessUrlsEqual, "Access URLs does not match with the expected access URLs"); } /** diff --git a/all-in-one-apim/modules/integration/tests-common/integration-test-utils/src/main/java/org/wso2/am/integration/test/impl/DtoFactory.java b/all-in-one-apim/modules/integration/tests-common/integration-test-utils/src/main/java/org/wso2/am/integration/test/impl/DtoFactory.java index dcb19c07ab..a0ed6b1a77 100644 --- a/all-in-one-apim/modules/integration/tests-common/integration-test-utils/src/main/java/org/wso2/am/integration/test/impl/DtoFactory.java +++ b/all-in-one-apim/modules/integration/tests-common/integration-test-utils/src/main/java/org/wso2/am/integration/test/impl/DtoFactory.java @@ -430,15 +430,13 @@ public static AdvancedThrottlePolicyDTO createAdvancedThrottlePolicyDTO(String p * * @param name Name of the label. * @param description Description of the label. - * @param accessUrls Access URLs. * @return Created label DTO. */ - public static LabelDTO createLabelDTO(String name, String description, List accessUrls) { + public static LabelDTO createLabelDTO(String name, String description) { return new LabelDTO(). name(name). - description(description). - accessUrls(accessUrls); + description(description); } /** diff --git a/all-in-one-apim/modules/integration/tests-common/integration-test-utils/src/main/java/org/wso2/am/integration/test/impl/RestAPIAdminImpl.java b/all-in-one-apim/modules/integration/tests-common/integration-test-utils/src/main/java/org/wso2/am/integration/test/impl/RestAPIAdminImpl.java index 34a1c77bd9..5730e2a7d4 100644 --- a/all-in-one-apim/modules/integration/tests-common/integration-test-utils/src/main/java/org/wso2/am/integration/test/impl/RestAPIAdminImpl.java +++ b/all-in-one-apim/modules/integration/tests-common/integration-test-utils/src/main/java/org/wso2/am/integration/test/impl/RestAPIAdminImpl.java @@ -55,22 +55,22 @@ public class RestAPIAdminImpl { private AdvancedPolicyIndividualApi advancedPolicyIndividualApi = new AdvancedPolicyIndividualApi(); private AdvancedPolicyCollectionApi advancedPolicyCollectionApi = new AdvancedPolicyCollectionApi(); private ApplicationCollectionApi applicationCollectionApi = new ApplicationCollectionApi(); - private ImportExportThrottlingPolicyApi exportImportThrottlingPolicyApi = new ImportExportThrottlingPolicyApi(); - private ThrottlingPolicySearchApi throttlingPolicySearchApi = new ThrottlingPolicySearchApi(); + private ImportExportApi importExportApi = new ImportExportApi(); + private UnifiedSearchApi unifiedSearchApi = new UnifiedSearchApi(); private SystemScopesApi systemScopesApi = new SystemScopesApi(); private ApplicationApi applicationApi = new ApplicationApi(); private ApiProviderChangeApi apiProviderChangeApi = new ApiProviderChangeApi(); - private LabelApi labelApi = new LabelApi(); - private LabelCollectionApi labelCollectionApi = new LabelCollectionApi(); - private EnvironmentApi environmentApi = new EnvironmentApi(); + private LabelIndividualApi labelIndividualApi = new LabelIndividualApi(); + private LabelsCollectionApi labelsCollectionApi = new LabelsCollectionApi(); + private EnvironmentsApi environmentsApi = new EnvironmentsApi(); private LlmProviderApi llmProviderApi = new LlmProviderApi(); private LlmProvidersApi llmProvidersApi = new LlmProvidersApi(); private AiServiceProviderApi aiServiceProviderApi = new AiServiceProviderApi(); private AiServiceProvidersApi aiServiceProvidersApi = new AiServiceProvidersApi(); - private EnvironmentCollectionApi environmentCollectionApi = new EnvironmentCollectionApi(); private TenantConfigApi tenantConfigApi = new TenantConfigApi(); private TenantConfigSchemaApi tenantConfigSchemaApi = new TenantConfigSchemaApi(); private OrganizationsApi organizationApi = new OrganizationsApi(); + private PlatformGatewaysApi platformGatewaysApi = new PlatformGatewaysApi(); public static final String appName = "Integration_Test_App_Admin"; public static final String callBackURL = "test.com"; public static final String tokenScope = "Production"; @@ -144,18 +144,17 @@ public RestAPIAdminImpl(String username, String password, String tenantDomain, S denyPolicyIndividualApi.setApiClient(apiAdminClient); advancedPolicyIndividualApi.setApiClient(apiAdminClient); advancedPolicyCollectionApi.setApiClient(apiAdminClient); - exportImportThrottlingPolicyApi.setApiClient(apiAdminClient); - throttlingPolicySearchApi.setApiClient(apiAdminClient); + importExportApi.setApiClient(apiAdminClient); + unifiedSearchApi.setApiClient(apiAdminClient); applicationCollectionApi.setApiClient(apiAdminClient); applicationApi.setApiClient(apiAdminClient); - labelApi.setApiClient(apiAdminClient); - labelCollectionApi.setApiClient(apiAdminClient); - environmentApi.setApiClient(apiAdminClient); + labelIndividualApi.setApiClient(apiAdminClient); + labelsCollectionApi.setApiClient(apiAdminClient); + environmentsApi.setApiClient(apiAdminClient); llmProviderApi.setApiClient(apiAdminClient); llmProvidersApi.setApiClient(apiAdminClient); aiServiceProviderApi.setApiClient(apiAdminClient); aiServiceProvidersApi.setApiClient(apiAdminClient); - environmentCollectionApi.setApiClient(apiAdminClient); workflowCollectionApi.setApiClient(apiAdminClient); workflowsIndividualApi.setApiClient(apiAdminClient); apiCategoryCollectionApi.setApiClient(apiAdminClient); @@ -165,6 +164,7 @@ public RestAPIAdminImpl(String username, String password, String tenantDomain, S tenantConfigSchemaApi.setApiClient(apiAdminClient); apiProviderChangeApi.setApiClient(apiAdminClient); organizationApi.setApiClient(apiAdminClient); + platformGatewaysApi.setApiClient(apiAdminClient); this.tenantDomain = tenantDomain; } @@ -177,7 +177,7 @@ public RestAPIAdminImpl(String username, String password, String tenantDomain, S */ public ThrottlePolicyDetailsListDTO getThrottlePolicies (String query) throws ApiException { - return throttlingPolicySearchApi.throttlingPolicySearch(query); + return unifiedSearchApi.throttlingPolicySearch(query); } /** @@ -191,7 +191,7 @@ public ThrottlePolicyDetailsListDTO getThrottlePolicies (String query) throws Ap public ApiResponse exportThrottlePolicy(String policyName, String policyType) throws ApiException { - return exportImportThrottlingPolicyApi.exportThrottlingPolicyWithHttpInfo(null, policyName, policyType); + return importExportApi.exportThrottlingPolicyWithHttpInfo(null, policyName, policyType); } /** @@ -204,7 +204,7 @@ public ApiResponse exportThrottlePolicy(String policyNa */ public ApiResponse importThrottlePolicy(File file, Boolean overwrite) throws ApiException { - return exportImportThrottlingPolicyApi.importThrottlingPolicyWithHttpInfo(file, overwrite); + return importExportApi.importThrottlingPolicyWithHttpInfo(file, overwrite); } /*** @@ -253,7 +253,7 @@ public ApiResponse getApiCategories() throws ApiException { */ public ApiResponse deleteApiCategory(String uuid) throws ApiException { - return apiCategoryIndividualApi.apiCategoriesApiCategoryIdDeleteWithHttpInfo(uuid, null, null); + return apiCategoryIndividualApi.apiCategoriesApiCategoryIdDeleteWithHttpInfo(uuid); } /** @@ -263,7 +263,7 @@ public ApiResponse deleteApiCategory(String uuid) throws ApiException { * @throws ApiException if there is an error during the API call. */ public ApiResponse getLLMProviders() throws ApiException { - return llmProvidersApi.llmProvidersGetWithHttpInfo(); + return llmProvidersApi.getLLMProvidersWithHttpInfo(); } /** @@ -274,7 +274,7 @@ public ApiResponse getLLMProviders() throws A * @throws ApiException if there is an error during the API call. */ public ApiResponse getLLMProvider(String llmProviderId) throws ApiException { - return llmProviderApi.llmProvidersLlmProviderIdGetWithHttpInfo(llmProviderId); + return llmProviderApi.getLLMProviderWithHttpInfo(llmProviderId); } /** @@ -292,7 +292,7 @@ public ApiResponse getLLMProvider(String llmProviderId) public ApiResponse addLLMProvider(String name, String apiVersion, String description, String configuration, File apiDefinition, String modelList) throws ApiException { - return llmProvidersApi.llmProvidersPostWithHttpInfo(name, apiVersion, description, configuration, apiDefinition, + return llmProvidersApi.addLLMProviderWithHttpInfo(name, apiVersion, description, configuration, apiDefinition, modelList); } @@ -311,7 +311,7 @@ public ApiResponse addLLMProvider(String name, String ap */ public ApiResponse updateLLMProvider(String llmProviderId, String name, String apiVersion, String description, String configuration, File apiDefinition, String modelList) throws ApiException { - return llmProviderApi.llmProvidersLlmProviderIdPutWithHttpInfo(llmProviderId, name, apiVersion, description, + return llmProviderApi.updateLLMProviderWithHttpInfo(llmProviderId, name, apiVersion, description, configuration, apiDefinition, modelList); } @@ -323,7 +323,7 @@ public ApiResponse updateLLMProvider(String llmProviderI * @throws ApiException if there is an error during the API call. */ public ApiResponse deleteLLMProvider(String llmProviderId) throws ApiException { - return llmProviderApi.llmProvidersLlmProviderIdDeleteWithHttpInfo(llmProviderId); + return llmProviderApi.deleteLLMProviderWithHttpInfo(llmProviderId); } /** @@ -478,7 +478,7 @@ public ApiResponse getApplicationThrottlingPolicy( throws ApiException { return applicationPolicyIndividualApi - .throttlingPoliciesApplicationPolicyIdGetWithHttpInfo(policyId, null, null); + .throttlingPoliciesApplicationPolicyIdGetWithHttpInfo(policyId); } /** @@ -494,7 +494,7 @@ public ApiResponse updateApplicationThrottlingPoli return applicationPolicyIndividualApi .throttlingPoliciesApplicationPolicyIdPutWithHttpInfo(policyId, Constants.APPLICATION_JSON, - applicationThrottlePolicyDTO, null, null); + applicationThrottlePolicyDTO); } /** @@ -507,7 +507,7 @@ public ApiResponse updateApplicationThrottlingPoli public ApiResponse deleteApplicationThrottlingPolicy(String policyId) throws ApiException { return applicationPolicyIndividualApi - .throttlingPoliciesApplicationPolicyIdDeleteWithHttpInfo(policyId, null, null); + .throttlingPoliciesApplicationPolicyIdDeleteWithHttpInfo(policyId); } /** @@ -536,7 +536,7 @@ public ApiResponse getSubscriptionThrottlingPolic throws ApiException { return subscriptionPolicyIndividualApi - .throttlingPoliciesSubscriptionPolicyIdGetWithHttpInfo(policyId, null, null); + .throttlingPoliciesSubscriptionPolicyIdGetWithHttpInfo(policyId); } /** @@ -552,7 +552,7 @@ public ApiResponse updateSubscriptionThrottlingPo return subscriptionPolicyIndividualApi .throttlingPoliciesSubscriptionPolicyIdPutWithHttpInfo(policyId, - Constants.APPLICATION_JSON, subscriptionThrottlePolicyDTO, null, null); + Constants.APPLICATION_JSON, subscriptionThrottlePolicyDTO); } /** @@ -565,7 +565,7 @@ public ApiResponse updateSubscriptionThrottlingPo public ApiResponse deleteSubscriptionThrottlingPolicy(String policyId) throws ApiException { return subscriptionPolicyIndividualApi - .throttlingPoliciesSubscriptionPolicyIdDeleteWithHttpInfo(policyId, null, null); + .throttlingPoliciesSubscriptionPolicyIdDeleteWithHttpInfo(policyId); } /** @@ -590,7 +590,7 @@ public ApiResponse addCustomThrottlingPolicy(CustomRuleDTO custom public ApiResponse getCustomThrottlingPolicy(String policyId) throws ApiException { return customRulesIndividualApi - .throttlingPoliciesCustomRuleIdGetWithHttpInfo(policyId, null, null); + .throttlingPoliciesCustomRuleIdGetWithHttpInfo(policyId); } /** @@ -605,7 +605,7 @@ public ApiResponse updateCustomThrottlingPolicy(String policyId, throws ApiException { return customRulesIndividualApi.throttlingPoliciesCustomRuleIdPutWithHttpInfo(policyId, - Constants.APPLICATION_JSON, customRuleDTO, null, null); + Constants.APPLICATION_JSON, customRuleDTO); } /** @@ -617,7 +617,7 @@ public ApiResponse updateCustomThrottlingPolicy(String policyId, */ public ApiResponse deleteCustomThrottlingPolicy(String policyId) throws ApiException { - return customRulesIndividualApi.throttlingPoliciesCustomRuleIdDeleteWithHttpInfo(policyId, null, null); + return customRulesIndividualApi.throttlingPoliciesCustomRuleIdDeleteWithHttpInfo(policyId); } /** @@ -637,17 +637,16 @@ public ApiResponse addDenyThrottlingPolicy(BlockingConditi * Updates an deny throttling policy. * * @param conditionId policy id of the deny throttling policy to be updated. - * @param conditionType condition type of the deny throttling policy to be. * @param blockingConditionStatusDTO deny throttling policy status DTO to be updated. * @return API response returned by API call. * @throws ApiException if an error occurs while creating the deny throttling policy. */ - public ApiResponse updateDenyThrottlingPolicy(String conditionId, String conditionType, BlockingConditionStatusDTO blockingConditionStatusDTO) throws ApiException { + public ApiResponse updateDenyThrottlingPolicy(String conditionId, + BlockingConditionStatusDTO blockingConditionStatusDTO) throws ApiException { return denyPolicyIndividualApi - .throttlingDenyPolicyConditionIdPatchWithHttpInfo(conditionId,conditionType,blockingConditionStatusDTO, - null, - null); + .throttlingDenyPolicyConditionIdPatchWithHttpInfo(conditionId, Constants.APPLICATION_JSON, + blockingConditionStatusDTO); } /** @@ -659,7 +658,7 @@ public ApiResponse updateDenyThrottlingPolicy(String condi public ApiResponse getDenyThrottlingPolicy(String policyId) throws ApiException { return denyPolicyIndividualApi - .throttlingDenyPolicyConditionIdGetWithHttpInfo(policyId, null, null); + .throttlingDenyPolicyConditionIdGetWithHttpInfo(policyId); } /** @@ -670,7 +669,7 @@ public ApiResponse getDenyThrottlingPolicy(String policyId */ public BlockingConditionListDTO getBlockingConditionsByConditionTypeAndValue(String query) throws ApiException { - return denyPolicyCollectionApi.throttlingDenyPoliciesGet(Constants.APPLICATION_JSON, null, null, query); + return denyPolicyCollectionApi.throttlingDenyPoliciesGet(Constants.APPLICATION_JSON, query); } @@ -683,7 +682,7 @@ public BlockingConditionListDTO getBlockingConditionsByConditionTypeAndValue(Str */ public ApiResponse deleteDenyThrottlingPolicy(String policyId) throws ApiException { - return denyPolicyIndividualApi.throttlingDenyPolicyConditionIdDeleteWithHttpInfo(policyId, null, null); + return denyPolicyIndividualApi.throttlingDenyPolicyConditionIdDeleteWithHttpInfo(policyId); } /** @@ -709,7 +708,7 @@ public ApiResponse addAdvancedThrottlingPolicy( */ public ApiResponse getAdvancedThrottlingPolicy(String policyId) throws ApiException { - return advancedPolicyIndividualApi.throttlingPoliciesAdvancedPolicyIdGetWithHttpInfo(policyId, null, null); + return advancedPolicyIndividualApi.throttlingPoliciesAdvancedPolicyIdGetWithHttpInfo(policyId); } /** @@ -725,7 +724,7 @@ public ApiResponse updateAdvancedThrottlingPolicy(Str return advancedPolicyIndividualApi .throttlingPoliciesAdvancedPolicyIdPutWithHttpInfo(policyId, Constants.APPLICATION_JSON, - advancedThrottlePolicyDTO, null, null); + advancedThrottlePolicyDTO); } /** @@ -737,7 +736,7 @@ public ApiResponse updateAdvancedThrottlingPolicy(Str */ public ApiResponse deleteAdvancedThrottlingPolicy(String policyId) throws ApiException { - return advancedPolicyIndividualApi.throttlingPoliciesAdvancedPolicyIdDeleteWithHttpInfo(policyId, null, null); + return advancedPolicyIndividualApi.throttlingPoliciesAdvancedPolicyIdDeleteWithHttpInfo(policyId); } /** @@ -749,7 +748,7 @@ public ApiResponse deleteAdvancedThrottlingPolicy(String policyId) throws */ public ApiResponse addLabel(LabelDTO labelDTO) throws ApiException { - return labelApi.labelsPostWithHttpInfo(labelDTO); + return labelIndividualApi.createLabelWithHttpInfo(labelDTO); } /** @@ -760,7 +759,7 @@ public ApiResponse addLabel(LabelDTO labelDTO) throws ApiException { */ public ApiResponse getLabels() throws ApiException { - return labelCollectionApi.labelsGetWithHttpInfo(); + return labelsCollectionApi.getAllLabelsWithHttpInfo(); } /** @@ -773,7 +772,7 @@ public ApiResponse getLabels() throws ApiException { */ public ApiResponse updateLabel(String labelId, LabelDTO labelDTO) throws ApiException { - return labelApi.labelsLabelIdPutWithHttpInfo(labelId, labelDTO); + return labelIndividualApi.updateLabelWithHttpInfo(labelId, labelDTO); } /** @@ -785,7 +784,7 @@ public ApiResponse updateLabel(String labelId, LabelDTO labelDTO) thro */ public ApiResponse deleteLabel(String labelId) throws ApiException { - return labelApi.labelsLabelIdDeleteWithHttpInfo(labelId, null, null); + return labelIndividualApi.deleteLabelWithHttpInfo(labelId); } /** @@ -797,7 +796,7 @@ public ApiResponse deleteLabel(String labelId) throws ApiException { */ public ApiResponse addEnvironment(EnvironmentDTO environmentDTO) throws ApiException { - return environmentApi.environmentsPostWithHttpInfo(environmentDTO); + return environmentsApi.environmentsPostWithHttpInfo(environmentDTO); } /** @@ -808,7 +807,48 @@ public ApiResponse addEnvironment(EnvironmentDTO environmentDTO) */ public ApiResponse getEnvironments() throws ApiException { - return environmentCollectionApi.environmentsGetWithHttpInfo(); + return environmentsApi.environmentsGetWithHttpInfo(); + } + + /** + * Retrieves a gateway environment by id (including APIPlatform gateways by gateway UUID). + * {@link #getEnvironments()} intentionally omits platform gateways; use this for deploy-target lookups. + * + * @param environmentId Gateway environment UUID (same as platform gateway id for APIPlatform type). + * @return API response containing {@link EnvironmentDTO}. + * @throws ApiException if retrieval fails or the environment does not exist. + */ + public ApiResponse getEnvironment(String environmentId) throws ApiException { + + return environmentsApi.environmentsEnvironmentIdGetWithHttpInfo(environmentId); + } + + public ApiResponse createPlatformGateway( + CreatePlatformGatewayRequestDTO body) throws ApiException { + + return platformGatewaysApi.createPlatformGatewayWithHttpInfo(body); + } + + public ApiResponse getPlatformGateways() throws ApiException { + + return platformGatewaysApi.getPlatformGatewaysWithHttpInfo(); + } + + public ApiResponse updatePlatformGateway(String gatewayId, + UpdatePlatformGatewayRequestDTO body) throws ApiException { + + return platformGatewaysApi.updatePlatformGatewayWithHttpInfo(gatewayId, body); + } + + public ApiResponse regeneratePlatformGatewayToken(String gatewayId) + throws ApiException { + + return platformGatewaysApi.regeneratePlatformGatewayTokenWithHttpInfo(gatewayId); + } + + public ApiResponse deletePlatformGateway(String gatewayId) throws ApiException { + + return platformGatewaysApi.deletePlatformGatewayWithHttpInfo(gatewayId); } /** @@ -822,7 +862,7 @@ public ApiResponse getEnvironments() throws ApiException { public ApiResponse updateEnvironment(String environmentId, EnvironmentDTO environmentDTO) throws ApiException { - return environmentApi.environmentsEnvironmentIdPutWithHttpInfo(environmentId, environmentDTO); + return environmentsApi.environmentsEnvironmentIdPutWithHttpInfo(environmentId, environmentDTO); } /** @@ -834,7 +874,7 @@ public ApiResponse updateEnvironment(String environmentId, Envir */ public ApiResponse deleteEnvironment(String environmentId) throws ApiException { - return environmentApi.environmentsEnvironmentIdDeleteWithHttpInfo(environmentId); + return environmentsApi.environmentsEnvironmentIdDeleteWithHttpInfo(environmentId); } /** @@ -851,7 +891,7 @@ public ApiResponse getApplications(String user, Integer limi String appTenantDomain, String name) throws ApiException { return applicationCollectionApi.applicationsGetWithHttpInfo(user, limit, offset, null, - null, name, appTenantDomain); + name, appTenantDomain, null, null); } /** @@ -911,7 +951,7 @@ public HttpResponse getWorkflowByExternalWorkflowReference(String externalWorkfl HttpResponse response = null; Gson gson = new Gson(); try { - workflowInfodto = workflowsIndividualApi.workflowsExternalWorkflowRefGet(externalWorkflowRef, null); + workflowInfodto = workflowsIndividualApi.workflowsExternalWorkflowRefGet(externalWorkflowRef); } catch (ApiException e) { return new HttpResponse(gson.toJson(e.getResponseBody()), e.getCode()); } @@ -926,7 +966,7 @@ public HttpResponse getWorkflows(String workflowType) throws ApiException { HttpResponse response = null; Gson gson = new Gson(); try { - workflowListdto = workflowCollectionApi.workflowsGet(null, null, null, null, workflowType); + workflowListdto = workflowCollectionApi.workflowsGet(null, null, null, workflowType); response = new HttpResponse(gson.toJson(workflowListdto), 200); } catch (ApiException e) { return new HttpResponse(gson.toJson(e.getResponseBody()), e.getCode()); @@ -996,7 +1036,8 @@ public String getTenantConfig() throws