adding scopes programmatically in wso2 APIM

2
votes

can I create scopes programmatically in WSO2 APIM? I have a requirement where user can create new roles via UI and associate some permissions with the new role..User will not use WSO2 web interface ; rather he will use the inhouse web application For this, I have to programmatically create Scopes and associate API's with it. Also manually map scopes to roles.

How can I create scopes via WSO2 APIM Programmatically? What all the operations possible with scopes programmatically? If it's not possible, how can I handle such requirements via WSO2?

1
wso2wso2iswso2-amwso2carbon

1 Answers

0
votes

You can use Publisher REST APIs for this.

First, you need to get the swagger definition of the API.

curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8" 
https://127.0.0.1:9443/api/am/publisher/v0.10/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/swagger

The swagger you'll get will be like this.

{
   "swagger":"2.0",
   "paths":{
      "/menu":{
     "get":{
        "x-auth-type":"Application & Application User",
        "x-throttling-tier":"Unlimited",
        "description":"Return a list of available menu items",
        "parameters":[

        ],
        "responses":{
           "200":{
              "headers":{

              },
              "schema":{
                 "title":"Menu",
                 "properties":{
                    "list":{
                       "items":{
                          "$ref":"#/definitions/MenuItem"
                       },
                       "type":"array"
                    }
                 },
                 "type":"object"
              },
              "description":"OK."
           }
        }
     }
      }
   },
   "schemes":[
      "https"
   ],
   "produces":[
      "application/json"
   ],
   "definitions":{
      "MenuItem":{
          "title":"Pizza menu Item",
          "properties":{
              "price":{
                  "type":"string"
               },
               "description":{
               "type":"string"
               },
               "name":{
                    "type":"string"
               },
               "image":{
                    "type":"string"
                }
           },
           "required":[
              "name"
           ]
      }
   },
   "consumes":[
      "application/json"
   ],
   "info":{
      "title":"PizzaShackAPI",
      "description":"This document describe a RESTFul API for Pizza Shack online pizza delivery store.\n",
      "license":{
     "name":"Apache 2.0",
     "url":"http://www.apache.org/licenses/LICENSE-2.0.html"
      },
      "contact":{
     "email":"[email protected]",
     "name":"John Doe",
     "url":"http://www.pizzashack.com"
      },
      "version":"1.0.0"
   }
}

Now you can add a new scope and attach it to a resource of the API by updating the swagger file you got.

A new scope is added like this.

"x-wso2-security":{
   "apim":{
      "x-wso2-scopes":[
         {
           "description":"New scope",
           "name":"new_scope",
           "roles":"admin",
           "key":"new_scope"
         }
      ]
   }
}

It can be attached to an existing resource like this.

"x-scope":"new_scope"

Then the complete swagger will look like this.

{
   "swagger":"2.0",
   "x-wso2-security":{
      "apim":{
     "x-wso2-scopes":[
        {
           "description":"New scope",
           "name":"new_scope",
           "roles":"admin",
           "key":"new_scope"
        }
     ]
      }
   },
   "paths":{
      "/menu":{
     "get":{
        "x-auth-type":"Application & Application User",
        "x-throttling-tier":"Unlimited",
        "x-scope":"new_scope",
        "description":"Return a list of available menu items",
        "parameters":[

        ],
        "responses":{
           "200":{
              "headers":{

              },
              "schema":{
                 "title":"Menu",
                 "properties":{
                    "list":{
                       "items":{
                          "$ref":"#/definitions/MenuItem"
                       },
                       "type":"array"
                    }
                 },
                 "type":"object"
              },
              "description":"OK."
           }
        }
     }
      }
   },
   "schemes":[
      "https"
   ],
   "produces":[
      "application/json"
   ],
   "definitions":{
      "MenuItem":{
     "title":"Pizza menu Item",
     "properties":{
        "price":{
           "type":"string"
        },
        "description":{
           "type":"string"
        },
        "name":{
           "type":"string"
        },
        "image":{
           "type":"string"
        }
     },
     "required":[
        "name"
     ]
      }
   },
   "consumes":[
      "application/json"
   ],
   "info":{
      "title":"PizzaShackAPI",
      "description":"This document describe a RESTFul API for Pizza Shack online pizza delivery store.\n",
      "license":{
     "name":"Apache 2.0",
     "url":"http://www.apache.org/licenses/LICENSE-2.0.html"
      },
      "contact":{
     "email":"[email protected]",
     "name":"John Doe",
     "url":"http://www.pizzashack.com"
      },
      "version":"1.0.0"
   }
}

If you have this swagger in a file named 'swagger.json', you can update the swagger of your API like this.

curl -k -H "Authorization: Bearer b7108a70-3537-34f1-acbb-1c53b99d64dc" 
-F "[email protected];filename=swagger.json" -X PUT https://127.0.0.1:9443/api/am/publisher/v0.10/apis/2c5f05b2-0277-42b2-92c5-862750563661/swagger

This will update your API with new scope.