Search in sources :

Example 16 with IdentityDetails

use of com.sun.identity.idsvcs.IdentityDetails in project OpenAM by OpenRock.

the class IdentityServicesImpl method convertToIdentityDetails.

private IdentityDetails convertToIdentityDetails(AMIdentity amIdentity, List<String> attrList) throws IdRepoException, SSOException {
    IdentityDetails rv = null;
    if (amIdentity != null) {
        IdType idType = amIdentity.getType();
        Map<String, Set<String>> attrs;
        boolean addUniversalId = false;
        rv = new IdentityDetails();
        rv.setName(amIdentity.getName());
        rv.setType(amIdentity.getType().getName());
        rv.setRealm(amIdentity.getRealm());
        if (IdType.USER.equals(idType)) {
            Set<AMIdentity> roles = amIdentity.getMemberships(IdType.ROLE);
            if (roles != null && !roles.isEmpty()) {
                AMIdentity[] rolesFound = new AMIdentity[roles.size()];
                String[] roleNames = new String[rolesFound.length];
                roles.toArray(rolesFound);
                for (int i = 0; i < rolesFound.length; i++) {
                    roleNames[i] = rolesFound[i].getName();
                }
                rv.setRoleList(new ListWrapper(roleNames));
            }
            Set<AMIdentity> groups = amIdentity.getMemberships(IdType.GROUP);
            if ((groups != null) && (groups.size() > 0)) {
                AMIdentity[] groupsFound = new AMIdentity[groups.size()];
                String[] groupNames = new String[groupsFound.length];
                groups.toArray(groupsFound);
                for (int i = 0; i < groupsFound.length; i++) {
                    groupNames[i] = groupsFound[i].getName();
                }
                rv.setGroupList(new ListWrapper(groupNames));
            }
        }
        if (IdType.GROUP.equals(idType) || IdType.ROLE.equals(idType)) {
            Set<AMIdentity> members = amIdentity.getMembers(IdType.USER);
            if ((members != null) && (members.size() > 0)) {
                AMIdentity[] membersFound = new AMIdentity[members.size()];
                String[] memberNames = new String[membersFound.length];
                members.toArray(membersFound);
                for (int i = 0; i < membersFound.length; i++) {
                    memberNames[i] = membersFound[i].getName();
                }
                rv.setMemberList(new ListWrapper(memberNames));
            }
        }
        if (attrList != null) {
            Set<String> attrNames = new HashSet<>();
            for (String attrName : attrList) {
                if ("universalid".equalsIgnoreCase(attrName)) {
                    addUniversalId = true;
                } else {
                    if (!attrNames.contains(attrName)) {
                        attrNames.add(attrName);
                    }
                }
            }
            attrs = amIdentity.getAttributes(attrNames);
        } else {
            attrs = amIdentity.getAttributes();
            addUniversalId = true;
        }
        if (addUniversalId) {
            if (attrs == null) {
                attrs = new HashMap<>();
            }
            Set<String> uidValue = new HashSet<>();
            uidValue.add(amIdentity.getUniversalId());
            attrs.put("universalid", uidValue);
        }
        if (attrs != null) {
            rv.setAttributes(asAttributeArray(attrs));
        }
    }
    return rv;
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) ListWrapper(com.sun.identity.idsvcs.ListWrapper) IdType(com.sun.identity.idm.IdType) AMIdentity(com.sun.identity.idm.AMIdentity) IdentityDetails(com.sun.identity.idsvcs.IdentityDetails) HashSet(java.util.HashSet)

Example 17 with IdentityDetails

use of com.sun.identity.idsvcs.IdentityDetails in project OpenAM by OpenRock.

the class IdentityResourceV2 method updateInstance.