ApiException { * @throws ApiException if an error occurs updating the tenant conf. */ public Object updateTenantConfig(Object tenantConf) throws ApiException { - return tenantConfigApi.updateTenantConfig(tenantConf); + String body = tenantConf instanceof String ? (String) tenantConf : new Gson().toJson(tenantConf); + return tenantConfigApi.updateTenantConfig(body); } /** @@ -1011,7 +1052,7 @@ public Object getTenantConfigSchema() throws ApiException { public WorkflowListDTO getWorkflowsByWorkflowType(String workflowType) throws ApiException { - return workflowCollectionApi.workflowsGet(null, null, null, null, workflowType); + return workflowCollectionApi.workflowsGet(null, null, null, workflowType); } /*** diff --git a/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/login/EmailUserNameLoginTestCase.java b/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/login/EmailUserNameLoginTestCase.java index fdb4c90742..22e2a61d8d 100644 --- a/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/login/EmailUserNameLoginTestCase.java +++ b/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/login/EmailUserNameLoginTestCase.java @@ -136,7 +136,7 @@ public void LoginWithEmailUserNameTestCase() // check for Admin Portal login with email user name restAPIAdmin = new RestAPIAdminImpl(TENANT_ADMIN_USERNAME, PASSWORD, TENANT_DOMAIN, "https://localhost:9943/"); ApplicationThrottlePolicyListDTO listDTO = - restAPIAdmin.applicationPolicyCollectionApi.throttlingPoliciesApplicationGet(null, null, null); + restAPIAdmin.applicationPolicyCollectionApi.throttlingPoliciesApplicationGet(null); assertNotNull(listDTO, "Login to Admin portal with email username failed"); } @@ -170,7 +170,7 @@ public void LoginWithTenantUserEmailUserNameTestCase() throws Exception { // check for Admin Portal login with email user name restAPIAdmin = new RestAPIAdminImpl(TENANT_USER_USERNAME, PASSWORD, TENANT_DOMAIN, adminURLHttps); ApplicationThrottlePolicyListDTO listDTO = - restAPIAdmin.applicationPolicyCollectionApi.throttlingPoliciesApplicationGet(null, null, null); + restAPIAdmin.applicationPolicyCollectionApi.throttlingPoliciesApplicationGet(null); assertNotNull(listDTO, "Login to Admin portal with email username failed"); } diff --git a/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/other/APIDenyPolicyTestCase.java b/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/other/APIDenyPolicyTestCase.java index 3974e77724..f8890f5cda 100644 --- a/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/other/APIDenyPolicyTestCase.java +++ b/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/other/APIDenyPolicyTestCase.java @@ -161,14 +161,14 @@ public void testAddAPIDenyPolicyWithTheSameContext() { public void testUpdateAPIDenyPolicyStatus() throws ApiException { String denyPolicyId = blockingConditionDTO.getConditionId(); - String conditionType = blockingConditionDTO.getConditionType().toString(); boolean conditionStatus = false; BlockingConditionStatusDTO blockingConditionStatusDTO = new BlockingConditionStatusDTO(); blockingConditionStatusDTO.setConditionStatus(conditionStatus); blockingConditionStatusDTO.setConditionId(denyPolicyId); - ApiResponse updatedCondition = restAPIAdmin.updateDenyThrottlingPolicy(denyPolicyId, conditionType, blockingConditionStatusDTO); + ApiResponse updatedCondition = restAPIAdmin.updateDenyThrottlingPolicy(denyPolicyId, + blockingConditionStatusDTO); Assert.assertEquals(updatedCondition.getStatusCode(), HttpStatus.SC_OK); BlockingConditionDTO updatedBlockedCondition = updatedCondition.getData(); diff --git a/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/restapi/admin/PlatformGatewayIntegrationTestCase.java b/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/restapi/admin/PlatformGatewayIntegrationTestCase.java new file mode 100644 index 0000000000..ce79e52e6b --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/restapi/admin/PlatformGatewayIntegrationTestCase.java @@ -0,0 +1,483 @@ +/* + * Copyright (c) 2026, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.am.integration.tests.restapi.admin; + +import org.apache.commons.lang.StringUtils; +import org.apache.http.HttpStatus; +import org.eclipse.jetty.util.ssl.SslContextFactory; +import org.eclipse.jetty.websocket.api.Session; +import org.eclipse.jetty.websocket.client.ClientUpgradeRequest; +import org.eclipse.jetty.websocket.client.WebSocketClient; +import org.json.JSONObject; +import org.wso2.am.integration.tests.websocket.client.WebSocketClientImpl; +import org.testng.Assert; +import org.testng.annotations.AfterMethod; +import org.testng.annotations.BeforeClass; +import org.testng.annotations.DataProvider; +import org.testng.annotations.Factory; +import org.testng.annotations.Test; +import org.wso2.am.integration.clients.admin.ApiException; +import org.wso2.am.integration.clients.admin.ApiResponse; +import org.wso2.am.integration.clients.admin.api.dto.CreatePlatformGatewayRequestDTO; +import org.wso2.am.integration.clients.admin.api.dto.EnvironmentDTO; +import org.wso2.am.integration.clients.admin.api.dto.EnvironmentListDTO; +import org.wso2.am.integration.clients.admin.api.dto.GatewayListDTO; +import org.wso2.am.integration.clients.admin.api.dto.GatewayResponseWithTokenDTO; +import org.wso2.am.integration.clients.admin.api.dto.PlatformGatewayResponseDTO; +import org.wso2.am.integration.clients.admin.api.dto.UpdatePlatformGatewayRequestDTO; +import org.wso2.am.integration.test.utils.APIManagerIntegrationTestException; +import org.wso2.am.integration.test.utils.base.APIMIntegrationBaseTest; +import org.wso2.am.integration.test.utils.http.HTTPSClientUtils; +import org.wso2.carbon.automation.engine.annotations.ExecutionEnvironment; +import org.wso2.carbon.automation.engine.annotations.SetEnvironment; +import org.wso2.carbon.automation.engine.context.TestUserMode; +import org.wso2.carbon.automation.test.utils.http.client.HttpResponse; + +import java.net.URI; +import java.util.UUID; +import java.util.Collections; +import java.util.HashMap; +import java.util.Map; +import java.util.concurrent.ExecutionException; +import java.util.concurrent.Future; +import java.util.concurrent.TimeUnit; + +/** + * Integration tests for platform (Universal) gateway admin APIs, environment surfacing, + * WebSocket connect to internal data plane, and gateway-scoped internal REST (/deployments, /fetch-batch, since). + * Also covers: unknown environment 404, platform gateways omitted from GET /environments list. + */ +@SetEnvironment(executionEnvironments = {ExecutionEnvironment.STANDALONE}) +public class PlatformGatewayIntegrationTestCase extends APIMIntegrationBaseTest { + + private static final String GATEWAY_TYPE_PLATFORM = "APIPlatform"; + private static final String INTERNAL_DATA_V1 = "https://localhost:9943/internal/data/v1"; + private static final String INTERNAL_GATEWAY_WELL_KNOWN = "https://localhost:9943/internal/gateway/.well-known"; + private static final String WS_GATEWAY_CONNECT_PATH = "/ws/gateways/connect"; + + private String lastCreatedGatewayId; + private String lastRegistrationToken; + + @Factory(dataProvider = "userModeDataProvider") + public PlatformGatewayIntegrationTestCase(TestUserMode userMode) { + this.userMode = userMode; + } + + @DataProvider + public static Object[][] userModeDataProvider() { + return new Object[][]{ + new Object[]{TestUserMode.SUPER_TENANT_ADMIN}, + new Object[]{TestUserMode.TENANT_ADMIN} + }; + } + + @BeforeClass(alwaysRun = true) + public void init() throws APIManagerIntegrationTestException { + super.init(userMode); + } + + @AfterMethod(alwaysRun = true) + public void cleanupLastGateway() { + if (StringUtils.isBlank(lastCreatedGatewayId)) { + return; + } + try { + restAPIAdmin.deletePlatformGateway(lastCreatedGatewayId); + } catch (ApiException ignored) { + // Gateway may already be removed by the test. + } finally { + lastCreatedGatewayId = null; + lastRegistrationToken = null; + } + } + + private String uniqueGatewayName() { + return "igw-" + System.currentTimeMillis(); + } + + private CreatePlatformGatewayRequestDTO newCreateRequest(String name) { + CreatePlatformGatewayRequestDTO dto = new CreatePlatformGatewayRequestDTO(); + dto.setName(name); + dto.setDisplayName("Integration test gateway"); + dto.setDescription("Created by PlatformGatewayIntegrationTestCase"); + dto.setVhost(java.net.URI.create("https://localhost:9999")); + return dto; + } + + private void registerForCleanup(String gatewayId, String token) { + this.lastCreatedGatewayId = gatewayId; + this.lastRegistrationToken = token; + } + + /** + * Resolves the deploy-target environment view for a platform gateway. {@code GET /environments} + * intentionally omits platform gateways; {@code GET /environments/{id}} includes them by gateway UUID. + */ + private EnvironmentDTO findUniversalEnv(String gatewayId) throws ApiException { + try { + ApiResponse res = restAPIAdmin.getEnvironment(gatewayId); + if (res.getStatusCode() != HttpStatus.SC_OK || res.getData() == null) { + return null; + } + EnvironmentDTO e = res.getData(); + if (GATEWAY_TYPE_PLATFORM.equals(e.getGatewayType()) && gatewayId.equals(e.getId())) { + return e; + } + return null; + } catch (ApiException e) { + if (e.getCode() == HttpStatus.SC_NOT_FOUND) { + return null; + } + throw e; + } + } + + /** + * Connection state from {@code GET /gateways} ({@link PlatformGatewayResponseDTO#isIsActive()}). + * Use this instead of parsing {@link EnvironmentDTO#getAdditionalProperties()} / {@code status}: the environment + * deploy-target DTO often omits or mis-deserializes those fields in the integration client, while the platform + * gateway API mirrors persisted DB {@code isActive} reliably. + */ + private Boolean readPlatformGatewayIsActive(String gatewayId) throws ApiException { + ApiResponse res = restAPIAdmin.getPlatformGateways(); + if (res.getStatusCode() != HttpStatus.SC_OK || res.getData() == null || res.getData().getList() == null) { + return null; + } + for (PlatformGatewayResponseDTO g : res.getData().getList()) { + if (gatewayId.equals(g.getId())) { + return g.isIsActive(); + } + } + return null; + } + + /** Polls {@link #readPlatformGatewayIsActive} until it matches {@code expectConnected} (true = CP marks gateway active). */ + private void awaitUniversalEnvConnected(String gatewayId, boolean expectConnected, long timeoutMs) + throws