Merge branch 'wso2:master' into master

wso2 · Jan 24, 2025 · 0b63258 · 0b63258
2 parents 7b9ac26 + 648a0b7
commit 0b63258
Show file tree

Hide file tree

Showing 127 changed files with 614 additions and 264 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -12,7 +12,7 @@ on:
 permissions:
   contents: read # to fetch code (actions/checkout)
 concurrency:
-  group: ${{ github.event.number }}
+  group: ${{ github.event.number || github.run_id }}
   cancel-in-progress: true
 jobs:
   build-carbon:
@@ -170,4 +170,4 @@ jobs:
           fetch-depth: '10'
           path: product-apim
       - name: Build product-apim with tests
-        run: mvn clean install -Dcarbon.apimgt.version=$(cat ../CARBON_APIMGT_VERSION_FILE) -fae --file product-apim/pom.xml -DskipIntegrationTests
+        run: mvn clean install -Dcarbon.apimgt.version=$(cat ../CARBON_APIMGT_VERSION_FILE) -fae --file product-apim/pom.xml -DskipIntegrationTests
diff --git a/.github/workflows/sonar-scan.yml b/.github/workflows/sonar-scan.yml
@@ -27,25 +27,31 @@ jobs:
         with:
           java-version: 11.0.16+8
           distribution: 'temurin'
-      - uses: actions/setup-node@v3
-        with:
-          node-version: '14.x'
       - name: Cache Maven packages
         uses: actions/cache@v3
         with:
           path: ~/.m2
           key: ${{ runner.os }}-m2
           restore-keys: ${{ runner.os }}-m2
-
+      - name: Build carbon-apimgt with Tests, skipping AspectJ
+        run: mvn clean install --file pom.xml -Dskip.aspectj=true  -Dmaven.test.skip=true
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      - name: Set up JDK 17
+        uses: actions/setup-java@v2
+        with:
+          java-version: 17
+          distribution: 'temurin'
       - name: Cache SonarCloud packages
-        uses: actions/cache@v1
+        uses: actions/cache@v3
         with:
           path: ~/.sonar/cache
           key: ${{ runner.os }}-sonar
           restore-keys: ${{ runner.os }}-sonar
 
-      - name: Build carbon-apimgt with Tests, skipping AspectJ
-        run: mvn clean install sonar:sonar --file pom.xml -Dskip.aspectj=true  -Dmaven.test.skip=true
+      - name: run sonar scan
+        run: mvn sonar:sonar --file pom.xml -Dskip.aspectj=true  -Dmaven.test.skip=true
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

diff --git a/components/apimgt/org.wso2.carbon.apimgt.api/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.api/pom.xml
@@ -11,7 +11,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.30.83-SNAPSHOT</version>
+        <version>9.30.101-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

diff --git a/...pimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/APIManager.java b/...pimgt/org.wso2.carbon.apimgt.api/src/main/java/org/wso2/carbon/apimgt/api/APIManager.java
@@ -519,8 +519,8 @@ List<APIProductResource> getResourcesOfAPIProduct(APIProductIdentifier productId
      * @return
      * @throws APIManagementException
      */
-    Map<String, Object> searchPaginatedAPIs(String searchQuery, String organization, int start, int end,
-            String sortBy, String sortOrder) throws APIManagementException;
+    Map<String, Object> searchPaginatedAPIs(String searchQuery, String organization, int start, int end)
+            throws APIManagementException;
 
     /**
      * Search in content of apis, api products and documents and provide the results

diff --git a/components/apimgt/org.wso2.carbon.apimgt.broker.lifecycle/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.broker.lifecycle/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <artifactId>apimgt</artifactId>
         <groupId>org.wso2.carbon.apimgt</groupId>
-        <version>9.30.83-SNAPSHOT</version>
+        <version>9.30.101-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

diff --git a/components/apimgt/org.wso2.carbon.apimgt.cache.invalidation/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.cache.invalidation/pom.xml
@@ -19,7 +19,7 @@
     <parent>
         <artifactId>apimgt</artifactId>
         <groupId>org.wso2.carbon.apimgt</groupId>
-        <version>9.30.83-SNAPSHOT</version>
+        <version>9.30.101-SNAPSHOT</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

