Example 1 with ExpiredTokenException
use of ch.cyberduck.core.exception.ExpiredTokenException in project cyberduck by iterate-ch.
the class SDSExceptionMappingService method map.
@Override
public BackgroundException map(final ApiException failure) {
for (Throwable cause : ExceptionUtils.getThrowableList(failure)) {
if (cause instanceof SocketException) {
// Map Connection has been shutdown: javax.net.ssl.SSLException: java.net.SocketException: Broken pipe
return new DefaultSocketExceptionMappingService().map((SocketException) cause);
}
if (cause instanceof HttpResponseException) {
return new DefaultHttpResponseExceptionMappingService().map((HttpResponseException) cause);
}
if (cause instanceof IOException) {
return new DefaultIOExceptionMappingService().map((IOException) cause);
}
if (cause instanceof IllegalStateException) {
// Caused by: ch.cyberduck.core.sds.io.swagger.client.ApiException: javax.ws.rs.ProcessingException: java.lang.IllegalStateException: Connection pool shut down
return new ConnectionCanceledException(cause);
}
}
final StringBuilder buffer = new StringBuilder();
if (null != failure.getResponseBody()) {
try {
final JsonObject json = JsonParser.parseReader(new StringReader(failure.getResponseBody())).getAsJsonObject();
if (json.has("errorCode")) {
if (json.get("errorCode").isJsonPrimitive()) {
final int errorCode = json.getAsJsonPrimitive("errorCode").getAsInt();
if (log.isDebugEnabled()) {
log.debug(String.format("Failure with errorCode %s", errorCode));
}
final String key = String.format("Error %d", errorCode);
final String localized = LocaleFactory.get().localize(key, "SDS");
this.append(buffer, localized);
if (StringUtils.equals(localized, key)) {
log.warn(String.format("Missing user message for error code %d", errorCode));
if (json.has("debugInfo")) {
if (json.get("debugInfo").isJsonPrimitive()) {
this.append(buffer, json.getAsJsonPrimitive("debugInfo").getAsString());
}
}
}
switch(failure.getCode()) {
case HttpStatus.SC_BAD_REQUEST:
switch(errorCode) {
case -10100:
// [-10100] Invalid authentication method
return new AccessDeniedException(buffer.toString(), failure);
}
case HttpStatus.SC_NOT_FOUND:
switch(errorCode) {
case -70020:
// [-70020] User does not have a keypair
case -70501:
// [-70501] User not found
case -40761:
// [-40761] Filekey not found for encrypted file
return new AccessDeniedException(buffer.toString(), failure);
}
break;
case HttpStatus.SC_PRECONDITION_FAILED:
switch(errorCode) {
case -10108:
// [-10108] Radius Access-Challenge required.
if (json.has("replyMessage")) {
if (json.get("replyMessage").isJsonPrimitive()) {
final JsonPrimitive replyMessage = json.getAsJsonPrimitive("replyMessage");
if (log.isDebugEnabled()) {
log.debug(String.format("Failure with replyMessage %s", replyMessage));
}
buffer.append(replyMessage.getAsString());
}
}
return new PartialLoginFailureException(buffer.toString(), failure);
}
break;
case HttpStatus.SC_UNAUTHORIZED:
switch(errorCode) {
case -10012:
// [-10012] Wrong token.