Exception { + + long deadline = System.currentTimeMillis() + timeoutMs; + Boolean last = null; + while (System.currentTimeMillis() < deadline) { + last = readPlatformGatewayIsActive(gatewayId); + if (last != null && last.booleanValue() == expectConnected) { + return; + } + Thread.sleep(500L); + } + Assert.fail("Timed out waiting for platform gateway " + gatewayId + " connected=" + expectConnected + + " (last GET /gateways isActive=" + last + ")"); + } + + /** + * WebSocket client that trusts all TLS certs (integration only), required for {@code wss://localhost:9943}. + */ + private WebSocketClient newInternalDataWebSocketClient() { + SslContextFactory sslContextFactory = new SslContextFactory(); + sslContextFactory.setTrustAll(true); + return new WebSocketClient(sslContextFactory); + } + + @Test + public void testPlatformGatewayCrudListUpdateRegenerateAndDelete() throws Exception { + String name = uniqueGatewayName(); + ApiResponse created = + restAPIAdmin.createPlatformGateway(newCreateRequest(name)); + Assert.assertEquals(created.getStatusCode(), HttpStatus.SC_CREATED); + GatewayResponseWithTokenDTO body = created.getData(); + Assert.assertNotNull(body.getId()); + Assert.assertTrue(StringUtils.isNotBlank(body.getRegistrationToken())); + Assert.assertEquals(body.getName(), name); + + registerForCleanup(body.getId(), body.getRegistrationToken()); + + ApiResponse listed = restAPIAdmin.getPlatformGateways(); + Assert.assertEquals(listed.getStatusCode(), HttpStatus.SC_OK); + boolean seen = false; + if (listed.getData().getList() != null) { + for (PlatformGatewayResponseDTO g : listed.getData().getList()) { + if (name.equals(g.getName())) { + seen = true; + break; + } + } + } + Assert.assertTrue(seen, "Created gateway should appear in GET /gateways list"); + + UpdatePlatformGatewayRequestDTO update = new UpdatePlatformGatewayRequestDTO(); + update.setName(name); + update.setVhost(java.net.URI.create("https://localhost:9999")); + update.setDisplayName("Updated display"); + update.setDescription("updated"); + ApiResponse put = + restAPIAdmin.updatePlatformGateway(body.getId(), update); + Assert.assertEquals(put.getStatusCode(), HttpStatus.SC_OK); + Assert.assertEquals(put.getData().getDisplayName(), "Updated display"); + + String oldToken = body.getRegistrationToken(); + ApiResponse regen = + restAPIAdmin.regeneratePlatformGatewayToken(body.getId()); + Assert.assertEquals(regen.getStatusCode(), HttpStatus.SC_OK); + Assert.assertTrue(StringUtils.isNotBlank(regen.getData().getRegistrationToken())); + Assert.assertNotEquals(regen.getData().getRegistrationToken(), oldToken); + + Map oldHeaders = new HashMap<>(); + oldHeaders.put("api-key", oldToken); + HttpResponse oldDep = HTTPSClientUtils.doGet(INTERNAL_DATA_V1 + "/deployments", oldHeaders); + Assert.assertEquals(oldDep.getResponseCode(), HttpStatus.SC_UNAUTHORIZED, + "Revoked registration token should not authenticate internal /deployments"); + + lastRegistrationToken = regen.getData().getRegistrationToken(); + + restAPIAdmin.deletePlatformGateway(body.getId()); + lastCreatedGatewayId = null; + lastRegistrationToken = null; + + try { + restAPIAdmin.deletePlatformGateway(body.getId()); + Assert.fail("Expected 404 when deleting removed gateway"); + } catch (ApiException e) { + Assert.assertEquals(e.getCode(), HttpStatus.SC_NOT_FOUND); + } + } + + @Test + public void testDuplicatePlatformGatewayNameReturnsConflict() throws Exception { + String name = uniqueGatewayName(); + ApiResponse first = restAPIAdmin.createPlatformGateway(newCreateRequest(name)); + Assert.assertEquals(first.getStatusCode(), HttpStatus.SC_CREATED); + registerForCleanup(first.getData().getId(), first.getData().getRegistrationToken()); + try { + restAPIAdmin.createPlatformGateway(newCreateRequest(name)); + Assert.fail("Expected conflict for duplicate gateway name"); + } catch (ApiException e) { + Assert.assertEquals(e.getCode(), HttpStatus.SC_CONFLICT); + } + } + + @Test + public void testInvalidPlatformGatewayNameReturnsBadRequest() throws Exception { + CreatePlatformGatewayRequestDTO dto = newCreateRequest("Invalid_Name"); + try { + restAPIAdmin.createPlatformGateway(dto); + Assert.fail("Expected validation error for invalid name pattern"); + } catch (ApiException e) { + Assert.assertEquals(e.getCode(), HttpStatus.SC_BAD_REQUEST); + } + } + + @Test + public void testUniversalEnvironmentListsGatewayInactiveBeforeConnect() throws Exception { + String name = uniqueGatewayName(); + ApiResponse created = + restAPIAdmin.createPlatformGateway(newCreateRequest(name)); + String gatewayId = created.getData().getId(); + registerForCleanup(gatewayId, created.getData().getRegistrationToken()); + + EnvironmentDTO env = findUniversalEnv(gatewayId); + Assert.assertNotNull(env, "Platform gateway should be retrievable as GET /environments/{gatewayId}"); + Assert.assertEquals(env.getGatewayType(), GATEWAY_TYPE_PLATFORM); + Boolean active = readPlatformGatewayIsActive(gatewayId); + Assert.assertNotNull(active, "Created gateway should appear in GET /gateways"); + Assert.assertFalse(active, "Gateway should not be active before WebSocket connect (GET /gateways isActive)"); + Assert.assertTrue((env.getVhost() != null) + || (env.getVhosts() != null && !env.getVhosts().isEmpty() + && StringUtils.isNotBlank(env.getVhosts().get(0).getHost())), + "Environment should expose gateway host via vhost or vhosts"); + } + + @Test + public void testWebSocketConnectSetsUniversalEnvironmentActive() throws Exception { + String name = uniqueGatewayName(); + ApiResponse created = + restAPIAdmin.createPlatformGateway(newCreateRequest(name)); + String gatewayId = created.getData().getId(); + String token = created.getData().getRegistrationToken(); + registerForCleanup(gatewayId, token); + + WebSocketClient client = newInternalDataWebSocketClient(); + WebSocketClientImpl socket = new WebSocketClientImpl(); + client.start(); + try { + URI wsUri = new URI("wss://localhost:9943/internal/data/v1" + WS_GATEWAY_CONNECT_PATH); + ClientUpgradeRequest request = new ClientUpgradeRequest(); + request.setHeader("api-key", token); + Future future = client.connect(socket, wsUri, request); + Session session = future.get(15, TimeUnit.SECONDS); + Assert.assertTrue(session.isOpen(), "WebSocket session should be open after successful connect"); + socket.getLatch().await(5L, TimeUnit.SECONDS); + + awaitUniversalEnvConnected(gatewayId, true, 15000L); + + session.close(); + awaitUniversalEnvConnected(gatewayId, false, 15000L); + } finally { + client.stop(); + } + } + + @Test + public void testWebSocketRejectedForInvalidRegistrationToken() throws Exception { + WebSocketClient client = newInternalDataWebSocketClient(); + WebSocketClientImpl socket = new WebSocketClientImpl(); + client.start(); + try { + URI wsUri = new URI("wss://localhost:9943/internal/data/v1" + WS_GATEWAY_CONNECT_PATH); + ClientUpgradeRequest request = new ClientUpgradeRequest(); + request.setHeader("api-key", "definitely-not-a-valid-platform-gateway-token"); + Future future = client.connect(socket, wsUri, request); + Session session; + try { + session = future.get(15, TimeUnit.SECONDS); + } catch (ExecutionException e) { + // Handshake failed before a session was established. + return; + } + /* + * JSR-356/Jetty may complete the connect future after the HTTP upgrade even when the server + * closes in @OnOpen with 4401 (Unauthorized). Reject invalid tokens by asserting the session + * does not stay open. + */ + long deadline = System.currentTimeMillis() + 5000L; + while (session.isOpen() && System.currentTimeMillis() < deadline) { + Thread.sleep(100L); + } + Assert.assertFalse(session.isOpen(), + "Invalid api-key must close the WebSocket (server uses close code 4401)"); + } finally { + client.stop(); + } + } + + @Test + public void testInternalDeploymentsGetWithValidApiKey() throws Exception { + String name = uniqueGatewayName(); + ApiResponse created = + restAPIAdmin.createPlatformGateway(newCreateRequest(name)); + registerForCleanup(created.getData().getId(), created.getData().getRegistrationToken()); + String token = created.getData().getRegistrationToken(); + + Map headers = new HashMap<>(); + headers.put("api-key", token); + HttpResponse res = HTTPSClientUtils.doGet(INTERNAL_DATA_V1 + "/deployments", headers); + Assert.assertEquals(res.getResponseCode(), HttpStatus.SC_OK); + JSONObject json = new JSONObject(res.getData()); + Assert.assertTrue(json.has("deployments"), "Response should contain deployments array"); + } + + @Test + public void testInternalDeploymentsGetWithoutApiKeyReturnsUnauthorized() throws Exception { + HttpResponse res = HTTPSClientUtils.doGet(INTERNAL_DATA_V1 + "/deployments", Collections.emptyMap()); + Assert.assertEquals(res.getResponseCode(), HttpStatus.SC_UNAUTHORIZED); + } + + @Test + public void testInternalGatewayWellKnownReturnsDiscoveryPayload() throws Exception { + HttpResponse res = HTTPSClientUtils.doGet(INTERNAL_GATEWAY_WELL_KNOWN, Collections.emptyMap()); + Assert.assertEquals(res.getResponseCode(), HttpStatus.SC_OK); + + JSONObject json = new JSONObject(res.getData()); + Assert.assertEquals(json.optString("gatewayPath"), "internal/data/v1", + "Well-known should expose internal REST base path without /ws suffix"); + JSONObject controlPlane = json.optJSONObject("controlPlane"); + Assert.assertNotNull(controlPlane, "Well-known payload should include controlPlane metadata"); + Assert.assertEquals(controlPlane.optString("type"), "APIM"); + Assert.assertTrue(StringUtils.isNotBlank(controlPlane.optString("version")), + "Well-known control plane version should be present"); + } + + @Test + public void testGetEnvironmentByUnknownIdReturnsNotFound() throws Exception { + try { + restAPIAdmin.getEnvironment(UUID.randomUUID().toString()); + Assert.fail("Expected ApiException for non-existent environment id"); + } catch (ApiException e) { + Assert.assertEquals(e.getCode(), HttpStatus.SC_NOT_FOUND); + } + } + + @Test + public void testEnvironmentsListExcludesRegisteredPlatformGatewayByName() throws Exception { + String name = uniqueGatewayName(); + ApiResponse created = + restAPIAdmin.createPlatformGateway(newCreateRequest(name)); + Assert.assertEquals(created.getStatusCode(), HttpStatus.SC_CREATED); + registerForCleanup(created.getData().getId(), created.getData().getRegistrationToken()); + + ApiResponse