diff --git a/components/apimgt/org.wso2.carbon.apimgt.cleanup.service/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.cleanup.service/pom.xml
@@ -19,7 +19,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.30.83-SNAPSHOT</version>
+        <version>9.30.101-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

diff --git a/components/apimgt/org.wso2.carbon.apimgt.common.analytics/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.common.analytics/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.30.83-SNAPSHOT</version>
+        <version>9.30.101-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>

diff --git a/components/apimgt/org.wso2.carbon.apimgt.common.gateway/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.common.gateway/pom.xml
@@ -3,7 +3,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.30.83-SNAPSHOT</version>
+        <version>9.30.101-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>

diff --git a/components/apimgt/org.wso2.carbon.apimgt.common.jms/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.common.jms/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.30.83-SNAPSHOT</version>
+        <version>9.30.101-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>

diff --git a/components/apimgt/org.wso2.carbon.apimgt.core/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.core/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.30.83-SNAPSHOT</version>
+        <version>9.30.101-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

diff --git a/components/apimgt/org.wso2.carbon.apimgt.devops.impl/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.devops.impl/pom.xml
@@ -21,7 +21,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.30.83-SNAPSHOT</version>
+        <version>9.30.101-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

diff --git a/components/apimgt/org.wso2.carbon.apimgt.eventing.hub/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.eventing.hub/pom.xml
@@ -20,7 +20,7 @@
     <parent>
         <artifactId>apimgt</artifactId>
         <groupId>org.wso2.carbon.apimgt</groupId>
-        <version>9.30.83-SNAPSHOT</version>
+        <version>9.30.101-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

diff --git a/components/apimgt/org.wso2.carbon.apimgt.eventing/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.eventing/pom.xml
@@ -20,7 +20,7 @@
     <parent>
         <artifactId>apimgt</artifactId>
         <groupId>org.wso2.carbon.apimgt</groupId>
-        <version>9.30.83-SNAPSHOT</version>
+        <version>9.30.101-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

diff --git a/components/apimgt/org.wso2.carbon.apimgt.gateway/pom.xml b/components/apimgt/org.wso2.carbon.apimgt.gateway/pom.xml
@@ -19,7 +19,7 @@
     <parent>
         <groupId>org.wso2.carbon.apimgt</groupId>
         <artifactId>apimgt</artifactId>
-        <version>9.30.83-SNAPSHOT</version>
+        <version>9.30.101-SNAPSHOT</version>
         <relativePath>../pom.xml</relativePath>
     </parent>
 

diff --git a/...rbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/InMemoryAPIDeployer.java b/...rbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/InMemoryAPIDeployer.java
@@ -46,6 +46,7 @@
 import org.wso2.carbon.apimgt.gateway.internal.ServiceReferenceHolder;
 import org.wso2.carbon.apimgt.gateway.service.APIGatewayAdmin;
 import org.wso2.carbon.apimgt.impl.APIConstants;
+import org.wso2.carbon.apimgt.impl.dto.ExtendedJWTConfigurationDto;
 import org.wso2.carbon.apimgt.impl.dto.GatewayArtifactSynchronizerProperties;
 import org.wso2.carbon.apimgt.impl.dto.GatewayCleanupSkipList;
 import org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.ArtifactRetriever;
@@ -210,7 +211,11 @@ public boolean deployAllAPIs(Set<String> assignedGatewayLabels, String tenantDom
 
         if (!redeployChangedAPIs) {
             try {
-                deployJWKSSynapseAPI(tenantDomain); // Deploy JWKS API
+                boolean isJWKSApiEnabled =  ServiceReferenceHolder
+                        .getInstance().getAPIManagerConfiguration().getJwtConfigurationDto().isJWKSApiEnabled();
+                if(isJWKSApiEnabled) {
+                    deployJWKSSynapseAPI(tenantDomain); // Deploy JWKS API
+                }
                 if (APIConstants.SUPER_TENANT_DOMAIN.equalsIgnoreCase(tenantDomain)) {
                     deployHealthCheckSynapseAPI(tenantDomain); // Deploy HealthCheck API for the super tenant
                 }