return new ExpiredTokenException(buffer.toString(), failure);
}
break;
}
}
} else {
switch(failure.getCode()) {
case HttpStatus.SC_INTERNAL_SERVER_ERROR:
break;
default:
if (json.has("debugInfo")) {
log.warn(String.format("Missing error code for failure %s", json));
if (json.get("debugInfo").isJsonPrimitive()) {
this.append(buffer, json.getAsJsonPrimitive("debugInfo").getAsString());
}
}
}
}
} catch (JsonParseException e) {
// Ignore
}
}
switch(failure.getCode()) {
case HttpStatus.SC_FORBIDDEN:
if (failure.getResponseHeaders().containsKey("X-Forbidden")) {
return new AccessDeniedException(LocaleFactory.localizedString("The AV scanner detected that the file could be malicious", "SDS"));
}
break;
case 901:
// Server with AV scanners will block transfer attempts of infected files (upload or download) and answer the request 901
return new AccessDeniedException(LocaleFactory.localizedString("The AV scanner detected that the file could be malicious", "SDS"));
case HttpStatus.SC_PRECONDITION_FAILED:
// [-10106] Username must be changed
return new LoginFailureException(buffer.toString(), failure);
}
return new DefaultHttpResponseExceptionMappingService().map(failure, buffer, failure.getCode());
}
Also used :
SocketException(java.net.SocketException)
DefaultHttpResponseExceptionMappingService(ch.cyberduck.core.http.DefaultHttpResponseExceptionMappingService)
AccessDeniedException(ch.cyberduck.core.exception.AccessDeniedException)
ExpiredTokenException(ch.cyberduck.core.exception.ExpiredTokenException)
JsonPrimitive(com.google.gson.JsonPrimitive)
ConnectionCanceledException(ch.cyberduck.core.exception.ConnectionCanceledException)
PartialLoginFailureException(ch.cyberduck.core.exception.PartialLoginFailureException)
JsonObject(com.google.gson.JsonObject)
HttpResponseException(org.apache.http.client.HttpResponseException)
IOException(java.io.IOException)
JsonParseException(com.google.gson.JsonParseException)
LoginFailureException(ch.cyberduck.core.exception.LoginFailureException)
PartialLoginFailureException(ch.cyberduck.core.exception.PartialLoginFailureException)
DefaultSocketExceptionMappingService(ch.cyberduck.core.DefaultSocketExceptionMappingService)
StringReader(java.io.StringReader)
DefaultIOExceptionMappingService(ch.cyberduck.core.DefaultIOExceptionMappingService)
Example 2 with ExpiredTokenException
use of ch.cyberduck.core.exception.ExpiredTokenException in project cyberduck by iterate-ch.
the class STSCredentialsConfigurator method fetchSsoCredentials.
/**
* Read SSO credentials from cache file of AWS CLI
*
* @throws LoginFailureException Error reading from file
* @throws ExpiredTokenException Expired SSO credentials in cache
*/
private CachedCredential fetchSsoCredentials(final Credentials credentials, final Map<String, String> properties, final Local awsDirectory) throws LoginFailureException {
// See https://github.com/boto/botocore/blob/23ee17f5446c78167ff442302471f9928c3b4b7c/botocore/credentials.py#L2004
try {
final String ssoStartUrl = properties.get("sso_start_url");
final String ssoAccountId = properties.get("sso_account_id");
final String ssoRoleName = properties.get("sso_role_name");
final String cacheKey = String.format("{\"accountId\":\"%s\",\"roleName\":\"%s\",\"startUrl\":\"%s\"}", ssoAccountId, ssoRoleName, ssoStartUrl);
final HashCode hashCode = Hashing.sha1().newHasher().putString(cacheKey, Charsets.UTF_8).hash();
final String hash = BaseEncoding.base16().lowerCase().encode(hashCode.asBytes());
final String cachedCredentialsJson = String.format("%s.json", hash);
final Local cachedCredentialsFile = LocalFactory.get(LocalFactory.get(LocalFactory.get(awsDirectory, "cli"), "cache"), cachedCredentialsJson);
if (log.isDebugEnabled()) {
log.debug(String.format("Attempting to read SSO credentials from %s", cachedCredentialsFile.getAbsolute()));
}
if (!cachedCredentialsFile.exists()) {
throw new LoginFailureException(String.format("Missing file %s with cached SSO credentials.", cachedCredentialsFile.getAbsolute()));
}
try (InputStream in = cachedCredentialsFile.getInputStream()) {
final ObjectMapper mapper = new ObjectMapper();
mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
final CachedCredentials cached = mapper.readValue(in, CachedCredentials.class);
if (null == cached.credentials) {
throw new LoginFailureException("Failure parsing SSO credentials.");
}
final Instant expiration = Instant.parse(cached.credentials.expiration);
if (expiration.isBefore(Instant.now())) {
throw new ExpiredTokenException("Expired AWS SSO credentials.");
}
return cached.credentials;
}
} catch (IOException | AccessDeniedException e) {
throw new LoginFailureException("Failure retrieving SSO credentials.", e);
}
}
Also used :
AccessDeniedException(ch.cyberduck.core.exception.AccessDeniedException)
HashCode(com.google.common.hash.HashCode)
LoginFailureException(ch.cyberduck.core.exception.LoginFailureException)
ExpiredTokenException(ch.cyberduck.core.exception.ExpiredTokenException)
InputStream(java.io.InputStream)
Instant(java.time.Instant)
Local(ch.cyberduck.core.Local)
IOException(java.io.IOException)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
Example 3 with ExpiredTokenException
use of ch.cyberduck.core.exception.ExpiredTokenException in project cyberduck by iterate-ch.
the class S3ExceptionMappingService method map.
