wso2 · GDLMadushanka · Oct 27, 2023 · Oct 25, 2023
@@ -63,12 +63,6 @@ public class ConfigurationLoader {
     private static final QName PROTOCOL_Q = new QName("protocol");
     private static final QName HANDLERS_Q = new QName("handlers");
     private static final QName RESOURCES_Q = new QName("resources");
-    private static final QName USER_STORE_Q = new QName("userStore");
-    private static final QName USERS_Q = new QName("users");
-    private static final QName USER_Q = new QName("user");
-    private static final QName USERNAME_Q = new QName("username");
-    private static final QName PASSWORD_Q = new QName("password");
-    private static final QName IS_ADMIN_Q = new QName("isAdmin");
     private static final QName STORE_PASSWORD_Q = new QName("Password");
     private static final QName KEY_PASSWORD_Q = new QName("KeyPassword");
 
@@ -84,7 +78,6 @@ public class ConfigurationLoader {
 
     private static SSLConfiguration sslConfiguration;
     private static boolean sslConfiguredSuccessfully;
-    private static Map<String, UserInfo> userMap;
 
     private static List<InternalAPI> internalHttpApiList = new ArrayList<>();
     private static List<InternalAPI> internalHttpsApiList = new ArrayList<>();
@@ -107,7 +100,6 @@ public static void loadInternalApis(String apiFilePath) {
             }
 
             setSecretResolver(apiConfig);
-            populateUserStore(apiConfig);
 
             Iterator apiIterator = apiConfig.getChildrenWithLocalName(APIS);
 
@@ -187,54 +179,6 @@ public static void loadInternalApis(String apiFilePath) {
         }
     }
 
-    /**
-     * Populates the userList hashMap by userStore OM element
-     */
-    private static void populateUserStore(OMElement apiConfig) {
-        OMElement userStoreOM = apiConfig.getFirstChildWithName(USER_STORE_Q);
-        if (Objects.nonNull(userStoreOM)) {
-            userMap = populateUsers(userStoreOM.getFirstChildWithName(USERS_Q));
-        } else {
-            userMap = null;
-        }
-    }
-
-    /**
-     * Populates individual users.
-     *
-     * @param users the parent element of users
-     * @return map of users against UserInfo config
-     */
-    private static Map<String, UserInfo> populateUsers(OMElement users) {
-        HashMap<String, UserInfo> userMap = new HashMap<>();
-        if (users != null) {
-            @SuppressWarnings("unchecked")
-            Iterator<OMElement> usersIterator = users.getChildrenWithName(USER_Q);
-            if (usersIterator != null) {
-                while (usersIterator.hasNext()) {
-                    OMElement userElement = usersIterator.next();
-                    OMElement userNameElement = userElement.getFirstChildWithName(USERNAME_Q);
-                    OMElement passwordElement = userElement.getFirstChildWithName(PASSWORD_Q);
-                    OMElement isAdminElement = userElement.getFirstChildWithName(IS_ADMIN_Q);
-                    if (userNameElement != null && passwordElement != null) {
-                        String userName = userNameElement.getText();
-                        if (userMap.containsKey(userName)) {
-                            handleException("Error parsing the file based user store. User: " + userName + " defined "
-                                            + "more than once. ");
-                        }
-                        boolean isAdmin = false;
-                        if (isAdminElement != null) {
-                            isAdmin = Boolean.parseBoolean(isAdminElement.getText().trim());
-                        }
-                        userMap.put(userName, new UserInfo(userName,
-                                resolveSecret(passwordElement.getText()).toCharArray(), isAdmin));
-                    }
-                }
-            }
-        }
-        return userMap;
-    }
-
     /**
      * Checks if the text is protected and returns decrypted text if protected, else returns the plain text
      * @param text
@@ -337,10 +281,6 @@ private static InternalAPI createApi(String classFQName) {
         }
     }
 
-    public static Map<String, UserInfo> getUserMap() {
-        return userMap;
-    }
-
     public static int getInternalInboundHttpPort() {
 
         return getPort(Constants.INTERNAL_HTTP_API_PORT, internalInboundHttpPortProperty,

@@ -24,7 +24,6 @@
 import org.wso2.carbon.inbound.endpoint.internal.http.api.Constants;
 import org.wso2.carbon.inbound.endpoint.internal.http.api.InternalAPI;
 import org.wso2.carbon.inbound.endpoint.internal.http.api.InternalAPIHandler;
-import org.wso2.carbon.inbound.endpoint.internal.http.api.UserInfo;
 
 import java.net.URL;
 import java.util.List;
@@ -78,51 +77,6 @@ public void testLoadHandlers() {
 