diff --git a/...imgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/DefaultAPIHandler.java b/...imgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/DefaultAPIHandler.java
@@ -28,7 +28,9 @@
 import org.wso2.carbon.apimgt.api.APIManagementException;
 import org.wso2.carbon.apimgt.common.gateway.constants.HealthCheckConstants;
 import org.wso2.carbon.apimgt.common.gateway.constants.JWTConstants;
+import org.wso2.carbon.apimgt.gateway.APIMgtGatewayConstants;
 import org.wso2.carbon.apimgt.gateway.InMemoryAPIDeployer;
+import org.wso2.carbon.apimgt.gateway.internal.ServiceReferenceHolder;
 import org.wso2.carbon.apimgt.gateway.utils.GatewayUtils;
 import org.wso2.carbon.apimgt.impl.APIConstants;
 import org.wso2.carbon.apimgt.impl.gatewayartifactsynchronizer.exception.ArtifactSynchronizerException;
@@ -62,7 +64,10 @@ public boolean handleRequestInFlow(MessageContext messageContext) {
             }
         }
 
-        if (isJWKSEndpoint) {
+        boolean isJWKSApiEnabled =  ServiceReferenceHolder
+                .getInstance().getAPIManagerConfiguration().getJwtConfigurationDto().isJWKSApiEnabled();
+
+        if (isJWKSEndpoint && isJWKSApiEnabled) {
             try {
                 InMemoryAPIDeployer.deployJWKSSynapseAPI(tenantDomain);
             } catch(APIManagementException e){
@@ -84,6 +89,7 @@ public boolean handleRequestInFlow(MessageContext messageContext) {
             String selectedPath = selectedAPIS.firstKey();
             API selectedAPI = selectedAPIS.get(selectedPath);
             if (selectedAPI != null) {
+                messageContext.setProperty(APIMgtGatewayConstants.API_OBJECT, selectedAPI);
                 if (GatewayUtils.isOnDemandLoading()) {
                     if (!selectedAPI.isDeployed()) {
                         synchronized ("LoadAPI_".concat(selectedAPI.getContext()).intern()) {

diff --git a/...o2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/Utils.java b/...o2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/Utils.java
@@ -79,7 +79,21 @@
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Comparator;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.LinkedHashSet;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.TreeMap;
 import javax.cache.Caching;
 import javax.xml.namespace.QName;
 
@@ -822,17 +836,19 @@ public static API getAPIByContext(MessageContext messageContext) {
      */
     public static Set<Resource> getAcceptableResources(Resource[] allAPIResources,
                                                        String httpMethod, String corsRequestMethod) {
-        Set<Resource> acceptableResources = new LinkedHashSet<>();
+        List<Resource> acceptableResourcesList = new LinkedList<>();
         for (Resource resource : allAPIResources) {
             //If the requesting method is OPTIONS or if the Resource contains the requesting method
-            String [] resourceMethods = resource.getMethods();
-            if ((RESTConstants.METHOD_OPTIONS.equals(httpMethod) && resourceMethods != null
-                    && Arrays.asList(resourceMethods).contains(corsRequestMethod))
-                    || (resourceMethods != null && Arrays.asList(resourceMethods).contains(httpMethod))) {
-                acceptableResources.add(resource);
+            if (resource.getMethods() != null && Arrays.asList(resource.getMethods()).contains(httpMethod) &&
+                    RESTConstants.METHOD_OPTIONS.equals(httpMethod)) {
+                acceptableResourcesList.add(0, resource);
+            } else if ((RESTConstants.METHOD_OPTIONS.equals(httpMethod) && resource.getMethods() != null &&
+                    Arrays.asList(resource.getMethods()).contains(corsRequestMethod)) ||
+                    (resource.getMethods() != null && Arrays.asList(resource.getMethods()).contains(httpMethod))) {
+                acceptableResourcesList.add(resource);
             }
         }
-        return acceptableResources;
+        return new LinkedHashSet<>(acceptableResourcesList);
     }
 
