diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/APIConstants.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/APIConstants.java index 55678ff8b..28818d046 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/APIConstants.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/constants/APIConstants.java @@ -114,6 +114,11 @@ public static class KeyValidationStatus { public static final int API_AUTH_RESOURCE_FORBIDDEN = 900908; public static final int SUBSCRIPTION_INACTIVE = 900909; public static final int INVALID_SCOPE = 900910; + public static final int SUBSCRIPTION_ON_HOLD = 900911; + public static final int SUBSCRIPTION_REJECTED = 900912; + public static final int SUBSCRIPTION_BLOCKED = 900913; + public static final int SUBSCRIPTION_PROD_BLOCKED = 900914; + private KeyValidationStatus() { diff --git a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/KeyValidator.java b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/KeyValidator.java index cbf099711..c6bfc3fda 100644 --- a/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/KeyValidator.java +++ b/gateway/enforcer/org.wso2.apk.enforcer/src/main/java/org/wso2/apk/enforcer/security/KeyValidator.java @@ -20,6 +20,7 @@ import com.nimbusds.jwt.JWTClaimsSet; import net.minidev.json.JSONObject; +import org.apache.commons.lang3.StringUtils; import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.Logger; import org.wso2.apk.enforcer.commons.exception.APISecurityException; @@ -271,6 +272,27 @@ private static void validate(APIKeyValidationInfoDTO infoDTO, Application app, S infoDTO.setAuthorized(false); return; } + if (APIConstants.SubscriptionStatus.ON_HOLD.equals(subscriptionStatus)) { + infoDTO.setValidationStatus(APIConstants.KeyValidationStatus.SUBSCRIPTION_ON_HOLD); + infoDTO.setAuthorized(false); + return; + } + if (APIConstants.SubscriptionStatus.PROD_ONLY_BLOCKED.equals(subscriptionStatus) && + StringUtils.equals(infoDTO.getEnvType(), APIConstants.API_KEY_TYPE_PRODUCTION) ) { + infoDTO.setValidationStatus(APIConstants.KeyValidationStatus.SUBSCRIPTION_PROD_BLOCKED); + infoDTO.setAuthorized(false); + return; + } + if (APIConstants.SubscriptionStatus.BLOCKED.equals(subscriptionStatus)) { + infoDTO.setValidationStatus(APIConstants.KeyValidationStatus.SUBSCRIPTION_BLOCKED); + infoDTO.setAuthorized(false); + return; + } + if (APIConstants.SubscriptionStatus.REJECTED.equals(subscriptionStatus)) { + infoDTO.setValidationStatus(APIConstants.KeyValidationStatus.SUBSCRIPTION_REJECTED); + infoDTO.setAuthorized(false); + return; + } infoDTO.setApplicationUUID(app.getUUID()); infoDTO.setSubscriber(app.getOwner()); infoDTO.setApplicationName(app.getName());