     }
 
-    /**
-     * Test loading of internal apis from the internal-apis.xml file.
-     */
-    @Test
-    public void testLoadUsers() {
-
-        // test configuration with users
-        URL url = getClass().getResource("internal-apis.xml");
-        Assert.assertNotNull("Configuration file not found", url);
-
-        ConfigurationLoader.loadInternalApis("internal/http/api/internal-apis.xml");
-        Map<String, UserInfo> userMap = ConfigurationLoader.getUserMap();
-
-        org.junit.Assert.assertEquals(3, userMap.size());
-        //Assert admin:admin
-        org.junit.Assert.assertNotNull(userMap.get("admin"));
-        org.junit.Assert.assertEquals("admin", String.valueOf(userMap.get("admin").getPassword()));
-        org.junit.Assert.assertTrue("isAdmin", userMap.get("admin").isAdmin());
-
-        //Assert user1:pwd1
-        org.junit.Assert.assertNotNull(userMap.get("user1"));
-        org.junit.Assert.assertEquals("pwd1", String.valueOf(userMap.get("user1").getPassword()));
-        org.junit.Assert.assertFalse("isAdmin", userMap.get("user1").isAdmin());
-
-        //Assert user2:pwd2
-        org.junit.Assert.assertNotNull(userMap.get("user2"));
-        org.junit.Assert.assertEquals("pwd2", String.valueOf(userMap.get("user2").getPassword()));
-        org.junit.Assert.assertFalse("isAdmin", userMap.get("user2").isAdmin());
-    }
-
-    /**
-     * Test loading of internal apis from the internal-apis.xml file.
-     */
-    @Test
-    public void testLoadInternalApisWithNoUserStore() {
-
-        // test configuration with users
-        URL url = getClass().getResource("internal-apis-without-user-store.xml");
-        Assert.assertNotNull("Configuration file not found", url);
-
-        ConfigurationLoader.loadInternalApis("internal/http/api/internal-apis-without-user-store.xml");
-        Assert.assertNull("User store is not defined in the file but it is not null",
-                          ConfigurationLoader.getUserMap());
-    }
-
     private List<InternalAPI> getApis() {
         System.setProperty(Constants.PREFIX_TO_ENABLE_INTERNAL_APIS + "SampleAPI", "true");
         URL url = getClass().getResource("internal-apis.xml");

@@ -22,7 +22,6 @@
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.inbound.endpoint.internal.http.api.ConfigurationLoader;
-import org.wso2.carbon.inbound.endpoint.internal.http.api.UserInfo;
 import org.wso2.micro.core.util.CarbonException;
 import org.wso2.micro.integrator.core.util.MicroIntegratorBaseUtils;
 import org.wso2.securevault.SecretResolverFactory;
@@ -89,21 +88,6 @@ public static OMElement getManagementApiElement() throws IOException, CarbonExce
         throw new ManagementApiUndefinedException("Management API not defined in " + getConfigurationFilePath());
     }
 
-    /**
-     * Method to get the user store define in internal-apis.xml
-     *
-     * @return a non null map if the user store is defined.
-     * @throws UserStoreUndefinedException if the user store is not defined in internal-apis.xml
-     */
-    public Map<String, UserInfo> getUserMap() throws UserStoreUndefinedException {
-        Map<String, UserInfo> usersMap = ConfigurationLoader.getUserMap();
-        if (Objects.nonNull(usersMap)) {
-            return usersMap;
-        } else {
-            throw new UserStoreUndefinedException("UserStore tag not defined inside the Management API");
-        }
-    }
-
     private static OMElement getInternalApisElement() throws IOException, CarbonException, XMLStreamException {
         File mgtApiUserConfig = getConfigurationFile();
         try (InputStream fileInputStream = new FileInputStream(mgtApiUserConfig)) {

@@ -28,6 +28,7 @@
 import org.wso2.micro.integrator.management.apis.ManagementApiUndefinedException;
 import org.wso2.micro.integrator.security.MicroIntegratorSecurityUtils;
 import org.wso2.micro.integrator.security.user.api.UserStoreException;
+import org.wso2.micro.integrator.security.user.core.file.FileBasedUserStoreManager;
 
 import java.io.IOException;
 import java.util.Map;