listRes = restAPIAdmin.getEnvironments(); + Assert.assertEquals(listRes.getStatusCode(), HttpStatus.SC_OK); + if (listRes.getData() != null && listRes.getData().getList() != null) { + for (EnvironmentDTO e : listRes.getData().getList()) { + Assert.assertNotEquals(name, e.getName(), + "GET /environments must not expose synthetic platform gateway environments by name"); + } + } + } + + @Test + public void testInternalDeploymentsGetWithSinceQueryAccepted() throws Exception { + ApiResponse created = + restAPIAdmin.createPlatformGateway(newCreateRequest(uniqueGatewayName())); + registerForCleanup(created.getData().getId(), created.getData().getRegistrationToken()); + String token = created.getData().getRegistrationToken(); + + Map headers = new HashMap<>(); + headers.put("api-key", token); + HttpResponse res = HTTPSClientUtils.doGet( + INTERNAL_DATA_V1 + "/deployments?since=1970-01-01T00:00:00Z", headers); + Assert.assertEquals(res.getResponseCode(), HttpStatus.SC_OK, + "GET /deployments should accept optional ISO8601 since filter"); + JSONObject json = new JSONObject(res.getData()); + Assert.assertTrue(json.has("deployments")); + } + + @Test + public void testInternalFetchBatchWithUnknownDeploymentIdsReturnsOk() throws Exception { + ApiResponse created = + restAPIAdmin.createPlatformGateway(newCreateRequest(uniqueGatewayName())); + registerForCleanup(created.getData().getId(), created.getData().getRegistrationToken()); + String token = created.getData().getRegistrationToken(); + + Map headers = new HashMap<>(); + headers.put("api-key", token); + headers.put("Content-Type", "application/json"); + String payload = + "{\"deploymentIds\":[\"aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee\",\"bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb\"]}"; + HttpResponse res = HTTPSClientUtils.doPost(INTERNAL_DATA_V1 + "/deployments/fetch-batch", headers, payload); + Assert.assertEquals(res.getResponseCode(), HttpStatus.SC_OK, + "fetch-batch skips unknown ids and still returns an archive envelope"); + Assert.assertNotNull(res.getData()); + } + + @Test + public void testInternalDeploymentsFetchBatchWithEmptyList() throws Exception { + String name = uniqueGatewayName(); + ApiResponse created = + restAPIAdmin.createPlatformGateway(newCreateRequest(name)); + registerForCleanup(created.getData().getId(), created.getData().getRegistrationToken()); + String token = created.getData().getRegistrationToken(); + + Map headers = new HashMap<>(); + headers.put("api-key", token); + headers.put("Content-Type", "application/json"); + String payload = "{\"deploymentIds\":[]}"; + HttpResponse res = HTTPSClientUtils.doPost(INTERNAL_DATA_V1 + "/deployments/fetch-batch", headers, payload); + Assert.assertEquals(res.getResponseCode(), HttpStatus.SC_BAD_REQUEST, + "Empty deploymentIds should be rejected for fetch-batch"); + } +} diff --git a/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/restapi/admin/PlatformGatewayPublisherDeployIntegrationTestCase.java b/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/restapi/admin/PlatformGatewayPublisherDeployIntegrationTestCase.java new file mode 100644 index 0000000000..9b8fab31a6 --- /dev/null +++ b/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/am/integration/tests/restapi/admin/PlatformGatewayPublisherDeployIntegrationTestCase.java @@ -0,0 +1,658 @@ +/* + * Copyright (c) 2026, WSO2 LLC. (http://www.wso2.com). + * + * WSO2 LLC. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.wso2.am.integration.tests.restapi.admin; + +import org.apache.http.HttpStatus; +import org.eclipse.jetty.util.ssl.SslContextFactory; +import org.eclipse.jetty.websocket.api.Session; +import org.eclipse.jetty.websocket.api.annotations.OnWebSocketConnect; +import org.eclipse.jetty.websocket.api.annotations.OnWebSocketMessage; +import org.eclipse.jetty.websocket.api.annotations.WebSocket; +import org.eclipse.jetty.websocket.client.ClientUpgradeRequest; +import org.eclipse.jetty.websocket.client.WebSocketClient; +import org.json.JSONArray; +import org.json.JSONObject; +import org.testng.Assert; +import org.testng.annotations.BeforeClass; +import org.testng.annotations.DataProvider; +import org.testng.annotations.Factory; +import org.testng.annotations.Test; +import org.wso2.am.integration.clients.admin.ApiException; +import org.wso2.am.integration.clients.admin.ApiResponse; +import org.wso2.am.integration.clients.admin.api.dto.CreatePlatformGatewayRequestDTO; +import org.wso2.am.integration.clients.admin.api.dto.GatewayResponseWithTokenDTO; +import org.wso2.am.integration.clients.store.api.v1.dto.APIKeyDTO; +import org.wso2.am.integration.clients.store.api.v1.dto.APIKeyInfoDTO; +import org.wso2.am.integration.clients.store.api.v1.dto.APIKeyListDTO; +import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationDTO; +import org.wso2.am.integration.clients.store.api.v1.dto.SubscriptionDTO; +import org.wso2.am.integration.test.utils.APIManagerIntegrationTestException; +import org.wso2.am.integration.test.utils.base.APIMIntegrationBaseTest; +import org.wso2.am.integration.test.utils.base.APIMIntegrationConstants; +import org.wso2.am.integration.test.utils.bean.APIRequest; +import org.wso2.am.integration.test.utils.bean.APIRevisionDeployUndeployRequest; +import org.wso2.am.integration.test.utils.bean.APIRevisionRequest; +import org.wso2.am.integration.test.utils.http.HTTPSClientUtils; +import org.wso2.carbon.automation.engine.annotations.ExecutionEnvironment; +import org.wso2.carbon.automation.engine.annotations.SetEnvironment; +import org.wso2.carbon.automation.engine.context.TestUserMode; +import org.wso2.carbon.automation.test.utils.http.client.HttpResponse; + +import java.net.URI; +import java.net.URL; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.concurrent.CopyOnWriteArrayList; +import java.util.concurrent.Future; +import java.util.concurrent.TimeUnit; + +/** + * End-to-end checks for Publisher revision deploy to a Universal (platform) gateway by environment + * name, and visibility of that deployment on internal gateway sync APIs ({@code GET /deployments}, + * {@code POST /deployments/fetch-batch}). + */ +@SetEnvironment(executionEnvironments = {ExecutionEnvironment.STANDALONE}) +public class PlatformGatewayPublisherDeployIntegrationTestCase extends APIMIntegrationBaseTest { + + private static final String INTERNAL_DATA_V1 = "https://localhost:9943/internal/data/v1"; + /** Expected in generated platform gateway API YAML (see PlatformGatewayAPIYamlConverter in carbon-apimgt). */ + private static final String PLATFORM_GATEWAY_YAML_API_VERSION = "gateway.api-platform.wso2.com"; + private static final long DEPLOYMENT_SYNC_TIMEOUT_MS = 120_000L; + private static final long POLL_INTERVAL_MS = 500L; + + private String apiEndPointUrl; + + @WebSocket + public static class InternalEventCollectorWebSocket { + private final List messages = new CopyOnWriteArrayList<>(); + private volatile Session session; + + @OnWebSocketConnect + public void onConnect(Session connectedSession) { + this.session = connectedSession; + } + + @OnWebSocketMessage + public void onText(Session ignored, String message) { + messages.add(message); + } + + public boolean isOpen() { + return session != null && session.isOpen(); + } + + public List getMessages() { + return messages; + } + } + + @Factory(dataProvider = "userModeDataProvider") + public PlatformGatewayPublisherDeployIntegrationTestCase(TestUserMode userMode) { + this.userMode = userMode; + } + + @DataProvider + public static Object[][] userModeDataProvider() { + return new Object[][]{ + new Object[]{TestUserMode.SUPER_TENANT_ADMIN}, + new Object[]{TestUserMode.TENANT_ADMIN} + }; + } + + @BeforeClass(alwaysRun = true) + public void init() throws APIManagerIntegrationTestException { + super.init(userMode); + apiEndPointUrl = backEndServerUrl.getWebAppURLHttp() + "jaxrs_basic/services/customers/customerservice/"; + } + + private String uniqueGatewayName() { + return "igw-" + System.currentTimeMillis(); + } + + private static String awaitWebSocketEventType(InternalEventCollectorWebSocket collector, String eventType, + long timeoutMs) throws Exception { + long deadline = System.currentTimeMillis() + timeoutMs; + while (System.currentTimeMillis() < deadline) { + for (String message : collector.getMessages()) { + JSONObject json = new JSONObject(message); + if (eventType.equals(json.optString("type"))) { + return message; + } + } + Thread.sleep(POLL_INTERVAL_MS); + } + Assert.fail("Timed out waiting for websocket event type: " + eventType); + return null; + } + + private static String awaitWebSocketEventTypeAfterIndex(InternalEventCollectorWebSocket collector, String eventType, + int startIndex, long timeoutMs) + throws Exception { + + long deadline = System.currentTimeMillis() + timeoutMs; + while (System.currentTimeMillis() < deadline) { + List messages = collector.getMessages(); + for (int i = Math.max(0, startIndex); i < messages.size(); i++) { + String message = messages.get(i); + JSONObject json = new JSONObject(message); + if (eventType.equals(json.optString("type"))) { + return message; + } + } + Thread.sleep(POLL_INTERVAL_MS); + } + Assert.fail("Timed out waiting for websocket event type: " + eventType + " after index " + startIndex); + return null; + } + + private static String awaitWebSocketAnyEventTypeAfterIndex(InternalEventCollectorWebSocket collector, + List eventTypes, int startIndex, + long timeoutMs) throws Exception { + + long deadline = System.currentTimeMillis() + timeoutMs; + while (System.currentTimeMillis() < deadline) { + List messages = collector.getMessages(); + for (int i = Math.max(0, startIndex); i < messages.size(); i++) { + String message = messages.get(i); + JSONObject json = new JSONObject(message); + if (eventTypes.contains(json.optString("type"))) { + return message; + } + } + Thread.sleep(POLL_INTERVAL_MS); + } + Assert.fail("Timed out waiting for websocket event type in " + eventTypes + " after index " + startIndex); + return null; + } + + private String findKeyUuidByName(String applicationId, String keyType, String keyName) throws Exception { + APIKeyListDTO listDTO = restAPIStore.getAPIKeys(applicationId, keyType); + if (listDTO == null || listDTO.getList() == null) { + return null; + } + for (APIKeyInfoDTO info : listDTO.getList()) { + if (info != null && keyName.equals(info.getKeyName())) { + return info.getKeyUUID(); + } + } + return null; + } + + private CreatePlatformGatewayRequestDTO newCreateRequest(String name) { + CreatePlatformGatewayRequestDTO dto = new CreatePlatformGatewayRequestDTO(); + dto.setName(name); + dto.setDisplayName("Publisher deploy integration gateway"); + dto.setDescription("PlatformGatewayPublisherDeployIntegrationTestCase"); + dto.setVhost(URI.create("https://localhost:9999")); + return dto; + } + + private String findDeploymentIdForApi(String registrationToken, String apiUuid) throws Exception { + Map headers = new HashMap<>(); + headers.put("api-key", registrationToken); + HttpResponse res = HTTPSClientUtils.doGet(INTERNAL_DATA_V1 + "/deployments", headers); + if (res.getResponseCode() != HttpStatus.SC_OK) { + return null; + } + JSONObject json = new JSONObject(res.getData()); + JSONArray arr = json.optJSONArray("deployments"); + if (arr == null) { + return null; + } + for (int i = 0; i < arr.length(); i++) { + JSONObject d = arr.getJSONObject(i); + if (apiUuid.equals(d.optString("artifactId"))) { + String id = d.optString("deploymentId"); + return id.isEmpty() ? null : id; + } + } + return null; + } + + private String awaitDeploymentIdForApi(String registrationToken, String apiUuid, long timeoutMs) + throws Exception { + + long deadline = System.currentTimeMillis() + timeoutMs; + while (System.currentTimeMillis() < deadline) { + String id = findDeploymentIdForApi(registrationToken, apiUuid); + if (id != null) { + return id; + } + Thread.sleep(POLL_INTERVAL_MS); + } + Assert.fail("Timed out waiting for internal /deployments to list API " + apiUuid); + return null; + } + + private void awaitDeploymentAbsentForApi(String registrationToken, String apiUuid, long timeoutMs) + throws Exception { + + long deadline = System.currentTimeMillis() + timeoutMs; + while (System.currentTimeMillis() < deadline) { + if (findDeploymentIdForApi(registrationToken, apiUuid) == null) { + return; + } + Thread.sleep(POLL_INTERVAL_MS); + } + Assert.fail("Timed out waiting for internal /deployments to drop API " + apiUuid); + } + + private void undeployRevisionFromUniversal(String apiId, String revisionUUID, String gatewayName) + throws Exception { + + List list = new ArrayList<>(); + APIRevisionDeployUndeployRequest u = new APIRevisionDeployUndeployRequest(); + u.setName(gatewayName); + u.setVhost(null); + u.setDisplayOnDevportal(true); + list.add(u); + HttpResponse r = restAPIPublisher.undeployAPIRevision(apiId, revisionUUID, list); + Assert.assertEquals(r.getResponseCode(), HttpStatus.SC_CREATED, + "Undeploy failed: " + r.getData()); + } + + private void cleanupApiAndGateway(String apiId, String revisionUUID, String gatewayName, String gatewayId) { + if (apiId != null && revisionUUID != null && gatewayName != null) { + try { + undeployRevisionFromUniversal(apiId, revisionUUID, gatewayName); + } catch (Exception ignored) { + } + try { + restAPIPublisher.deleteAPIRevision(apiId, revisionUUID); + } catch (Exception ignored) { + } + } + if (apiId != null) { + try { + restAPIPublisher.deleteAPI(apiId); + } catch (Exception ignored) { + } + } + if (gatewayId != null) { + try { + restAPIAdmin.deletePlatformGateway(gatewayId); + } catch (ApiException ignored) { + } + } + } + + @Test + public void testPublisherDeployToUniversalSyncsInternalDeploymentsAndFetchBatch() throws Exception { + String gatewayName = uniqueGatewayName(); + ApiResponse created = + restAPIAdmin.createPlatformGateway(newCreateRequest(gatewayName)); + Assert.assertEquals(created.getStatusCode(), HttpStatus.SC_CREATED); + String gatewayId = created.getData().getId(); + String token = created.getData().getRegistrationToken(); + + String apiId = null; + String revisionUUID = null; + try { + String suffix = String.valueOf(System.currentTimeMillis()); + APIRequest apiRequest = new APIRequest("PgPublisherDeployAPI_" + suffix, "pgpubrev" + suffix, + new URL(apiEndPointUrl)); + apiRequest.setVersion("1.0.0"); + apiRequest.setTiersCollection(APIMIntegrationConstants.API_TIER.UNLIMITED); + apiRequest.setTier(APIMIntegrationConstants.API_TIER.UNLIMITED); + + HttpResponse addApiRes = restAPIPublisher.addAPI(apiRequest); + Assert.assertEquals(addApiRes.getResponseCode(), HttpStatus.SC_CREATED, addApiRes.getData()); + apiId = addApiRes.getData(); + + APIRevisionRequest revReq = new APIRevisionRequest(); + revReq.setApiUUID(apiId); + revReq.setDescription("platform universal deploy"); + HttpResponse revRes = restAPIPublisher.addAPIRevision(revReq); + Assert.assertEquals(revRes.getResponseCode(), HttpStatus.SC_CREATED, revRes.getData()); + revisionUUID = new JSONObject(revRes.getData()).getString("id"); + + List deployList = new ArrayList<>(); + APIRevisionDeployUndeployRequest d = new APIRevisionDeployUndeployRequest(); + d.setName(gatewayName); + d.setVhost("localhost"); + d.setDisplayOnDevportal(true); + deployList.add(d); + HttpResponse depRes = restAPIPublisher.deployAPIRevision(apiId, revisionUUID, deployList, "API"); + Assert.assertEquals(depRes.getResponseCode(), HttpStatus.SC_CREATED, depRes.getData()); + + String deploymentId = awaitDeploymentIdForApi(token, apiId, DEPLOYMENT_SYNC_TIMEOUT_MS); + Assert.assertNotNull(deploymentId); + + Map headers = new HashMap<>(); + headers.put("api-key", token); + headers.put("Content-Type", "application/json"); + String payload = "{\"deploymentIds\":[\"" + deploymentId + "\"]}"; + HttpResponse batch = + HTTPSClientUtils.doPost(INTERNAL_DATA_V1 + "/deployments/fetch-batch", headers, payload); + Assert.assertEquals(batch.getResponseCode(), HttpStatus.SC_OK, + "fetch-batch should succeed for a listed deployment id"); + String body = batch.getData(); + Assert.assertNotNull(body); + // Body is read as UTF-8 text by HTTPSClientUtils; tar entries still contain ASCII ustar magic. + Assert.assertTrue(body.contains("ustar"), "fetch-batch should return a tar archive payload"); + } finally { + cleanupApiAndGateway(apiId, revisionUUID, gatewayName, gatewayId); + } + } + + @Test + public void testDeleteUniversalGatewayWithRevisionDeployedReturnsConflict() throws Exception { + String gatewayName = uniqueGatewayName(); + ApiResponse created = + restAPIAdmin.createPlatformGateway(newCreateRequest(gatewayName)); + Assert.assertEquals(created.getStatusCode(), HttpStatus.SC_CREATED); + String gatewayId = created.getData().getId(); + + String apiId = null; + String revisionUUID = null; + try { + String suffix = String.valueOf(System.currentTimeMillis()); + APIRequest apiRequest = new APIRequest("PgGatewayDeleteAPI_" + suffix, "pgdelgw" + suffix, + new URL(apiEndPointUrl)); + apiRequest.setVersion("1.0.0"); + apiRequest.setTiersCollection(APIMIntegrationConstants.API_TIER.UNLIMITED); + apiRequest.setTier(APIMIntegrationConstants.API_TIER.UNLIMITED); + + HttpResponse addApiRes = restAPIPublisher.addAPI(apiRequest); + Assert.assertEquals(addApiRes.getResponseCode(), HttpStatus.SC_CREATED, addApiRes.getData()); + apiId = addApiRes.getData(); + + APIRevisionRequest revReq = new APIRevisionRequest(); + revReq.setApiUUID(apiId); + revReq.setDescription("block gateway delete"); + HttpResponse revRes = restAPIPublisher.addAPIRevision(revReq); + Assert.assertEquals(revRes.getResponseCode(), HttpStatus.SC_CREATED, revRes.getData()); + revisionUUID = new JSONObject(revRes.getData()).getString("id"); + + List deployList = new ArrayList<>(); + APIRevisionDeployUndeployRequest d = new APIRevisionDeployUndeployRequest(); + d.setName(gatewayName); + d.setVhost("localhost"); + d.setDisplayOnDevportal(true); + deployList.add(d); + HttpResponse depRes = restAPIPublisher.deployAPIRevision(apiId, revisionUUID, deployList, "API"); + Assert.assertEquals(depRes.getResponseCode(), HttpStatus.SC_CREATED, depRes.getData()); + + try { + restAPIAdmin.deletePlatformGateway(gatewayId); + Assert.fail("Expected conflict when deleting gateway with deployed revisions"); + } catch (ApiException e) { + Assert.assertEquals(e.getCode(), HttpStatus.SC_CONFLICT, + "Deleting gateway with active revision deployments should return 409"); + } + } finally { + cleanupApiAndGateway(apiId, revisionUUID, gatewayName, gatewayId); + } + } + + @Test + public void testUndeployRemovesApiFromInternalDeploymentsList() throws Exception { + String gatewayName = uniqueGatewayName(); + ApiResponse created = + restAPIAdmin.createPlatformGateway(newCreateRequest(gatewayName)); + Assert.assertEquals(created.getStatusCode(), HttpStatus.SC_CREATED); + String gatewayId = created.getData().getId(); + String token = created.getData().getRegistrationToken(); + + String apiId = null; + String revisionUUID = null; + try { + String suffix = String.valueOf(System.currentTimeMillis()); + APIRequest apiRequest = new APIRequest("PgUndeployAPI_" + suffix, "pgundeploy" + suffix, + new URL(apiEndPointUrl)); + apiRequest.setVersion("1.0.0"); + apiRequest.setTiersCollection(APIMIntegrationConstants.API_TIER.UNLIMITED); + apiRequest.setTier(APIMIntegrationConstants.API_TIER.UNLIMITED); + + HttpResponse addApiRes = restAPIPublisher.addAPI(apiRequest); + Assert.assertEquals(addApiRes.getResponseCode(), HttpStatus.SC_CREATED, addApiRes.getData()); + apiId = addApiRes.getData(); + + APIRevisionRequest revReq = new APIRevisionRequest(); + revReq.setApiUUID(apiId); + revReq.setDescription("undeploy removes internal deployment row"); + HttpResponse revRes = restAPIPublisher.addAPIRevision(revReq); + Assert.assertEquals(revRes.getResponseCode(), HttpStatus.SC_CREATED, revRes.getData()); + revisionUUID = new JSONObject(revRes.getData()).getString("id"); + + List deployList = new ArrayList<>(); + APIRevisionDeployUndeployRequest d = new APIRevisionDeployUndeployRequest(); + d.setName(gatewayName); + d.setVhost("localhost"); + d.setDisplayOnDevportal(true); + deployList.add(d); + HttpResponse depRes = restAPIPublisher.deployAPIRevision(apiId, revisionUUID, deployList, "API"); + Assert.assertEquals(depRes.getResponseCode(), HttpStatus.SC_CREATED, depRes.getData()); + + awaitDeploymentIdForApi(token, apiId, DEPLOYMENT_SYNC_TIMEOUT_MS); + + undeployRevisionFromUniversal(apiId, revisionUUID, gatewayName); + + awaitDeploymentAbsentForApi(token, apiId, DEPLOYMENT_SYNC_TIMEOUT_MS); + } finally { + cleanupApiAndGateway(apiId, revisionUUID, gatewayName, gatewayId); + } + } + + @Test + public void testFetchBatchTarContainsPlatformGatewayYamlMarker() throws