{"id":18512329,"url":"https://github.com/alwayslearningpls/wso2sample","last_synced_at":"2025-10-15T12:42:43.664Z","repository":{"id":118793594,"uuid":"536590496","full_name":"alwayslearningPLs/WSO2Sample","owner":"alwayslearningPLs","description":null,"archived":false,"fork":false,"pushed_at":"2022-09-16T03:32:03.000Z","size":2068,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-02-17T03:17:10.330Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/alwayslearningPLs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-09-14T13:27:50.000Z","updated_at":"2022-09-14T13:29:26.000Z","dependencies_parsed_at":null,"dependency_job_id":"c7c58ed7-7e66-4574-aa64-7ee7b2517839","html_url":"https://github.com/alwayslearningPLs/WSO2Sample","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alwayslearningPLs%2FWSO2Sample","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alwayslearningPLs%2FWSO2Sample/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alwayslearningPLs%2FWSO2Sample/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alwayslearningPLs%2FWSO2Sample/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/alwayslearningPLs","download_url":"https://codeload.github.com/alwayslearningPLs/WSO2Sample/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254131991,"owners_count":22020059,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-06T15:33:44.658Z","updated_at":"2025-10-15T12:42:38.635Z","avatar_url":"https://github.com/alwayslearningPLs.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# WSO2 API Manager\n\n## Prerequisites\n\nYou need to have installed [docker](https://docs.docker.com/engine/install/ubuntu/) and [docker-compose](https://docs.docker.com/engine/install/ubuntu/)\n\n## Up and running\n\n`docker-compose up --detach --build`\n\n## Lab\n\n### Create the API\n\nWait until you can access the [wso2 api manager](https://localhost:9443/publisher/apis). This page will redirect you to\nthe login page where you will have to enter user(admin) and password(admin) credentials.\n\nYou will an interface like this one ![rest api interface](./assets/rest_api.png). You have to click in the first one because we want to import an Open API to play with it.\n\nSelect the \"Import Open Api\" option ![rest api interface select open api](./assets/rest_api_select_open_api.png)\n\nOnce we selected the previous option, we need to import our swagger specification. Select the option \"OpenAPI File/Archive\" and import the [swagger specification](./go-dogstore/swagger.yml) from our dogstore app. ![rest api interface import OpenAPI](./assets/rest_api_import_openapi.png)\n\nWe are going to create the API in WSO2 with this parameters ![rest api interface create api using openapi](./assets/rest_api_create_api_using_openapi.png)\n\n- Name: The name of your api. In this sample, this doesn't really matters.\n- Context: It is the base path that all of our paths have in common in the dogstore app. In this case, is `/dogstore`.\n- Version: This value will be used by WSO2 when building the final URL, eg. `http://www.dogstore.com:8080/dogstore/v1/owners`.\n- Endpoint: It will be used by WSO when building the final URL also.\n\nOnce the API was created, we get to this page ![rest api interface main page](./assets/rest_api_main_page.png)\n\nHere we can see that in the first phase we have missed the *Business Plan*, let's fix it now! Go to the left nav and select: 'Develop \u003e Portal Configurations \u003e Subscriptions'. We can select between 4 plans (Bronze, Gold, Silver, Unlimited). In our case, we are going to select *Bronze* and *Silver*.\n![rest api interface selecting subscriptions](./assets/rest_api_selecting_subcriptions.png)\n\nNow, we have to disable https because our application only allows http (don't try this in production environment). Go to 'Develop \u003e API Configurations \u003e Runtime' and deselect 'HTTPS' option. ![rest api interface selecting runtime](./assets/rest_api_selecting_runtime.png)\n\nWe are just running a sample app, so we can say that our app is in \"production environment\". We should disable the sandbox environment (dev|pre env) going to 'Develop \u003e API Configurations \u003e Endpoints' and unchecking \"Sandbox Endpoint\". ![rest api interface unchecking sanbox endpoint](./assets/rest_api_uncheck_sandbox_endpoint.png)\n\nUsing this GUI, we can see/edit a lot of stuff like:\n\n- 'Develop \u003e Portal Configurations \u003e Basic info' section, where we can write some info about the API, like Github URL, Slack URL, or even restrict access by role.\n- 'Develop \u003e Portal Configurations \u003e Business info' section, where we have to write information about the business owner, business owner email, etc.\n- 'Develop \u003e Portal Configurations \u003e Documents' section, where we can write info about the API.\n- 'Develop \u003e Portal Configurations \u003e Comments' section, where we can write just plain comments about the API.\n- 'Develop \u003e API Configurations \u003e Resources' section, where we can see our endpoints, and modify them.\n- 'Develop \u003e API Configurations \u003e API Defintion' section, where we can see our Swagger definition with some content being modified by WSO2 to add OAuth support.\n- 'Develop \u003e API Configurations \u003e Local Scopes' section, where we can create roles.\n- 'Develop \u003e API Configurations \u003e Policies' section, where we can restrict per direction of each endpoint (request, response, fault), which is quite impressive.\n- 'Develop \u003e API Configurations \u003e Properties' section, where we can add custom properties like name, version, context...\n- 'Develop \u003e API Configurations \u003e Monetization' section, where we talk about money jeje.