Examples with BadRequestException com.google.api.server.spi.response.BadRequestException used on opensource projects

Example 1 with BadRequestException

use of com.google.api.server.spi.response.BadRequestException in project cryptonomica by Cryptonomica.

the class OnlineVerificationAPI method getOnlineVerificationByFingerprint.

/* --- Get online verification info by OpenPGP Public Key fingerprint  : */
@ApiMethod(name = "getOnlineVerificationByFingerprint", path = "getOnlineVerificationByFingerprint", httpMethod = ApiMethod.HttpMethod.GET)
@SuppressWarnings("unused")
public OnlineVerificationView getOnlineVerificationByFingerprint(final HttpServletRequest httpServletRequest, final User googleUser, @Named("fingerprint") final String fingerprint) throws // see: https://cloud.google.com/appengine/docs/java/endpoints/exceptions
UnauthorizedException, BadRequestException, NotFoundException {
    /* --- Check input: */
    if (fingerprint == null || fingerprint.equals("") || fingerprint.length() != 40) {
        throw new BadRequestException("fingerprint is missing or invalid");
    }
    PGPPublicKeyData pgpPublicKeyData = ofy().load().type(PGPPublicKeyData.class).filter("fingerprintStr", fingerprint).first().now();
    if (pgpPublicKeyData == null) {
        throw new NotFoundException("Key with fingerprint " + fingerprint + " not found");
    }
    /* --- Check authorization: */
    // only allowed users can get verification data:
    // << registered user
    CryptonomicaUser requester = UserTools.ensureCryptonomicaRegisteredUser(googleUser);
    LOG.warning(GSON.toJson(requester));
    // >>>>>>>>>>>>>>>>>> New OnlineVerifications are created here !!!
    // (user first have to request verification to make changes to it)
    OnlineVerification onlineVerification = ofy().load().key(Key.create(OnlineVerification.class, fingerprint)).now();
    if (onlineVerification == null) {
        if (requester.getUserId().equalsIgnoreCase(pgpPublicKeyData.getCryptonomicaUserId())) {
            onlineVerification = new OnlineVerification(pgpPublicKeyData);
            ofy().save().entity(onlineVerification).now();
        } else {
            throw new NotFoundException("Online verification data for fingerprint " + fingerprint + " not found");
        }
    }
    if (requester.getUserId().equalsIgnoreCase(pgpPublicKeyData.getCryptonomicaUserId()) || (requester.getCryptonomicaOfficer() != null && requester.getCryptonomicaOfficer()) || // || (requester.getNotary() != null && requester.getNotary()) // TODO: should all notaries have access?
    (onlineVerification.getAllowedUsers().contains(requester.getUserId()))) {
        LOG.warning("user " + requester.getUserId() + "is allowed to get online verification data for key " + fingerprint);
    } else {
        throw new UnauthorizedException("you are not allowed to get online verification data for key " + fingerprint);
    }
    LOG.warning(GSON.toJson(onlineVerification));
    ArrayList<VerificationDocument> verificationDocumentArrayList = new ArrayList<>();
    int verificationDocumentsListSize = ofy().load().type(VerificationDocument.class).filter("fingerprint", fingerprint).filter("hidden", false).list().size();
    LOG.warning("verificationDocumentsListSize: " + verificationDocumentsListSize);
    if (verificationDocumentsListSize > 0) {
        List<VerificationDocument> verificationDocumentList = ofy().load().type(VerificationDocument.class).filter("fingerprint", fingerprint).filter("hidden", false).list();
        verificationDocumentArrayList.addAll(verificationDocumentList);
        LOG.warning(GSON.toJson(verificationDocumentArrayList));
    }
    OnlineVerificationView onlineVerificationView = new OnlineVerificationView(onlineVerification, verificationDocumentArrayList);
    LOG.warning("onlineVerificationView:");
    LOG.warning(onlineVerificationView.toString());
    return onlineVerificationView;
}

Example 2 with BadRequestException

use of com.google.api.server.spi.response.BadRequestException in project cryptonomica by Cryptonomica.

the class OnlineVerificationAPI method checkSms.

