Search in sources :

Example 11 with ServiceAuthorizationException

use of com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException in project AuthGuard by AuthGuard.

the class OAuthServiceClient method processJsonResponse.

private void processJsonResponse(final HttpResponse<Buffer> httpResponse, final String url, final CompletableFuture<TokensResponse> future) {
    final JsonObject jsonObject = httpResponse.bodyAsJsonObject();
    final String error = jsonObject.getString("error");
    if (error != null) {
        LOG.warn("Call to {} returned an error {}", url, error);
        future.completeExceptionally(new ServiceAuthorizationException(ErrorCode.GENERIC_AUTH_FAILURE, "Unsuccessful call to the identity provider"));
    }
    final TokensResponse tokens = new TokensResponse().setAccessToken(jsonObject.getString("access_token")).setIdToken(jsonObject.getString("id_token")).setRefreshToken(jsonObject.getString("refresh_token"));
    future.complete(tokens);
}
Also used : ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException) JsonObject(io.vertx.core.json.JsonObject)

Example 12 with ServiceAuthorizationException

use of com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException in project AuthGuard by AuthGuard.

the class JwtTokenVerifier method verify.

Either<Exception, DecodedJWT> verify(final String token) {
    try {
        final DecodedJWT decoded = JWT.decode(token);
        final DecodedJWT verified = verifier.verify(decoded);
        if (this.verifyJti(verified)) {
            return Either.right(verified);
        } else {
            return Either.left(new ServiceAuthorizationException(ErrorCode.INVALID_TOKEN, "Invalid JTI", EntityType.ACCOUNT, verified.getSubject()));
        }
    } catch (final JWTVerificationException e) {
        return Either.left(new ServiceAuthorizationException(ErrorCode.GENERIC_AUTH_FAILURE, "Invalid JWT"));
    }
}
Also used : JWTVerificationException(com.auth0.jwt.exceptions.JWTVerificationException) ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException) DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)

Example 13 with ServiceAuthorizationException

use of com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException in project AuthGuard by AuthGuard.

the class BasicAuthProvider method verifyCredentialsAndGetAccount.

private Either<Exception, AccountBO> verifyCredentialsAndGetAccount(final String username, final String password, final String domain) {
    final Optional<CredentialsBO> credentialsOpt = credentialsService.getByUsernameUnsafe(username, domain);
    // TODO replace this with Either mapping
    if (credentialsOpt.isPresent()) {
        final CredentialsBO credentials = credentialsOpt.get();
        final Optional<Exception> validationError = checkIdentifier(credentials, username);
        if (validationError.isPresent()) {
            return Either.left(validationError.get());
        }
        return checkIfExpired(credentials).flatMap(valid -> checkPasswordsMatch(valid, password)).flatMap(valid -> getAccountById(valid.getAccountId()));
    } else {
        return Either.left(new ServiceAuthorizationException(ErrorCode.CREDENTIALS_DOES_NOT_EXIST, "Identifier " + username + " does not exist"));
    }
}
Also used : ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException) ErrorCode(com.nexblocks.authguard.service.exceptions.codes.ErrorCode) Logger(org.slf4j.Logger) Inject(com.google.inject.Inject) LoggerFactory(org.slf4j.LoggerFactory) ServiceException(com.nexblocks.authguard.service.exceptions.ServiceException) com.nexblocks.authguard.service.model(com.nexblocks.authguard.service.model) CredentialsService(com.nexblocks.authguard.service.CredentialsService) SecurePasswordProvider(com.nexblocks.authguard.basic.passwords.SecurePasswordProvider) Base64(java.util.Base64) SecurePassword(com.nexblocks.authguard.basic.passwords.SecurePassword) OffsetDateTime(java.time.OffsetDateTime) AccountsService(com.nexblocks.authguard.service.AccountsService) Either(io.vavr.control.Either) Optional(java.util.Optional) ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException) ServiceAuthorizationException(com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException) ServiceException(com.nexblocks.authguard.service.exceptions.ServiceException)

Aggregations

ServiceAuthorizationException (com.nexblocks.authguard.service.exceptions.ServiceAuthorizationException)13 ErrorCode (com.nexblocks.authguard.service.exceptions.codes.ErrorCode)4 Inject (com.google.inject.Inject)3 ServiceException (com.nexblocks.authguard.service.exceptions.ServiceException)3 OffsetDateTime (java.time.OffsetDateTime)3 Optional (java.util.Optional)3 CompletableFuture (java.util.concurrent.CompletableFuture)3 Logger (org.slf4j.Logger)3 LoggerFactory (org.slf4j.LoggerFactory)3 DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)2 ImmutableOAuthClientConfiguration (com.nexblocks.authguard.jwt.oauth.config.ImmutableOAuthClientConfiguration)2 AccountsService (com.nexblocks.authguard.service.AccountsService)2 SessionBO (com.nexblocks.authguard.service.model.SessionBO)2 JsonObject (io.vertx.core.json.JsonObject)2 Map (java.util.Map)2 Collectors (java.util.stream.Collectors)2 JWT (com.auth0.jwt.JWT)1 JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)1 Claim (com.auth0.jwt.interfaces.Claim)1 Maps (com.google.common.collect.Maps)1