/**
     * {@inheritDoc}
     */
@Override
public Promise<ResourceResponse, ResourceException> updateInstance(final Context context, final String resourceId, final UpdateRequest request) {
    RealmContext realmContext = context.asContext(RealmContext.class);
    final String realm = realmContext.getResolvedRealm();
    final JsonValue jVal = request.getContent();
    final String rev = request.getRevision();
    IdentityDetails dtls, newDtls;
    ResourceResponse resource;
    try {
        SSOToken token = getSSOToken(getCookieFromServerContext(context));
        // Retrieve details about user to be updated
        dtls = identityServices.read(resourceId, getIdentityServicesAttributes(realm, objectType), token);
        // Continue modifying the identity if read success
        boolean isUpdatingHisOwnPassword = SystemProperties.getAsBoolean(Constants.CASE_SENSITIVE_UUID) ? token.getProperty(ISAuthConstants.USER_ID).equals(resourceId) : token.getProperty(ISAuthConstants.USER_ID).equalsIgnoreCase(resourceId);
        // If the user wants to modify his password, he should use a different action.
        if (isUpdatingHisOwnPassword) {
            for (String key : jVal.keys()) {
                if (USER_PASSWORD.equalsIgnoreCase(key)) {
                    return new BadRequestException("Cannot update user password via PUT. " + "Use POST with _action=changePassword or _action=forgotPassword.").asPromise();
                }
            }
        }
        newDtls = jsonValueToIdentityDetails(objectType, jVal, realm);
        if (newDtls.getAttributes() == null || newDtls.getAttributes().length < 1) {
            throw new BadRequestException("Illegal arguments: One or more required arguments is null or empty");
        }
        if (newDtls.getName() != null && !resourceId.equalsIgnoreCase(newDtls.getName())) {
            throw new BadRequestException("id in path does not match id in request body");
        }
        newDtls.setName(resourceId);
        UserAttributeInfo userAttributeInfo = configHandler.getConfig(realm, UserAttributeInfoBuilder.class);
        // Handle attribute change when password is required
        // Get restSecurity for this realm
        RestSecurity restSecurity = restSecurityProvider.get(realm);
        // Make sure user is not admin and check to see if we are requiring a password to change any attributes
        Set<String> protectedUserAttributes = new HashSet<>();
        protectedUserAttributes.addAll(restSecurity.getProtectedUserAttributes());
        protectedUserAttributes.addAll(userAttributeInfo.getProtectedUpdateAttributes());
        if (!protectedUserAttributes.isEmpty() && !isAdmin(context)) {
            boolean hasReauthenticated = false;
            for (String protectedAttr : protectedUserAttributes) {
                JsonValue jValAttr = jVal.get(protectedAttr);
                if (!jValAttr.isNull()) {
                    // If attribute is not available set newAttr variable to empty string for use in comparison
                    String newAttr = (jValAttr.isString()) ? jValAttr.asString() : "";
                    // Get the value of current attribute
                    String currentAttr = "";
                    Map<String, Set<String>> attrs = asMap(dtls.getAttributes());
                    for (Map.Entry<String, Set<String>> attribute : attrs.entrySet()) {
                        String attributeName = attribute.getKey();
                        if (protectedAttr.equalsIgnoreCase(attributeName)) {
                            currentAttr = attribute.getValue().iterator().next();
                        }
                    }
                    // Compare newAttr and currentAttr
                    if (!currentAttr.equals(newAttr) && !hasReauthenticated) {
                        // check header to make sure that password is there then check to see if it's correct
                        String strCurrentPass = RestUtils.getMimeHeaderValue(context, CURRENT_PASSWORD);
                        if (strCurrentPass != null && !strCurrentPass.isEmpty() && checkValidPassword(resourceId, strCurrentPass.toCharArray(), realm)) {
                            //set a boolean value so we know reauth has been done
                            hasReauthenticated = true;
                        //continue will allow attribute(s) change(s)
                        } else {
                            throw new BadRequestException("Must provide a valid confirmation password to change " + "protected attribute (" + protectedAttr + ") from '" + currentAttr + "' to '" + newAttr + "'");
                        }
                    }
                }
            }
        }
        // update resource with new details
        identityServices.update(newDtls, token);
        String principalName = PrincipalRestUtils.getPrincipalNameFromServerContext(context);
        debug.message("IdentityResource.updateInstance :: UPDATE of resourceId={} in realm={} performed " + "by principalName={}", resourceId, realm, principalName);
        // read updated identity back to client
        IdentityDetails checkIdent = identityServices.read(dtls.getName(), getIdentityServicesAttributes(realm, objectType), token);