     /**

diff --git a/...gt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/analytics/Constants.java b/...gt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/analytics/Constants.java
@@ -63,6 +63,7 @@ public static final class ERROR_CODE_RANGES {
     public static final int RESOURCE_NOT_FOUND_ERROR_CODE = 404;
     public static final int METHOD_NOT_ALLOWED_ERROR_CODE = 405;
     public static final int ENDPOINT_SUSPENDED_ERROR_CODE = 303001;
+    public static final int RESOURCE_NOT_FOUND_APIM_ERROR_CODE = 900906;
 
     public static final int WS_BAD_GATEWAY_ERROR_CODE = 1014;
 

diff --git a/.../src/main/java/org/wso2/carbon/apimgt/gateway/handlers/analytics/FaultCodeClassifier.java b/.../src/main/java/org/wso2/carbon/apimgt/gateway/handlers/analytics/FaultCodeClassifier.java
@@ -141,7 +141,8 @@ public boolean isResourceNotFound() {
         if (messageContext.getPropertyKeySet().contains(SynapseConstants.ERROR_CODE)) {
             int errorCode = (int) messageContext.getProperty(SynapseConstants.ERROR_CODE);
             return messageContext.getPropertyKeySet().contains(RESTConstants.PROCESSED_API)
-                    && errorCode == Constants.RESOURCE_NOT_FOUND_ERROR_CODE;
+                    && (errorCode == Constants.RESOURCE_NOT_FOUND_ERROR_CODE
+                    || errorCode == Constants.RESOURCE_NOT_FOUND_APIM_ERROR_CODE);
         }
         return false;
     }

diff --git a/.../java/org/wso2/carbon/apimgt/gateway/handlers/analytics/SynapseAnalyticsDataProvider.java b/.../java/org/wso2/carbon/apimgt/gateway/handlers/analytics/SynapseAnalyticsDataProvider.java
@@ -522,7 +522,8 @@ private boolean isAuthFaultRequest() {
 
         int errorCode = getErrorCode();
         return errorCode >= Constants.ERROR_CODE_RANGES.AUTH_FAILURE_START
-                && errorCode < Constants.ERROR_CODE_RANGES.AUTH_FAILURE__END;
+                && errorCode < Constants.ERROR_CODE_RANGES.AUTH_FAILURE__END
+                && errorCode != Constants.RESOURCE_NOT_FOUND_APIM_ERROR_CODE;
     }
 
     private boolean isThrottledFaultRequest() {

diff --git a/...c/main/java/org/wso2/carbon/apimgt/gateway/handlers/common/APIMgtLatencyStatsHandler.java b/...c/main/java/org/wso2/carbon/apimgt/gateway/handlers/common/APIMgtLatencyStatsHandler.java
@@ -131,7 +131,9 @@ private void setSwaggerToMessageContext(MessageContext messageContext) {
                         swagger = localEntryObj.getValue().toString();
                         OpenAPIParser parser = new OpenAPIParser();
                         ParseOptions parseOptions = new ParseOptions();
+                        parseOptions.setResolve(true);
                         parseOptions.setResolveFully(true);
+                        parseOptions.setResolveCombinators(false);
                         openAPI = parser.readContents(swagger, null, parseOptions).getOpenAPI();
                         // HTTP headers should be case insensitive as for HTTP 1.1 RFC
                         // Thus converting headers to lowercase for schema validation.

diff --git a/...teway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/APIKeyValidator.java b/...teway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/APIKeyValidator.java
@@ -59,6 +59,7 @@
 import java.util.Arrays;
 import java.util.LinkedHashMap;
 import java.util.LinkedHashSet;
+import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
@@ -399,16 +400,21 @@ public List<VerbInfoDTO> findMatchingVerb(MessageContext synCtx) throws Resource
             if (selectedApi != null) {
                 Resource[] selectedAPIResources = selectedApi.getResources();
 