Exception { + String gatewayName = uniqueGatewayName(); + ApiResponse created = + restAPIAdmin.createPlatformGateway(newCreateRequest(gatewayName)); + Assert.assertEquals(created.getStatusCode(), HttpStatus.SC_CREATED); + String gatewayId = created.getData().getId(); + String token = created.getData().getRegistrationToken(); + + String apiId = null; + String revisionUUID = null; + try { + String suffix = String.valueOf(System.currentTimeMillis()); + APIRequest apiRequest = new APIRequest("PgYamlMarkerAPI_" + suffix, "pgyamlmk" + suffix, + new URL(apiEndPointUrl)); + apiRequest.setVersion("1.0.0"); + apiRequest.setTiersCollection(APIMIntegrationConstants.API_TIER.UNLIMITED); + apiRequest.setTier(APIMIntegrationConstants.API_TIER.UNLIMITED); + + HttpResponse addApiRes = restAPIPublisher.addAPI(apiRequest); + Assert.assertEquals(addApiRes.getResponseCode(), HttpStatus.SC_CREATED, addApiRes.getData()); + apiId = addApiRes.getData(); + + APIRevisionRequest revReq = new APIRevisionRequest(); + revReq.setApiUUID(apiId); + revReq.setDescription("artifact yaml marker"); + HttpResponse revRes = restAPIPublisher.addAPIRevision(revReq); + Assert.assertEquals(revRes.getResponseCode(), HttpStatus.SC_CREATED, revRes.getData()); + revisionUUID = new JSONObject(revRes.getData()).getString("id"); + + List deployList = new ArrayList<>(); + APIRevisionDeployUndeployRequest d = new APIRevisionDeployUndeployRequest(); + d.setName(gatewayName); + d.setVhost("localhost"); + d.setDisplayOnDevportal(true); + deployList.add(d); + HttpResponse depRes = restAPIPublisher.deployAPIRevision(apiId, revisionUUID, deployList, "API"); + Assert.assertEquals(depRes.getResponseCode(), HttpStatus.SC_CREATED, depRes.getData()); + + String deploymentId = awaitDeploymentIdForApi(token, apiId, DEPLOYMENT_SYNC_TIMEOUT_MS); + Assert.assertNotNull(deploymentId); + + Map headers = new HashMap<>(); + headers.put("api-key", token); + headers.put("Content-Type", "application/json"); + String payload = "{\"deploymentIds\":[\"" + deploymentId + "\"]}"; + HttpResponse batch = + HTTPSClientUtils.doPost(INTERNAL_DATA_V1 + "/deployments/fetch-batch", headers, payload); + Assert.assertEquals(batch.getResponseCode(), HttpStatus.SC_OK, batch.getData()); + String body = batch.getData(); + Assert.assertNotNull(body); + Assert.assertTrue(body.contains("ustar"), "fetch-batch should return a tar archive payload"); + Assert.assertTrue(body.contains(PLATFORM_GATEWAY_YAML_API_VERSION), + "platform gateway artifact YAML should declare the api-platform RestApi apiVersion"); + } finally { + cleanupApiAndGateway(apiId, revisionUUID, gatewayName, gatewayId); + } + } + + @Test + public void testApiKeyLifecycleEventsAreBroadcastOverInternalWebSocket() throws Exception { + String gatewayName = uniqueGatewayName(); + ApiResponse created = + restAPIAdmin.createPlatformGateway(newCreateRequest(gatewayName)); + Assert.assertEquals(created.getStatusCode(), HttpStatus.SC_CREATED); + String gatewayId = created.getData().getId(); + String registrationToken = created.getData().getRegistrationToken(); + + String apiId = null; + String revisionUUID = null; + ApplicationDTO app = null; + SubscriptionDTO subscription = null; + + SslContextFactory sslContextFactory = new SslContextFactory(); + sslContextFactory.setTrustAll(true); + WebSocketClient client = new WebSocketClient(sslContextFactory); + InternalEventCollectorWebSocket collector = new InternalEventCollectorWebSocket(); + + try { + client.start(); + URI wsUri = new URI("wss://localhost:9943/internal/data/v1/ws/gateways/connect"); + ClientUpgradeRequest request = new ClientUpgradeRequest(); + request.setHeader("api-key", registrationToken); + Future future = client.connect(collector, wsUri, request); + Session session = future.get(15, TimeUnit.SECONDS); + Assert.assertTrue(session.isOpen(), "Gateway websocket should connect using registration token"); + Assert.assertTrue(collector.isOpen(), "Collector socket should be open"); + + String suffix = String.valueOf(System.currentTimeMillis()); + APIRequest apiRequest = new APIRequest("PgApiKeyEventAPI_" + suffix, "pgapikeyevt" + suffix, + new URL(apiEndPointUrl)); + apiRequest.setVersion("1.0.0"); + apiRequest.setTiersCollection(APIMIntegrationConstants.API_TIER.UNLIMITED); + apiRequest.setTier(APIMIntegrationConstants.API_TIER.UNLIMITED); + + HttpResponse addApiRes = restAPIPublisher.addAPI(apiRequest); + Assert.assertEquals(addApiRes.getResponseCode(), HttpStatus.SC_CREATED, addApiRes.getData()); + apiId = addApiRes.getData(); + HttpResponse publishRes = restAPIPublisher.changeAPILifeCycleStatusToPublish(apiId, false); + Assert.assertNotNull(publishRes, "Publishing API should succeed before creating subscriptions"); + Assert.assertEquals(publishRes.getResponseCode(), HttpStatus.SC_OK); + + APIRevisionRequest revReq = new APIRevisionRequest(); + revReq.setApiUUID(apiId); + revReq.setDescription("apikey websocket event validation"); + HttpResponse revRes = restAPIPublisher.addAPIRevision(revReq); + Assert.assertEquals(revRes.getResponseCode(), HttpStatus.SC_CREATED, revRes.getData()); + revisionUUID = new JSONObject(revRes.getData()).getString("id"); + + List deployList = new ArrayList<>(); + APIRevisionDeployUndeployRequest d = new APIRevisionDeployUndeployRequest(); + d.setName(gatewayName); + d.setVhost("localhost"); + d.setDisplayOnDevportal(true); + deployList.add(d); + HttpResponse depRes = restAPIPublisher.deployAPIRevision(apiId, revisionUUID, deployList, "API"); + Assert.assertEquals(depRes.getResponseCode(), HttpStatus.SC_CREATED, depRes.getData()); + awaitDeploymentIdForApi(registrationToken, apiId, DEPLOYMENT_SYNC_TIMEOUT_MS); + + app = restAPIStore.addApplication("PgApiKeyEventApp_" + suffix, "Unlimited", null, + "App for api-key websocket event tests"); + Assert.assertNotNull(app); + subscription = restAPIStore.subscribeToAPI(apiId, app.getApplicationId(), "Unlimited"); + Assert.assertNotNull(subscription); + + String keyName = "pg-key-" + suffix; + APIKeyDTO createdKey = restAPIStore.generateAPIKeys(app.getApplicationId(), "PRODUCTION", 3600, + null, null, keyName); + Assert.assertNotNull(createdKey); + Assert.assertNotNull(createdKey.getApikey()); + + String createdMessage = awaitWebSocketEventType(collector, "apikey.created", 30_000L); + JSONObject createdEvent = new JSONObject(createdMessage); + Assert.assertEquals(createdEvent.optString("type"), "apikey.created"); + JSONObject createdPayload = createdEvent.optJSONObject("payload"); + Assert.assertNotNull(createdPayload); + Assert.assertEquals(createdPayload.optString("apiId"), apiId); + Assert.assertEquals(createdPayload.optString("name"), keyName); + Assert.assertTrue(createdPayload.optString("maskedApiKey").startsWith("****")); + + int beforeUpdateMessageCount = collector.getMessages().size(); + APIKeyDTO regeneratedKey = restAPIStore.generateAPIKeys(app.getApplicationId(), "PRODUCTION", 3600, + null, null, keyName); + Assert.assertNotNull(regeneratedKey); + Assert.assertNotNull(regeneratedKey.getApikey()); + Assert.assertNotEquals(regeneratedKey.getApikey(), createdKey.getApikey(), + "Regenerate should issue a new opaque API key"); + + // Current runtime can emit apikey.updated or apikey.created for same key-name re-generate path. + String updatedMessage = awaitWebSocketAnyEventTypeAfterIndex(collector, + java.util.Arrays.asList("apikey.updated", "apikey.created"), beforeUpdateMessageCount, 30_000L); + JSONObject updatedEvent = new JSONObject(updatedMessage); + String updateType = updatedEvent.optString("type"); + Assert.assertTrue("apikey.updated".equals(updateType) || "apikey.created".equals(updateType), + "Expected update-like key event type but received: " + updateType); + JSONObject updatedPayload = updatedEvent.optJSONObject("payload"); + Assert.assertNotNull(updatedPayload); + Assert.assertEquals(updatedPayload.optString("apiId"), apiId); + String keyField = "apikey.updated".equals(updateType) ? "keyName" : "name"; + Assert.assertEquals(updatedPayload.optString(keyField), keyName); + Assert.assertTrue(updatedPayload.optString("maskedApiKey").startsWith("****")); + + String keyUuid = findKeyUuidByName(app.getApplicationId(), "PRODUCTION", keyName); + if (keyUuid != null) { + restAPIStore.revokeAPIKeyByKeyUUID(app.getApplicationId(), "PRODUCTION", keyUuid); + } else { + // Fallback for runtimes that do not return key UUIDs in list response. + restAPIStore.revokeAPIKey(app.getApplicationId(), regeneratedKey.getApikey()); + } + + String revokedMessage = awaitWebSocketEventType(collector, "apikey.revoked", 30_000L); + JSONObject revokedEvent = new JSONObject(revokedMessage); + Assert.assertEquals(revokedEvent.optString("type"), "apikey.revoked"); + JSONObject revokedPayload = revokedEvent.optJSONObject("payload"); + Assert.assertNotNull(revokedPayload); + Assert.assertEquals(revokedPayload.optString("apiId"), apiId); + Assert.assertEquals(revokedPayload.optString("keyName"), keyName); + } finally { + if (collector.isOpen()) { + try { + collector.session.close(); + } catch (Exception ignored) { + } + } + try { + client.stop(); + } catch (Exception ignored) { + } + if (subscription != null) { + try { + restAPIStore.removeSubscription(subscription); + } catch (Exception ignored) { + } + } + if (app != null) { + try { + restAPIStore.deleteApplication(app.getApplicationId()); + } catch (Exception ignored) { + } + } + cleanupApiAndGateway(apiId, revisionUUID, gatewayName, gatewayId); + } + } +} diff --git a/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/resources/testng.xml b/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/resources/testng.xml index 782407336d..a17298082d 100644 --- a/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/resources/testng.xml +++ b/all-in-one-apim/modules/integration/tests-integration/tests-backend/src/test/resources/testng.xml @@ -319,6 +319,8 @@ + + diff --git a/all-in-one-apim/modules/integration/tests-integration/tests-benchmark/src/test/resources/automation.xml b/all-in-one-apim/modules/integration/tests-integration/tests-benchmark/src/test/resources/automation.xml index 840e0b6bc8..cd3845a507 100644 --- a/all-in-one-apim/modules/integration/tests-integration/tests-benchmark/src/test/resources/automation.xml +++ b/all-in-one-apim/modules/integration/tests-integration/tests-benchmark/src/test/resources/automation.xml @@ -17,7 +17,9 @@ ~ under the License. --> - + + + @@ -30,7 +32,9 @@ - + + + @@ -43,7 +47,9 @@ - + + + @@ -56,7 +62,9 @@ - + + + @@ -69,7 +77,9 @@ - + + + @@ -84,7 +94,9 @@ - + + + @@ -97,7 +109,9 @@ 60000 - + + + @@ -112,7 +126,9 @@ - + + + @@ -125,7 +141,9 @@ standalone - + + + @@ -140,7 +158,9 @@ - + + + @@ -155,7 +175,9 @@ - + + + @@ -168,7 +190,9 @@ false - + + + @@ -183,7 +207,9 @@ - + + + @@ -196,7 +222,9 @@ false - + + + @@ -211,7 +239,9 @@ - + + + @@ -224,7 +254,9 @@ - + + + @@ -237,7 +269,9 @@ - + + + @@ -250,7 +284,9 @@ - + + + @@ -263,7 +299,9 @@ - + + + @@ -276,7 +314,9 @@ - + + + @@ -289,7 +329,9 @@ http://10.100.2.51:4444/wd/hub/ - + + + @@ -302,7 +344,9 @@ - + + + @@ -315,7 +359,9 @@ - + + + @@ -328,7 +374,9 @@ firefox - + + + @@ -341,7 +389,9 @@ - + + + @@ -354,7 +404,9 @@ /home/test/name/webDriver - + + + @@ -367,7 +419,9 @@ - + + + @@ -380,7 +434,9 @@ - + + + @@ -393,7 +449,9 @@ - + + + @@ -409,7 +467,9 @@ Database configuration to be used for data service testing. DB configuration in dbs files will be replaced with below configuration at test run time --> - + + + @@ -422,7 +482,9 @@ - + + + @@ -435,7 +497,9 @@ - + + + @@ -448,7 +512,9 @@ jdbc:h2:testDB - + + + @@ -461,7 +527,9 @@ wso2carbon - + + + @@ -474,7 +542,9 @@ wso2carbon - + + + @@ -487,7 +557,9 @@ org.h2.Driver - + + + @@ -500,7 +572,9 @@ - + + + @@ -513,7 +587,9 @@ - + + + @@ -526,7 +602,9 @@ jdbc:h2:testDB - + + + @@ -539,7 +617,9 @@ wso2carbon - + + + @@ -552,7 +632,9 @@ wso2carbon - + + + @@ -565,7 +647,9 @@ org.h2.Driver - + + + @@ -578,7 +662,9 @@ - + + + @@ -591,7 +677,9 @@ - + + + @@ -604,7 +692,9 @@ - + + + @@ -620,7 +710,9 @@ KeyStore which will be used for encrypting/decrypting passwords and other sensitive information. --> - + + + @@ -633,7 +725,9 @@ - + + + @@ -646,7 +740,9 @@ - + + + @@ -659,7 +755,9 @@ keystores/products/wso2carbon.jks - + + + @@ -672,7 +770,9 @@ - + + + @@ -685,7 +785,9 @@ JKS - + + + @@ -698,7 +800,9 @@ - + + + @@ -711,7 +815,9 @@ wso2carbon - + + + @@ -724,7 +830,9 @@ - + + + @@ -737,7 +845,9 @@ wso2carbon - + + + @@ -750,7 +860,9 @@ - + + + @@ -763,7 +875,9 @@ wso2carbon - + + + @@ -776,7 +890,9 @@ - + + + @@ -792,7 +908,9 @@ System wide trust-store which is used to maintain the certificates of all the trusted parties. --> - + + + @@ -805,7 +923,9 @@ - + + + @@ -818,7 +938,9 @@ - + + + @@ -831,7 +953,9 @@ keystores/products/client-truststore.jks - + + + @@ -844,7 +968,9 @@ - + + + @@ -857,7 +983,9 @@ JKS - + + + @@ -870,7 +998,9 @@ - + + + @@ -883,7 +1013,9 @@ wso2carbon - + + + @@ -896,7 +1028,9 @@ - + + + @@ -909,7 +1043,9 @@ - + + + @@ -922,7 +1058,9 @@ - + + + @@ -935,7 +1073,9 @@ - + + + @@ -948,7 +1088,9 @@ - + + + @@ -961,7 +1103,9 @@ https://wso2.org/repo - + + + @@ -974,7 +1118,9 @@ file:///home/krishantha/test - + + + @@ -987,7 +1133,9 @@ - + + + @@ -1000,7 +1148,9 @@ - + + + @@ -1013,7 +1163,9 @@ - + + + @@ -1028,7 +1180,9 @@ - + + + @@ -1041,7 +1195,9 @@ - + + + @@ -1054,7 +1210,9 @@ - + + + @@ -1067,7 +1225,9 @@ - + + + @@ -1080,7 +1240,9 @@ - + + + @@ -1093,7 +1255,9 @@ - + + + @@ -1106,7 +1270,9 @@ admin - + + + @@ -1119,7 +1285,9 @@ admin - + + + @@ -1132,7 +1300,9 @@ - + + + @@ -1145,7 +1315,9 @@ - + + + @@ -1158,7 +1330,9 @@ - + + + @@ -1171,7 +1345,9 @@ - + + + @@ -1184,7 +1360,9 @@ - + + + @@ -1197,7 +1375,9 @@ - + + + @@ -1210,7 +1390,9 @@ - + + + @@ -1223,7 +1405,9 @@ - + + + @@ -1236,7 +1420,9 @@ - + + + @@ -1249,7 +1435,9 @@ - + + + @@ -1262,7 +1450,9 @@ - + + + @@ -1275,7 +1465,9 @@ - + + + @@ -1288,7 +1480,9 @@ - + + + @@ -1301,7 +1495,9 @@ - + + + @@ -1314,7 +1510,9 @@ - + + + @@ -1327,7 +1525,9 @@ - + + + @@ -1340,7 +1540,9 @@ - + + + @@ -1353,7 +1555,9 @@ - + + + @@ -1366,7 +1570,9 @@ - + + + @@ -1379,7 +1585,9 @@ - + + + @@ -1392,7 +1600,9 @@ - + + + @@ -1405,7 +1615,9 @@ - + + + @@ -1418,7 +1630,9 @@ - + + + @@ -1431,7 +1645,9 @@ - + + + @@ -1444,7 +1660,9 @@ - + + + @@ -1457,7 +1675,9 @@ - + + + @@ -1470,7 +1690,9 @@ - + + + @@ -1483,7 +1705,9 @@ - + + + @@ -1496,7 +1720,9 @@ - + + + @@ -1509,7 +1735,9 @@ - + + + @@ -1522,7 +1750,9 @@ - + + + @@ -1535,7 +1765,9 @@ - + + + @@ -1548,7 +1780,9 @@ - + + + @@ -1561,7 +1795,9 @@ - + + + @@ -1574,7 +1810,9 @@ - + + + @@ -1587,7 +1825,9 @@ - + + + @@ -1600,7 +1840,9 @@ - + + + @@ -1613,7 +1855,9 @@ - + + + @@ -1626,7 +1870,9 @@ - + + + @@ -1639,7 +1885,9 @@ - + + + @@ -1652,7 +1900,9 @@ - + + + @@ -1665,7 +1915,9 @@ - + + + @@ -1678,7 +1930,9 @@ - + + + @@ -1691,7 +1945,9 @@ - + + + @@ -1704,7 +1960,9 @@ - + + + @@ -1717,7 +1975,9 @@ - + + + @@ -1730,7 +1990,9 @@ - + + + @@ -1743,7 +2005,9 @@ - + + + @@ -1756,7 +2020,9 @@ - + + + @@ -1769,7 +2035,9 @@ - + + + @@ -1782,7 +2050,9 @@ - + + + @@ -1795,7 +2065,9 @@ - + + + @@ -1808,7 +2080,9 @@ - + + + @@ -1821,7 +2095,9 @@ - + + + @@ -1834,7 +2110,9 @@ - + + + @@ -1847,7 +2125,9 @@ - + + + @@ -1860,7 +2140,9 @@ - + + + @@ -1873,7 +2155,9 @@ - + + + @@ -1886,7 +2170,9 @@ - + + + @@ -1899,7 +2185,9 @@ admin - + + + @@ -1912,7 +2200,9 @@ admin - + + + @@ -1925,7 +2215,9 @@ - + + + @@ -1938,7 +2230,9 @@ - + + + @@ -1951,7 +2245,9 @@ - + + + @@ -1964,7 +2260,9 @@ - + + + @@ -1977,7 +2275,9 @@ - + + + @@ -1990,7 +2290,9 @@ - + + + @@ -2003,7 +2305,9 @@ - + + + @@ -2016,7 +2320,9 @@ - + + + @@ -2029,7 +2335,9 @@ - + + + @@ -2042,7 +2350,9 @@ - + + + @@ -2055,7 +2365,9 @@ - + + + @@ -2068,7 +2380,9 @@ - + + + @@ -2081,7 +2395,9 @@ - + + + @@ -2094,7 +2410,9 @@ - + + + @@ -2107,7 +2425,9 @@ - + + + @@ -2120,7 +2440,9 @@ - + + + @@ -2133,7 +2455,9 @@ - + + + @@ -2146,7 +2470,9 @@ - + + + @@ -2159,7 +2485,9 @@ - + + + @@ -2172,7 +2500,9 @@ - + + + @@ -2185,7 +2515,9 @@ - + + + @@ -2198,7 +2530,9 @@ - + + + @@ -2211,7 +2545,9 @@ - + + + @@ -2224,7 +2560,9 @@ - + + + @@ -2237,7 +2575,9 @@ - + + + @@ -2250,7 +2590,9 @@ - + + + @@ -2263,7 +2605,9 @@ - + + + @@ -2276,7 +2620,9 @@ - + + + @@ -2289,7 +2635,9 @@ - + + + @@ -2302,7 +2650,9 @@ - + + + @@ -2315,7 +2665,9 @@ - + + + @@ -2328,7 +2680,9 @@ - + + + @@ -2341,7 +2695,9 @@ - + + + @@ -2354,7 +2710,9 @@ - + + + @@ -2367,7 +2725,9 @@ - + + + @@ -2380,7 +2740,9 @@ - + + + @@ -2393,7 +2755,9 @@ - + + + @@ -2406,7 +2770,9 @@ - + + + @@ -2419,7 +2785,9 @@ - + + + @@ -2432,7 +2800,9 @@ - + + + @@ -2445,7 +2815,9 @@ - + + + @@ -2458,7 +2830,9 @@ - + + + @@ -2471,7 +2845,9 @@ - + + + @@ -2484,7 +2860,9 @@ - + + + @@ -2497,7 +2875,9 @@ - + + + @@ -2510,7 +2890,9 @@ /permission/admin/configure - + + + @@ -2523,7 +2905,9 @@ /permission/admin/login - + + + @@ -2536,7 +2920,9 @@ /permission/admin/manage - + + + @@ -2549,7 +2935,9 @@ /permission/admin/monitor - + + + @@ -2562,7 +2950,9 @@ - + + + @@ -2575,7 +2965,9 @@ - + + + @@ -2588,7 +2980,9 @@ - + + + @@ -2601,7 +2995,9 @@ - + + + @@ -2614,7 +3010,9 @@ /permission/admin/configure - + + + @@ -2627,7 +3025,9 @@ /permission/admin/login - + + + @@ -2640,7 +3040,9 @@ - + + + @@ -2653,7 +3055,9 @@ - + + + @@ -2666,7 +3070,9 @@ - + + + @@ -2679,7 +3085,9 @@ - + + + @@ -2695,7 +3103,9 @@ This section will initiate the initial deployment of the platform required by the test suites. --> - + + + @@ -2708,7 +3118,9 @@ - + + + @@ -2723,7 +3135,9 @@ - + + + @@ -2736,7 +3150,9 @@ - + + + @@ -2749,7 +3165,9 @@ - + + + @@ -2762,7 +3180,9 @@ - + + + @@ -2775,7 +3195,9 @@ - + + + @@ -2788,7 +3210,9 @@ localhost - + + + @@ -2801,7 +3225,9 @@ - + + + @@ -2814,7 +3240,9 @@ - + + + @@ -2827,7 +3255,9 @@ 10263 - + + + @@ -2840,7 +3270,9 @@ 9943 - + + + @@ -2853,7 +3285,9 @@ - + + + @@ -2867,7 +3301,9 @@ - + + + @@ -2880,7 +3316,9 @@ - + + + @@ -2893,7 +3331,9 @@ - + + + @@ -2906,7 +3346,9 @@ - + + + @@ -2919,7 +3361,9 @@ localhost - + + + @@ -2932,7 +3376,9 @@ - + + + @@ -2945,7 +3391,9 @@ - + + + @@ -2958,7 +3406,9 @@ 10263 - + + + @@ -2971,7 +3421,9 @@ 9943 - + + + @@ -2984,7 +3436,9 @@ - + + + @@ -2998,7 +3452,9 @@ - + + + @@ -3011,7 +3467,9 @@ - + + + @@ -3024,7 +3482,9 @@ - + + + @@ -3037,7 +3497,9 @@ - + + + @@ -3050,7 +3512,9 @@ localhost - + + + @@ -3063,7 +3527,9 @@ - + + + @@ -3076,7 +3542,9 @@ - + + + @@ -3089,7 +3557,9 @@ 10263 - + + + @@ -3102,7 +3572,9 @@ 9943 - + + + @@ -3115,7 +3587,9 @@ - + + + @@ -3129,7 +3603,9 @@ - + + + @@ -3142,7 +3618,9 @@ - + + + @@ -3155,7 +3633,9 @@ - + + + @@ -3168,7 +3648,9 @@ - + + + @@ -3181,7 +3663,9 @@ localhost - + + + @@ -3194,7 +3678,9 @@ - + + + @@ -3207,7 +3693,9 @@ - + + + @@ -3220,7 +3708,9 @@ 10263 - + + + @@ -3233,7 +3723,9 @@ 9943 - + + + @@ -3246,7 +3738,9 @@ - + + + @@ -3260,7 +3754,9 @@ - + + + @@ -3273,7 +3769,9 @@ - + + + @@ -3286,7 +3784,9 @@ - + + + @@ -3299,7 +3799,9 @@ - + + + @@ -3312,7 +3814,9 @@ localhost - + + + @@ -3325,7 +3829,9 @@ - + + + @@ -3338,7 +3844,9 @@ - + + + @@ -3351,7 +3859,9 @@ 10263 - + + + @@ -3364,7 +3874,9 @@ 9943 - + + + @@ -3377,7 +3889,9 @@ 8743 - + + + @@ -3390,7 +3904,9 @@ 8780 - + + + @@ -3403,7 +3919,9 @@ - + + + @@ -3417,7 +3935,9 @@ - + + + @@ -3430,7 +3950,9 @@ - + + + @@ -3443,7 +3965,9 @@ - + + + @@ -3456,7 +3980,9 @@ - + + + @@ -3469,7 +3995,9 @@ - + + + @@ -3482,7 +4010,9 @@ backend.wso2.org - + + + @@ -3495,7 +4025,9 @@ - + + + @@ -3508,7 +4040,9 @@ - + + + @@ -3521,7 +4055,9 @@ 10263 - + + + @@ -3534,7 +4070,9 @@ 9943 - + + + @@ -3547,7 +4085,9 @@ - + + + @@ -3560,7 +4100,9 @@ - + + + @@ -3573,7 +4115,9 @@ - + + + @@ -3587,7 +4131,9 @@ - + + + @@ -3600,7 +4146,9 @@ - + + + @@ -3613,7 +4161,9 @@ - + + + @@ -3626,7 +4176,9 @@ - + + + @@ -3639,7 +4191,9 @@ - + + + @@ -3652,7 +4206,9 @@ - + + + @@ -3665,7 +4221,9 @@ - + + + @@ -3678,7 +4236,9 @@ - + + + @@ -3691,7 +4251,9 @@ - + + + @@ -3704,7 +4266,9 @@ org.wso2.am.integration.tests.util.APIMCarbonServerExtension - + + + @@ -3717,7 +4281,9 @@ - + + + @@ -3730,7 +4296,9 @@ - + + + @@ -3743,7 +4311,9 @@ - + + + @@ -3756,7 +4326,9 @@ - + + + @@ -3769,7 +4341,9 @@ - + + + @@ -3782,7 +4356,9 @@ - + + + @@ -3795,7 +4371,9 @@ org.wso2.carbon.integration.common.extensions.usermgt.UserPopulateExtension - + + + @@ -3808,7 +4386,9 @@ - + + + @@ -3821,7 +4401,9 @@ - + + + @@ -3834,7 +4416,9 @@ - + + + @@ -3847,7 +4431,9 @@ - + + + @@ -3861,7 +4447,9 @@ - + + + @@ -3874,7 +4462,9 @@ - + + + @@ -3887,7 +4477,9 @@ - + + + @@ -3901,7 +4493,9 @@ - + + + @@ -3914,7 +4508,9 @@ - + + + @@ -3927,7 +4523,9 @@ - + + + @@ -3941,7 +4539,9 @@ - + + + @@ -3954,7 +4554,9 @@ - + + + @@ -3967,7 +4569,9 @@ - + + + @@ -3981,7 +4585,9 @@ - + + + @@ -3994,7 +4600,9 @@ - + + + @@ -4007,7 +4615,9 @@ - + + +