@@ -25,6 +25,7 @@
 import org.wso2.micro.integrator.management.apis.ManagementApiUndefinedException;
 import org.wso2.micro.integrator.security.MicroIntegratorSecurityUtils;
 import org.wso2.micro.integrator.security.user.api.UserStoreException;
+import org.wso2.micro.integrator.security.user.core.file.FileBasedUserStoreManager;
 
 import javax.xml.stream.XMLStreamException;
 import java.io.IOException;

@@ -23,9 +23,11 @@
 import org.apache.synapse.MessageContext;
 import org.apache.synapse.rest.RESTConstants;
 import org.wso2.carbon.inbound.endpoint.internal.http.api.InternalAPIHandler;
+import org.wso2.config.mapper.ConfigParser;
 import org.wso2.micro.core.util.CarbonException;
 import org.wso2.micro.integrator.management.apis.Constants;
 import org.wso2.micro.integrator.management.apis.ManagementApiUndefinedException;
+import org.wso2.micro.integrator.security.user.core.file.FileBasedUserStoreManager;
 
 import java.io.IOException;
 import java.util.ArrayList;
@@ -40,6 +42,7 @@ public abstract class SecurityHandlerAdapter implements InternalAPIHandler {
 
     protected static boolean useCarbonUserStore = false;
     private static boolean isInitialized = false;
+    private static String FILE_BASED_USER_STORE_AS_PRIMARY = "internal_apis.file_user_store.primary";
     /**
      * Resources defined in internal-apis.xml to be handled
      */
@@ -67,6 +70,10 @@ private static void initializeUserStore() throws CarbonException, IOException, M
             XMLStreamException {
         if (!isInitialized) {
             if (SecurityUtils.isFileBasedUserStoreEnabled()) {
+                Object fileUserStore = ConfigParser.getParsedConfigs().get(FILE_BASED_USER_STORE_AS_PRIMARY);
+                if (fileUserStore != null && Boolean.parseBoolean(fileUserStore.toString())) {
+                    useCarbonUserStore = true;
+                }
                 isInitialized = FileBasedUserStoreManager.getUserStoreManager().isInitialized();
             } else {
                 LOG.info("File based user store has been disabled. Carbon user store settings will be used.");

@@ -27,6 +27,7 @@
 import org.wso2.micro.integrator.management.apis.Constants;
 import org.wso2.micro.integrator.security.MicroIntegratorSecurityUtils;
 import org.wso2.micro.integrator.security.user.api.UserStoreException;
+import org.wso2.micro.integrator.security.user.core.file.FileBasedUserStoreManager;
 import org.wso2.securevault.SecretResolver;
 import org.wso2.securevault.SecureVaultException;
 

@@ -28,7 +28,6 @@
 import org.powermock.core.classloader.annotations.PrepareForTest;
 import org.powermock.modules.junit4.PowerMockRunner;
 import org.wso2.carbon.inbound.endpoint.internal.http.api.ConfigurationLoader;
-import org.wso2.carbon.inbound.endpoint.internal.http.api.UserInfo;
 import org.wso2.micro.core.util.CarbonException;
 import org.wso2.micro.integrator.core.internal.MicroIntegratorBaseConstants;
 
@@ -60,6 +59,7 @@ public void getManagementApiElement() throws CarbonException, XMLStreamException
         Assert.assertEquals(MGT_API_NAME, managementApiElement.getAttributeValue(NAME_ATTR));
     }
 
+    /*
     @Test
     public void testGetUserList() throws UserStoreUndefinedException {
         Map<String, UserInfo> userMap = new HashMap<>();
@@ -79,4 +79,5 @@ public void testGetNullUserStore() throws UserStoreUndefinedException {
         ManagementApiParser managementApiParser = new ManagementApiParser();
         managementApiParser.getUserMap();
     }
+    */
 }
@@ -67,6 +67,7 @@ public class UserCoreConstants {
     public static final String IS_USER_IN_ROLE_CACHE_IDENTIFIER = "@__isUserHasTheRole__@";
 
     public static final String DOMAIN_SEPARATOR;
+    public static final String FILE_BASED_USER_STORE_AS_PRIMARY = "internal_apis.file_user_store.primary";
 
     static {
         String userDomainSeparator = CarbonServerConfigurationService.getInstance().getFirstProperty("UserDomainSeparator");