\n\n### Deploy the API\n\nNext step is to deploy our API and test it, so we can see if it works or not. Let's go! Navigate to 'Deploy \u003e Deployments' and click on deploy button.\n![rest api interface deploy button](./assets/rest_api_deploy_button.png)\n\nOnce we have deployed the API, we should see a page like this one: ![rest api interface deployment done](./assets/rest_api_deployment_done.png)\n\nAs you can see, we can't deploy more than 5 revisions at once without deleting the older ones.\n\n### Test the API through WSO2\n\nTime to test! Go to 'Test \u003e Try Out' and check that you have an `Internal-Key` to use (it is the long one in the first InputText). Take that long text, go to the file [client/test.sh](./client/test.sh), and write inside the `INTERNAL_KEY`. Then execute from the same folder, `./test.sh`. You should see an output like this:\n\n![rest api testing](./assets/rest_api_testing.png)\n\nIt works! We have just tested one endpoint, probably we should test all of them. Btw, if you want to tests more endpoints, you can check the [postman collection](./go-dogstore/dogstore.postman_collection.json). Remember that the port **8280**, which is the one that we are using to play with the app, is not \"open to the world\". So we need to get the IP address of that container using\n\n`docker container inspect wso2sample_wso_1 --format '{{ $wso := index .NetworkSettings.Networks \"wso-net\" }} {{ $wso.IPAddress }}'`\n\nor if want to use `jq`\n\n`docker container inspect wso2sample_wso_1 --format \"{{ json . }}\" | jq -r '.NetworkSettings.Networks.\"wso-net\".IPAddress'`\n\n### Pre-release the API\n\nThe final step is to publish the API, because we have already tested that all (at least one endpoint) is working. Go to 'Publish \u003e Lifecycle' and press *pre-release*\n\n![rest api before pressing pre-release](./assets/rest_api_before_pressing_pre_release.png)\n\nAfter pressing *pre-release* you will see that we have a new button at the right up corner\n\n![rest api after pressing pre-release](./assets/rest_api_after_pressing_pre_release.png)\n\nClick on 'View on Dev Portal', go to our API 'SwaggerDogstore' and click on the side nav 'Subscriptions'.\n\n![rest api subscriptions](./assets/rest_api_subscriptions.png)\n\nWe are going to select the Bronze business plan.\n\n![rest api bronze subscription](./assets/rest_api_subscription_bronze.png)\n\nWe want to generate our production keys so we can test the *pre-release* state of the API.\n\n![rest api generate keys](./assets/rest_api_generate_keys.png)\n\nHere we can generate keys (customer key, customer secret) for a wide range of grant types:\n\n- SAML2 (Security Assertion Markup Language)\n- Password\n- Client credentials\n- IWA-NTLM\n- Code\n- urn:ietf:params:oauth:grant-type:token-exchange\n- JWT\n\nIn this case, we are going to generate keys for *password* and *client credentials*, which means that we have to log in this way:\n\n```sh\n#!/bin/bash\n\nCONSUMER_KEY=hereTheConsumerKey\nCONSUMER_SECRET=hereTheConsumerSecret\n\nbasicContent=$(echo -n ${CONSUMER_KEY}:${CONSUMER_SECRET} | base64)\n\n# password login\ncurl -kX POST https://localhost:9443/oauth2/token \\\n  --data \"grant_type=password\u0026username=admin\u0026password=admin\" \\\n  --header \"Content-Type: application/x-www-form-urlencoded\" \\\n  --header \"Authorization: Basic ${basicContent}\" \\\n  --insecure \\\n  | jq .\n\n# credentials login\ncurl -kX POST https://localhost:9443/oauth2/token \\\n  --data \"grant_type=client_credentials\" \\\n  --header \"Authorization: Basic ${basicContent}\" \\\n  --insecure | jq .\n\n# One liner of password login\nCONSUMER_KEY=ModyX4WbEOYx_u2RfgPfrPnsJwoa; \\\nCONSUMER_SECRET=jO1MP8FnT9p8jfBuCyz1LfzZ1iIa; \\\nbasicContent=$(echo -n ${CONSUMER_KEY}:${CONSUMER_SECRET} | base64); \\\ncurl -kX POST https://localhost:9443/oauth2/token \\\n  --data \"grant_type=password\u0026username=admin\u0026password=admin\" \\\n  --header \"Content-Type: application/x-www-form-urlencoded\" \\\n  --header \"Authorization: Basic ${basicContent}\" \\\n  --insecure \\\n  | jq -r '.access_token'\n\n# One liner of credentials login\nCONSUMER_KEY=ModyX4WbEOYx_u2RfgPfrPnsJwoa; \\\nCONSUMER_SECRET=jO1MP8FnT9p8jfBuCyz1LfzZ1iIa; \\\nbasicContent=$(echo -n ${CONSUMER_KEY}:${CONSUMER_SECRET} | base64); \\\ncurl -kX POST https://localhost:9443/oauth2/token \\\n  --data \"grant_type=client_credentials\" \\\n  --header \"Authorization: Basic ${basicContent}\" \\\n  --insecure | jq -r '.access_token'\n```\n\n#### Test for password login\n\n![rest api grant type password success](./assets/rest_api_grant_type_password_success.png)\n\n#### Test for client credentials\n\n![rest api grant type client credentials success](./assets/rest_api_grant_type_client_credentials_success.png)\n\n#### Testing Bronze subscription\n\nExecute two times the script [prod.sh](./client/prod.sh) so you can see that after first 1000-1010 requests, server will response with *429 too many requests*\n\n### Publish the API\n\nWe can finally publish the API!\n\n![rest api publish](./assets/rest_api_publish.png)\n\n## Reference\n\n- [docker](https://docs.docker.com/engine/install/ubuntu/)\n- [docker-compose](https://docs.docker.com/engine/install/ubuntu/)\n- [SAML](https://auth0.com/blog/how-saml-authentication-works/)\n- [OAuth2 Grant Types](https://apim.docs.wso2.com/en/latest/design/api-security/oauth2/grant-types/overview/)\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falwayslearningpls%2Fwso2sample","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Falwayslearningpls%2Fwso2sample","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falwayslearningpls%2Fwso2sample/lists"}