@Override
public BackgroundException map(final ServiceException e) {
if (e.getCause() instanceof ServiceException) {
return this.map((ServiceException) e.getCause());
}
final StringBuilder buffer = new StringBuilder();
if (StringUtils.isNotBlank(e.getErrorMessage())) {
// S3 protocol message parsed from XML
this.append(buffer, StringEscapeUtils.unescapeXml(e.getErrorMessage()));
} else {
this.append(buffer, e.getResponseStatus());
this.append(buffer, e.getMessage());
this.append(buffer, e.getErrorCode());
}
switch(e.getResponseCode()) {
case HttpStatus.SC_FORBIDDEN:
if (StringUtils.isNotBlank(e.getErrorCode())) {
switch(e.getErrorCode()) {
case "SignatureDoesNotMatch":
case "InvalidAccessKeyId":
case "InvalidClientTokenId":
case "InvalidSecurity":
case "MissingClientTokenId":
case "MissingAuthenticationToken":
return new LoginFailureException(buffer.toString(), e);
}
}
case HttpStatus.SC_BAD_REQUEST:
if (StringUtils.isNotBlank(e.getErrorCode())) {
switch(e.getErrorCode()) {
case "RequestTimeout":
return new ConnectionTimeoutException(buffer.toString(), e);
case "ExpiredToken":
case "InvalidToken":
return new ExpiredTokenException(buffer.toString(), e);
}
}
}
if (e.getCause() instanceof IOException) {
return new DefaultIOExceptionMappingService().map((IOException) e.getCause());
}
if (e.getCause() instanceof SAXException) {
return new InteroperabilityException(buffer.toString(), e);
}
if (-1 == e.getResponseCode()) {
return new InteroperabilityException(buffer.toString(), e);
}
return new DefaultHttpResponseExceptionMappingService().map(new HttpResponseException(e.getResponseCode(), buffer.toString()));
}
Also used :
ConnectionTimeoutException(ch.cyberduck.core.exception.ConnectionTimeoutException)
DefaultHttpResponseExceptionMappingService(ch.cyberduck.core.http.DefaultHttpResponseExceptionMappingService)
LoginFailureException(ch.cyberduck.core.exception.LoginFailureException)
InteroperabilityException(ch.cyberduck.core.exception.InteroperabilityException)
ServiceException(org.jets3t.service.ServiceException)
ExpiredTokenException(ch.cyberduck.core.exception.ExpiredTokenException)
HttpResponseException(org.apache.http.client.HttpResponseException)
IOException(java.io.IOException)
DefaultIOExceptionMappingService(ch.cyberduck.core.DefaultIOExceptionMappingService)
SAXException(org.xml.sax.SAXException)
Example 4 with ExpiredTokenException
use of ch.cyberduck.core.exception.ExpiredTokenException in project cyberduck by iterate-ch.
the class S3TokenExpiredResponseInterceptor method retryRequest.
@Override
public boolean retryRequest(final HttpResponse response, final int executionCount, final HttpContext context) {
if (executionCount <= MAX_RETRIES) {
switch(response.getStatusLine().getStatusCode()) {
case HttpStatus.SC_BAD_REQUEST:
final S3ServiceException failure;
try {
if (null != response.getEntity()) {
EntityUtils.updateEntity(response, new BufferedHttpEntity(response.getEntity()));
failure = new S3ServiceException(response.getStatusLine().getReasonPhrase(), EntityUtils.toString(response.getEntity()));
if (new S3ExceptionMappingService().map(failure) instanceof ExpiredTokenException) {
try {
host.setCredentials(new STSCredentialsConfigurator(trust, key, prompt).configure(host));
return true;
} catch (LoginFailureException | LoginCanceledException e) {
log.warn(String.format("Attempt to renew expired token failed. %s", e.getMessage()));
}
}
}
} catch (IOException e) {
log.warn(String.format("Failure parsing response entity from %s", response));
}
}
}
return false;
}
Also used :
LoginFailureException(ch.cyberduck.core.exception.LoginFailureException)
BufferedHttpEntity(org.apache.http.entity.BufferedHttpEntity)
ExpiredTokenException(ch.cyberduck.core.exception.ExpiredTokenException)
LoginCanceledException(ch.cyberduck.core.exception.LoginCanceledException)
S3ServiceException(org.jets3t.service.S3ServiceException)
IOException(java.io.IOException)
STSCredentialsConfigurator(ch.cyberduck.core.sts.STSCredentialsConfigurator)
Example 5 with ExpiredTokenException
use of ch.cyberduck.core.exception.ExpiredTokenException in project cyberduck by iterate-ch.
the class B2ExceptionMappingService method map.
