use of com.microsoft.identity.common.exception.ClientException in project microsoft-authentication-library-common-for-android by AzureAD.
the class DevicePopManager method getRequestConfirmation.
@Override
public String getRequestConfirmation() throws ClientException {
// The sync API is a wrapper around the async API
// This likely shouldn't be called on the UI thread to avoid ANR
// Device perf may vary, however -- some devices this may be OK.
// YMMV
final CountDownLatch latch = new CountDownLatch(1);
final String[] result = new String[1];
final ClientException[] errorResult = new ClientException[1];
getRequestConfirmation(new TaskCompletedCallbackWithError<String, ClientException>() {
@Override
public void onTaskCompleted(@NonNull final String reqCnf) {
result[0] = reqCnf;
latch.countDown();
}
@Override
public void onError(@NonNull final ClientException error) {
errorResult[0] = error;
latch.countDown();
}
});
// Wait for the async op to complete...
try {
latch.await();
if (null != result[0]) {
return result[0];
} else {
throw errorResult[0];
}
} catch (final InterruptedException e) {
Logger.error(TAG, "Interrupted while waiting on callback.", e);
throw new ClientException(INTERRUPTED_OPERATION, e.getMessage(), e);
}
}
use of com.microsoft.identity.common.exception.ClientException in project microsoft-authentication-library-common-for-android by AzureAD.
the class DevicePopManager method getSecureHardwareState.
@Override
public SecureHardwareState getSecureHardwareState() throws ClientException {
final String errCode;
final Exception exception;
try {
final KeyPair rsaKeyPair = getKeyPairForEntry(mKeyManager.getEntry());
return getSecureHardwareState(rsaKeyPair);
} catch (final KeyStoreException e) {
errCode = KEYSTORE_NOT_INITIALIZED;
exception = e;
} catch (final NoSuchAlgorithmException e) {
errCode = NO_SUCH_ALGORITHM;
exception = e;
} catch (final UnrecoverableEntryException e) {
errCode = INVALID_PROTECTION_PARAMS;
exception = e;
}
final ClientException clientException = new ClientException(errCode, exception.getMessage(), exception);
Logger.error(TAG + ":getSecureHardwareState", errCode, exception);
throw clientException;
}
use of com.microsoft.identity.common.exception.ClientException in project microsoft-authentication-library-common-for-android by AzureAD.
the class DevicePopManager method mintSignedHttpRequestInternal.
private String mintSignedHttpRequestInternal(@Nullable final String httpMethod, final long timestamp, @NonNull final URL requestUrl, @Nullable final String accessToken, @Nullable final String nonce, @Nullable final String clientClaims) throws ClientException {
final Exception exception;
final String errCode;
try {
final JWTClaimsSet.Builder claimsBuilder = new JWTClaimsSet.Builder();
// AT/PoP requests will contain an access token, but an SPO signed-cookie will not.
if (!TextUtils.isEmpty(accessToken)) {
claimsBuilder.claim(SignedHttpRequestJwtClaims.ACCESS_TOKEN, accessToken);
}
claimsBuilder.claim(SignedHttpRequestJwtClaims.TIMESTAMP, timestamp);
claimsBuilder.claim(SignedHttpRequestJwtClaims.HTTP_HOST, // Use Authority to include port number, if supplied
requestUrl.getAuthority());
claimsBuilder.claim(SignedHttpRequestJwtClaims.CNF, getDevicePopJwkMinifiedJson());
if (!TextUtils.isEmpty(requestUrl.getPath())) {
claimsBuilder.claim(SignedHttpRequestJwtClaims.HTTP_PATH, requestUrl.getPath());
}
if (!TextUtils.isEmpty(httpMethod)) {
claimsBuilder.claim(SignedHttpRequestJwtClaims.HTTP_METHOD, httpMethod);
}
if (!TextUtils.isEmpty(nonce)) {
claimsBuilder.claim(SignedHttpRequestJwtClaims.NONCE, nonce);
}
if (!TextUtils.isEmpty(clientClaims)) {
claimsBuilder.claim(SignedHttpRequestJwtClaims.CLIENT_CLAIMS, clientClaims);
}
final JWTClaimsSet claimsSet = claimsBuilder.build();
final KeyStore.PrivateKeyEntry entry = mKeyManager.getEntry();
final PrivateKey privateKey = entry.getPrivateKey();
final RSASSASigner signer = new RSASSASigner(privateKey);
final SignedJWT signedJWT = new SignedJWT(new JWSHeader.Builder(JWSAlgorithm.RS256).keyID(getAsymmetricKeyThumbprint()).build(), claimsSet);
signedJWT.sign(signer);
return signedJWT.serialize();
} catch (final NoSuchAlgorithmException e) {
exception = e;
errCode = NO_SUCH_ALGORITHM;
} catch (final KeyStoreException e) {
exception = e;
errCode = KEYSTORE_NOT_INITIALIZED;
} catch (final JOSEException e) {
exception = e;
errCode = JWT_SIGNING_FAILURE;
} catch (final UnrecoverableEntryException e) {
exception = e;
errCode = INVALID_PROTECTION_PARAMS;
}
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M && exception.getCause() instanceof KeyPermanentlyInvalidatedException) {
Logger.warn(TAG, "Unable to access asymmetric key - clearing.");
clearAsymmetricKey();
}
final ClientException clientException = new ClientException(errCode, exception.getMessage(), exception);
Logger.error(TAG, clientException.getMessage(), clientException);
throw clientException;
}
use of com.microsoft.identity.common.exception.ClientException in project microsoft-authentication-library-common-for-android by AzureAD.
the class DevicePopManager method getPublicKey.
@Override
@NonNull
public String getPublicKey(@NonNull final PublicKeyFormat format) throws ClientException {
final String methodName = ":getPublicKey";
switch(format) {
case X_509_SubjectPublicKeyInfo_ASN_1:
return getX509SubjectPublicKeyInfo();
case JWK:
return getJwkPublicKey();
default:
final String errMsg = "Unrecognized or unsupported key format: " + format;
final ClientException clientException = new ClientException(UNKNOWN_EXPORT_FORMAT, errMsg);
Logger.error(TAG + methodName, errMsg, clientException);
throw clientException;
}
}
use of com.microsoft.identity.common.exception.ClientException in project microsoft-authentication-library-common-for-android by AzureAD.
the class DevicePopManager method generateAsymmetricKey.
@Override
public String generateAsymmetricKey(@NonNull final Context context) throws ClientException {
final Exception exception;
final String errCode;
try {
final KeyPair keyPair = generateNewRsaKeyPair(context, RSA_KEY_SIZE);
final RSAKey rsaKey = getRsaKeyForKeyPair(keyPair);
return getThumbprintForRsaKey(rsaKey);
} catch (final UnsupportedOperationException e) {
exception = e;
errCode = BAD_KEY_SIZE;
} catch (final NoSuchAlgorithmException e) {
exception = e;
errCode = NO_SUCH_ALGORITHM;
} catch (final NoSuchProviderException e) {
exception = e;
errCode = ANDROID_KEYSTORE_UNAVAILABLE;
} catch (final InvalidAlgorithmParameterException e) {
exception = e;
errCode = INVALID_ALG;
} catch (final JOSEException e) {
exception = e;
errCode = THUMBPRINT_COMPUTATION_FAILURE;
}
final ClientException clientException = new ClientException(errCode, exception.getMessage(), exception);
Logger.error(TAG, clientException.getMessage(), clientException);
throw clientException;
}
Aggregations