问题
can I create scopes programmatically in WSO2 APIM? I have a requirement where user can create new roles via UI and associate some permissions with the new role..User will not use WSO2 web interface ; rather he will use the inhouse web application For this, I have to programmatically create Scopes and associate API's with it. Also manually map scopes to roles.
How can I create scopes via WSO2 APIM Programmatically? What all the operations possible with scopes programmatically? If it's not possible, how can I handle such requirements via WSO2?
回答1:
You can use Publisher REST APIs for this.
First, you need to get the swagger definition of the API.
curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8"
https://127.0.0.1:9443/api/am/publisher/v0.10/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/swagger
The swagger you'll get will be like this.
{
"swagger":"2.0",
"paths":{
"/menu":{
"get":{
"x-auth-type":"Application & Application User",
"x-throttling-tier":"Unlimited",
"description":"Return a list of available menu items",
"parameters":[
],
"responses":{
"200":{
"headers":{
},
"schema":{
"title":"Menu",
"properties":{
"list":{
"items":{
"$ref":"#/definitions/MenuItem"
},
"type":"array"
}
},
"type":"object"
},
"description":"OK."
}
}
}
}
},
"schemes":[
"https"
],
"produces":[
"application/json"
],
"definitions":{
"MenuItem":{
"title":"Pizza menu Item",
"properties":{
"price":{
"type":"string"
},
"description":{
"type":"string"
},
"name":{
"type":"string"
},
"image":{
"type":"string"
}
},
"required":[
"name"
]
}
},
"consumes":[
"application/json"
],
"info":{
"title":"PizzaShackAPI",
"description":"This document describe a RESTFul API for Pizza Shack online pizza delivery store.\n",
"license":{
"name":"Apache 2.0",
"url":"http://www.apache.org/licenses/LICENSE-2.0.html"
},
"contact":{
"email":"architecture@pizzashack.com",
"name":"John Doe",
"url":"http://www.pizzashack.com"
},
"version":"1.0.0"
}
}
Now you can add a new scope and attach it to a resource of the API by updating the swagger file you got.
A new scope is added like this.
"x-wso2-security":{
"apim":{
"x-wso2-scopes":[
{
"description":"New scope",
"name":"new_scope",
"roles":"admin",
"key":"new_scope"
}
]
}
}
It can be attached to an existing resource like this.
"x-scope":"new_scope"
Then the complete swagger will look like this.
{
"swagger":"2.0",
"x-wso2-security":{
"apim":{
"x-wso2-scopes":[
{
"description":"New scope",
"name":"new_scope",
"roles":"admin",
"key":"new_scope"
}
]
}
},
"paths":{
"/menu":{
"get":{
"x-auth-type":"Application & Application User",
"x-throttling-tier":"Unlimited",
"x-scope":"new_scope",
"description":"Return a list of available menu items",
"parameters":[
],
"responses":{
"200":{
"headers":{
},
"schema":{
"title":"Menu",
"properties":{
"list":{
"items":{
"$ref":"#/definitions/MenuItem"
},
"type":"array"
}
},
"type":"object"
},
"description":"OK."
}
}
}
}
},
"schemes":[
"https"
],
"produces":[
"application/json"
],
"definitions":{
"MenuItem":{
"title":"Pizza menu Item",
"properties":{
"price":{
"type":"string"
},
"description":{
"type":"string"
},
"name":{
"type":"string"
},
"image":{
"type":"string"
}
},
"required":[
"name"
]
}
},
"consumes":[
"application/json"
],
"info":{
"title":"PizzaShackAPI",
"description":"This document describe a RESTFul API for Pizza Shack online pizza delivery store.\n",
"license":{
"name":"Apache 2.0",
"url":"http://www.apache.org/licenses/LICENSE-2.0.html"
},
"contact":{
"email":"architecture@pizzashack.com",
"name":"John Doe",
"url":"http://www.pizzashack.com"
},
"version":"1.0.0"
}
}
If you have this swagger in a file named 'swagger.json', you can update the swagger of your API like this.
curl -k -H "Authorization: Bearer b7108a70-3537-34f1-acbb-1c53b99d64dc"
-F "apiDefinition=@swagger.json;filename=swagger.json" -X PUT https://127.0.0.1:9443/api/am/publisher/v0.10/apis/2c5f05b2-0277-42b2-92c5-862750563661/swagger
This will update your API with new scope.
来源:https://stackoverflow.com/questions/41480455/adding-scopes-programmatically-in-wso2-apim