@Override
public BackgroundException map(final B2ApiException e) {
final StringBuilder buffer = new StringBuilder();
this.append(buffer, e.getMessage());
switch(e.getStatus()) {
case HttpStatus.SC_FORBIDDEN:
if ("cap_exceeded".equalsIgnoreCase(e.getCode()) || "storage_cap_exceeded".equalsIgnoreCase(e.getCode()) || "transaction_cap_exceeded".equalsIgnoreCase(e.getCode())) {
// Reached the storage cap that you set
return new QuotaException(buffer.toString(), e);
}
break;
case HttpStatus.SC_BAD_REQUEST:
if ("file_not_present".equalsIgnoreCase(e.getCode())) {
return new NotfoundException(buffer.toString(), e);
}
if ("bad_bucket_id".equalsIgnoreCase(e.getCode())) {
return new NotfoundException(buffer.toString(), e);
}
if ("cap_exceeded".equalsIgnoreCase(e.getCode())) {
// Reached the storage cap that you set
return new QuotaException(buffer.toString(), e);
}
if ("too_many_buckets".equalsIgnoreCase(e.getCode())) {
// Reached the storage cap that you set
return new QuotaException(buffer.toString(), e);
}
if ("bad_request".equalsIgnoreCase(e.getCode())) {
if ("sha1 did not match data received".equalsIgnoreCase(e.getMessage())) {
return new ChecksumException(buffer.toString(), e);
}
if ("checksum did not match data received".equalsIgnoreCase(e.getMessage())) {
return new ChecksumException(buffer.toString(), e);
}
}
break;
case HttpStatus.SC_UNAUTHORIZED:
if ("expired_auth_token".equalsIgnoreCase(e.getCode())) {
return new ExpiredTokenException(buffer.toString(), e);
}
break;
default:
if (e.getRetry() != null) {
// Too Many Requests (429)
return new RetriableAccessDeniedException(buffer.toString(), Duration.ofSeconds(e.getRetry()), e);
}
break;
}
return new DefaultHttpResponseExceptionMappingService().map(new HttpResponseException(e.getStatus(), buffer.toString()));
}
Also used :
RetriableAccessDeniedException(ch.cyberduck.core.exception.RetriableAccessDeniedException)
NotfoundException(ch.cyberduck.core.exception.NotfoundException)
DefaultHttpResponseExceptionMappingService(ch.cyberduck.core.http.DefaultHttpResponseExceptionMappingService)
ExpiredTokenException(ch.cyberduck.core.exception.ExpiredTokenException)
ChecksumException(ch.cyberduck.core.exception.ChecksumException)
HttpResponseException(org.apache.http.client.HttpResponseException)
QuotaException(ch.cyberduck.core.exception.QuotaException)
Aggregations
ExpiredTokenException (ch.cyberduck.core.exception.ExpiredTokenException)7
IOException (java.io.IOException)6
LoginFailureException (ch.cyberduck.core.exception.LoginFailureException)4
HttpResponseException (org.apache.http.client.HttpResponseException)4
DefaultHttpResponseExceptionMappingService (ch.cyberduck.core.http.DefaultHttpResponseExceptionMappingService)3
BufferedHttpEntity (org.apache.http.entity.BufferedHttpEntity)3
DefaultIOExceptionMappingService (ch.cyberduck.core.DefaultIOExceptionMappingService)2
AccessDeniedException (ch.cyberduck.core.exception.AccessDeniedException)2
DefaultSocketExceptionMappingService (ch.cyberduck.core.DefaultSocketExceptionMappingService)1
Local (ch.cyberduck.core.Local)1
ChecksumException (ch.cyberduck.core.exception.ChecksumException)1
ConnectionCanceledException (ch.cyberduck.core.exception.ConnectionCanceledException)1
ConnectionTimeoutException (ch.cyberduck.core.exception.ConnectionTimeoutException)1
InteroperabilityException (ch.cyberduck.core.exception.InteroperabilityException)1
LoginCanceledException (ch.cyberduck.core.exception.LoginCanceledException)1
NotfoundException (ch.cyberduck.core.exception.NotfoundException)1
PartialLoginFailureException (ch.cyberduck.core.exception.PartialLoginFailureException)1
QuotaException (ch.cyberduck.core.exception.QuotaException)1
RetriableAccessDeniedException (ch.cyberduck.core.exception.RetriableAccessDeniedException)1
ApiException (ch.cyberduck.core.sds.io.swagger.client.ApiException)1