// end of sendTestSms();
/* --- Check SMS  */
@ApiMethod(name = "checkSms", path = "checkSms", httpMethod = ApiMethod.HttpMethod.POST)
@SuppressWarnings("unused")
public StringWrapperObject checkSms(// final HttpServletRequest httpServletRequest,
final User googleUser, @Named("smsMessage") final String smsMessage, @Named("fingerprint") final String fingerprint) throws // see: https://cloud.google.com/appengine/docs/java/endpoints/exceptions
UnauthorizedException, BadRequestException, NotFoundException, NumberParseException, IllegalArgumentException, TwilioRestException {
    /* --- Check authorization: */
    CryptonomicaUser cryptonomicaUser = UserTools.ensureCryptonomicaRegisteredUser(googleUser);
    /* --- Check if OnlineVerificaiton entity exists */
    OnlineVerification onlineVerification = ofy().load().key(Key.create(OnlineVerification.class, fingerprint)).now();
    if (onlineVerification == null) {
        throw new NotFoundException("OnlineVerification entity does not exist in data base");
    }
    // --- store SMS:
    PhoneVerification phoneVerification = null;
    phoneVerification = ofy().load().key(Key.create(PhoneVerification.class, fingerprint)).now();
    if (phoneVerification == null) {
        throw new NotFoundException("Send sms message not found for key " + fingerprint);
    }
    LOG.warning("phoneVerification.getSmsMessage(): " + phoneVerification.getSmsMessage());
    LOG.warning("smsMessage: " + smsMessage);
    Boolean verificationResult = phoneVerification.getSmsMessage().toString().equalsIgnoreCase(smsMessage);
    phoneVerification.setVerified(verificationResult);
    StringWrapperObject result = new StringWrapperObject();
    if (verificationResult) {
        result.setMessage("Phone verified!");
    } else {
        phoneVerification.setFailedVerificationAttemps(phoneVerification.getFailedVerificationAttemps() + 1);
        ofy().save().entity(phoneVerification).now();
        if (phoneVerification.getFailedVerificationAttemps() >= 3) {
            throw new BadRequestException("The number of attempts is exhausted. Please resend new sms");
        } else {
            throw new BadRequestException("Code does not much. It was attempt # " + phoneVerification.getFailedVerificationAttemps());
        }
    }
    // save phone verification
    ofy().save().entity(phoneVerification).now();
    // record to verification
    onlineVerification.setPhoneNumber(phoneVerification.getPhoneNumber());
    ofy().save().entity(onlineVerification).now();
    return result;
}

Example 3 with BadRequestException

use of com.google.api.server.spi.response.BadRequestException in project cryptonomica by Cryptonomica.

the class OnlineVerificationAPI method sendSms.

// end of sendTestSms();
/* --- Send SMS : */
@ApiMethod(name = "sendSms", path = "sendSms", httpMethod = ApiMethod.HttpMethod.POST)
@SuppressWarnings("unused")
public StringWrapperObject sendSms(// final HttpServletRequest httpServletRequest,
final User googleUser, @Named("phoneNumber") final String phoneNumber, // in international format, f.e. +972523333333
@Named("fingerprint") final String fingerprint) throws // see: https://cloud.google.com/appengine/docs/java/endpoints/exceptions
UnauthorizedException, BadRequestException, NotFoundException, NumberParseException, IllegalArgumentException, TwilioRestException {
    /* --- Check authorization: */
    CryptonomicaUser cryptonomicaUser = UserTools.ensureCryptonomicaRegisteredUser(googleUser);
    // --- create SMS:
    String smsMessage = RandomStringUtils.randomNumeric(7);
    LOG.warning("smsMessage: " + smsMessage);
    // --- store SMS:
    PhoneVerification phoneVerification = null;
    phoneVerification = ofy().load().key(Key.create(PhoneVerification.class, fingerprint)).now();
    if (phoneVerification == null) {
        phoneVerification = new PhoneVerification(fingerprint);
    }
    if (phoneVerification.getVerified()) {
        throw new BadRequestException("Phone already verified for this OpenPGP public key " + fingerprint);
    }
    phoneVerification.setPhoneNumber(phoneNumber);
    phoneVerification.setUserEmail(cryptonomicaUser.getEmail());
    phoneVerification.setSmsMessage(smsMessage);
    phoneVerification.setFailedVerificationAttemps(0);
    phoneVerification.setSmsMessageSend(new Date());
    LOG.warning(GSON.toJson(phoneVerification));
    /* --- Send SMS */
    Message message = TwilioUtils.sendSms(phoneNumber, smsMessage);
    LOG.warning(message.toJSON());
    /* --- Save phoneVerification */
    ofy().save().entity(phoneVerification).now();
    return new StringWrapperObject("SMS message send successfully");
}