-                Set<Resource> acceptableResources = new LinkedHashSet<Resource>();
+                List<Resource> acceptableResourcesList = new LinkedList<>();
 
                 for (Resource resource : selectedAPIResources) {
                     //If the requesting method is OPTIONS or if the Resource contains the requesting method
-                    if (RESTConstants.METHOD_OPTIONS.equals(httpMethod) ||
+                    if (RESTConstants.METHOD_OPTIONS.equals(httpMethod) &&
                             (resource.getMethods() != null && Arrays.asList(resource.getMethods()).contains(httpMethod))) {
-                        acceptableResources.add(resource);
+                        acceptableResourcesList.add(0, resource);
+                    } else if (RESTConstants.METHOD_OPTIONS.equals(httpMethod) ||
+                            (resource.getMethods() != null && Arrays.asList(resource.getMethods()).contains(httpMethod))) {
+                        acceptableResourcesList.add(resource);
                     }
                 }
 
+                Set<Resource> acceptableResources = new LinkedHashSet<>(acceptableResourcesList);
+
                 if (acceptableResources.size() > 0) {
                     for (RESTDispatcher dispatcher : RESTUtils.getDispatchers()) {
                         Resource resource = dispatcher.findResource(synCtx, acceptableResources);
@@ -743,9 +749,9 @@ public APIKeyValidationInfoDTO validateSubscription(String context, String versi
     }
 
     public APIKeyValidationInfoDTO validateSubscription(String context, String version, int appID,
-                                                        String tenantDomain)
+                                                        String tenantDomain, String keyType)
             throws APISecurityException {
-        return dataStore.validateSubscription(context, version, appID,tenantDomain);
+        return dataStore.validateSubscription(context, version, appID,tenantDomain, keyType);
     }
 
     /**

diff --git a/.../src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/APIKeyDataStore.java b/.../src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/APIKeyDataStore.java
@@ -107,7 +107,7 @@ APIKeyValidationInfoDTO validateSubscription(String context, String version, Str
      * @return an APIKeyValidationInfoDTO instance containing key validation data
      * @throws org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException on error
      */
-    APIKeyValidationInfoDTO validateSubscription(String context, String version, int appId, String tenantDomain)
+    APIKeyValidationInfoDTO validateSubscription(String context, String version, int appId, String tenantDomain, String keyType)
             throws APISecurityException;
     /**
      * Validate scopes bound to the resource of the API being invoked against the scopes of the token.

diff --git a/...ain/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/APIKeyValidatorClient.java b/...ain/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/APIKeyValidatorClient.java
@@ -76,12 +76,12 @@ public APIKeyValidationInfoDTO validateSubscription(String context, String versi
     }
 
     public APIKeyValidationInfoDTO validateSubscription(String context, String version, int appId,
-                                                        String tenantDomain)
+                                                        String tenantDomain, String keyType)
             throws APISecurityException {
 
         try {
             return apiKeyValidationService
-                    .validateSubscription(context, version, appId, tenantDomain);
+                    .validateSubscription(context, version, appId, tenantDomain, keyType);
         } catch (APIKeyMgtException | APIManagementException e) {
             log.error("Error while  validate subscriptions", e);
             throw new APISecurityException(APISecurityConstants.API_AUTH_GENERAL_ERROR,

diff --git a/...rc/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/WSAPIKeyDataStore.java b/...rc/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/keys/WSAPIKeyDataStore.java
@@ -107,11 +107,11 @@ public APIKeyValidationInfoDTO validateSubscription(String context, String versi
 
     @Override
     public APIKeyValidationInfoDTO validateSubscription(String context, String version, int appId,
-                                                        String tenantDomain)
+                                                        String tenantDomain, String keyType)
             throws APISecurityException {
         APIKeyValidatorClient client = new APIKeyValidatorClient();
         try {
-            return client.validateSubscription(context, version, appId, tenantDomain);
+            return client.validateSubscription(context, version, appId, tenantDomain, keyType);
         } catch (APISecurityException ex) {
             throw new APISecurityException(ex.getErrorCode(),
                     "Resource forbidden", ex);