我可以在WSO2 APIM中以编程方式创建范围吗? 我有一个要求,用户可以通过UI创建新角色,并将一些权限与新角色关联。用户不会使用WSO2 Web界面;相反,他将使用内部Web应用程序 为此,我必须以编程方式创建Scope并将API与它相关联。还可以手动将范围映射到角色。
如何通过WSO2 APIM以编程方式创建范围? 以编程方式对范围进行的所有操作是什么? 如果不可能,我如何通过WSO2处理这些要求?
答案 0 :(得分:0)
您可以使用Publisher REST APIs。
首先,您需要获得API的swagger定义。
curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8"
https://127.0.0.1:9443/api/am/publisher/v0.10/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/swagger
你会得到的招摇就是这样。
{
"swagger":"2.0",
"paths":{
"/menu":{
"get":{
"x-auth-type":"Application & Application User",
"x-throttling-tier":"Unlimited",
"description":"Return a list of available menu items",
"parameters":[
],
"responses":{
"200":{
"headers":{
},
"schema":{
"title":"Menu",
"properties":{
"list":{
"items":{
"$ref":"#/definitions/MenuItem"
},
"type":"array"
}
},
"type":"object"
},
"description":"OK."
}
}
}
}
},
"schemes":[
"https"
],
"produces":[
"application/json"
],
"definitions":{
"MenuItem":{
"title":"Pizza menu Item",
"properties":{
"price":{
"type":"string"
},
"description":{
"type":"string"
},
"name":{
"type":"string"
},
"image":{
"type":"string"
}
},
"required":[
"name"
]
}
},
"consumes":[
"application/json"
],
"info":{
"title":"PizzaShackAPI",
"description":"This document describe a RESTFul API for Pizza Shack online pizza delivery store.\n",
"license":{
"name":"Apache 2.0",
"url":"http://www.apache.org/licenses/LICENSE-2.0.html"
},
"contact":{
"email":"architecture@pizzashack.com",
"name":"John Doe",
"url":"http://www.pizzashack.com"
},
"version":"1.0.0"
}
}
现在,您可以添加新范围,并通过更新您获得的swagger文件将其附加到API的资源。
像这样添加一个新的范围。
"x-wso2-security":{
"apim":{
"x-wso2-scopes":[
{
"description":"New scope",
"name":"new_scope",
"roles":"admin",
"key":"new_scope"
}
]
}
}
它可以附加到这样的现有资源。
"x-scope":"new_scope"
然后完全的招摇就像这样。
{
"swagger":"2.0",
"x-wso2-security":{
"apim":{
"x-wso2-scopes":[
{
"description":"New scope",
"name":"new_scope",
"roles":"admin",
"key":"new_scope"
}
]
}
},
"paths":{
"/menu":{
"get":{
"x-auth-type":"Application & Application User",
"x-throttling-tier":"Unlimited",
"x-scope":"new_scope",
"description":"Return a list of available menu items",
"parameters":[
],
"responses":{
"200":{
"headers":{
},
"schema":{
"title":"Menu",
"properties":{
"list":{
"items":{
"$ref":"#/definitions/MenuItem"
},
"type":"array"
}
},
"type":"object"
},
"description":"OK."
}
}
}
}
},
"schemes":[
"https"
],
"produces":[
"application/json"
],
"definitions":{
"MenuItem":{
"title":"Pizza menu Item",
"properties":{
"price":{
"type":"string"
},
"description":{
"type":"string"
},
"name":{
"type":"string"
},
"image":{
"type":"string"
}
},
"required":[
"name"
]
}
},
"consumes":[
"application/json"
],
"info":{
"title":"PizzaShackAPI",
"description":"This document describe a RESTFul API for Pizza Shack online pizza delivery store.\n",
"license":{
"name":"Apache 2.0",
"url":"http://www.apache.org/licenses/LICENSE-2.0.html"
},
"contact":{
"email":"architecture@pizzashack.com",
"name":"John Doe",
"url":"http://www.pizzashack.com"
},
"version":"1.0.0"
}
}
如果你在一个名为'swagger.json'的文件中有这种招摇,你可以像这样更新你的API。
curl -k -H "Authorization: Bearer b7108a70-3537-34f1-acbb-1c53b99d64dc"
-F "apiDefinition=@swagger.json;filename=swagger.json" -X PUT https://127.0.0.1:9443/api/am/publisher/v0.10/apis/2c5f05b2-0277-42b2-92c5-862750563661/swagger
这将使用新范围更新您的API。