Example 4 with BadRequestException

use of com.google.api.server.spi.response.BadRequestException in project cryptonomica by Cryptonomica.

the class VerificationAPI method getVerificationByID.

/* --- Get verification info by verification ID: */
@ApiMethod(name = "getVerificationByID", path = "getVerificationByID", httpMethod = ApiMethod.HttpMethod.GET)
@SuppressWarnings("unused")
public VerificationGeneralView getVerificationByID(final HttpServletRequest httpServletRequest, final User googleUser, @Named("verificationID") final String verificationID) throws // see: https://cloud.google.com/appengine/docs/java/endpoints/exceptions
UnauthorizedException, BadRequestException, NotFoundException {
    /* --- Check authorization: */
    CryptonomicaUser cryptonomicaUser = UserTools.ensureCryptonomicaRegisteredUser(googleUser);
    /* --- Check input: */
    if (verificationID == null || verificationID.equals("")) {
        throw new BadRequestException("Verification ID missing");
    }
    /* --- Load verification entity from DS: */
    Verification verification = ofy().load().key(Key.create(Verification.class, verificationID)).now();
    if (verification == null) {
        throw new NotFoundException("Verification info not found");
    }
    /* --- Create new verification info representation: */
    VerificationGeneralView verificationGeneralView = new VerificationGeneralView(verification);
    LOG.warning(new Gson().toJson(verificationGeneralView));
    return verificationGeneralView;
}

Example 5 with BadRequestException

use of com.google.api.server.spi.response.BadRequestException in project iosched by google.

the class FcmRegistrationEndpoint method unregister.

/**
 * Remove a registration of a user's device. When a user signs out of a client they should
 * unregister. This will prevent messages from being sent to the wrong user if multiple users
 * are using the same device.
 *
 * @param deviceId FCM token representing the device.
 * @return Result containing a message about the un-registration.
 * @throws BadRequestException Thrown when there is no device ID in the request.
 */
@ApiMethod(path = "unregister", httpMethod = HttpMethod.POST)
public void unregister(User user, @Named(PARAMETER_DEVICE_ID) String deviceId) throws BadRequestException, UnauthorizedException, com.google.api.server.spi.response.NotFoundException, ForbiddenException {
    // Check to see if deviceId.
    if (Strings.isNullOrEmpty(deviceId)) {
        // Drop request.
        throw new BadRequestException("Invalid request: Request must contain " + PARAMETER_DEVICE_ID);
    }
    // Check that user making requests is non null.
    if (user == null) {
        throw new UnauthorizedException("Invalid credentials");
    }
    try {
        Device device = ofy().load().type(Device.class).id(deviceId).safe();
        // Check that the user trying to unregister the token is the same one that registered it.
        if (!device.getUserId().equals(user.getId())) {
            throw new ForbiddenException("Not authorized to unregister token");
        }
        DeviceStore.unregister(deviceId);
    } catch (NotFoundException e) {
        throw new com.google.api.server.spi.response.NotFoundException("Device ID: " + deviceId + " not found");
    }
}