        return newResultPromise(this.identityResourceV1.buildResourceResponse(resourceId, context, checkIdent));
    } catch (final ObjectNotFound onf) {
        debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} : Could not find the " + "resource", resourceId, onf);
        return new NotFoundException("Could not find the resource [ " + resourceId + " ] to update", onf).asPromise();
    } catch (final NeedMoreCredentials needMoreCredentials) {
        debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} : Token is not authorized", resourceId, needMoreCredentials);
        return new ForbiddenException("Token is not authorized", needMoreCredentials).asPromise();
    } catch (final TokenExpired tokenExpired) {
        debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} : Unauthorized", resourceId, tokenExpired);
        return new PermanentException(401, "Unauthorized", null).asPromise();
    } catch (final AccessDenied accessDenied) {
        debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} : Access denied", resourceId, accessDenied);
        return new ForbiddenException(accessDenied.getMessage(), accessDenied).asPromise();
    } catch (final GeneralFailure generalFailure) {
        debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={}", resourceId, generalFailure);
        return new BadRequestException(generalFailure.getMessage(), generalFailure).asPromise();
    } catch (BadRequestException bre) {
        debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={}", resourceId, bre);
        return bre.asPromise();
    } catch (NotFoundException e) {
        debug.warning("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} : Could not find the " + "resource", resourceId, e);
        return new NotFoundException("Could not find the resource [ " + resourceId + " ] to update", e).asPromise();
    } catch (ResourceException re) {
        debug.warning("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} ", resourceId, re);
        return re.asPromise();
    } catch (final Exception e) {
        debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={}", resourceId, e);
        return new NotFoundException(e.getMessage(), e).asPromise();
    }
}
Also used : UserAttributeInfo(org.forgerock.openam.core.rest.UserAttributeInfo) SSOToken(com.iplanet.sso.SSOToken) Set(java.util.Set) HashSet(java.util.HashSet) NotFoundException(org.forgerock.json.resource.NotFoundException) ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException) ObjectNotFound(com.sun.identity.idsvcs.ObjectNotFound) PermanentException(org.forgerock.json.resource.PermanentException) RestSecurity(org.forgerock.openam.services.RestSecurity) TokenExpired(com.sun.identity.idsvcs.TokenExpired) ResourceException(org.forgerock.json.resource.ResourceException) HashSet(java.util.HashSet) ForbiddenException(org.forgerock.json.resource.ForbiddenException) NeedMoreCredentials(com.sun.identity.idsvcs.NeedMoreCredentials) RealmContext(org.forgerock.openam.rest.RealmContext) JsonValue(org.forgerock.json.JsonValue) AccessDenied(com.sun.identity.idsvcs.AccessDenied) MessagingException(javax.mail.MessagingException) ConflictException(org.forgerock.json.resource.ConflictException) PermanentException(org.forgerock.json.resource.PermanentException) InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException) ForbiddenException(org.forgerock.json.resource.ForbiddenException) DeleteFailedException(org.forgerock.openam.cts.exceptions.DeleteFailedException) SSOException(com.iplanet.sso.SSOException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) NotFoundException(org.forgerock.json.resource.NotFoundException) ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException) NotSupportedException(org.forgerock.json.resource.NotSupportedException) BadRequestException(org.forgerock.json.resource.BadRequestException) IdRepoException(com.sun.identity.idm.IdRepoException) SMSException(com.sun.identity.sm.SMSException) ResourceException(org.forgerock.json.resource.ResourceException) CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException) Responses.newResourceResponse(org.forgerock.json.resource.Responses.newResourceResponse) ResourceResponse(org.forgerock.json.resource.ResourceResponse) GeneralFailure(com.sun.identity.idsvcs.GeneralFailure) IdentityDetails(com.sun.identity.idsvcs.IdentityDetails) BadRequestException(org.forgerock.json.resource.BadRequestException) Map(java.util.Map) IdentityServicesImpl.asMap(com.sun.identity.idsvcs.opensso.IdentityServicesImpl.asMap) LinkedHashMap(java.util.LinkedHashMap)

Example 18 with IdentityDetails

use of com.sun.identity.idsvcs.IdentityDetails in project OpenAM by OpenRock.

the class IdentityResourceV1 method attemptResourceCreation.

private Promise<IdentityDetails, ResourceException> attemptResourceCreation(String realm, SSOToken admin, IdentityDetails identity, String resourceId) {
    try {
        identityServices.create(identity, admin);
        IdentityDetails dtls = identityServices.read(resourceId, getIdentityServicesAttributes(realm), admin);
        if (debug.messageEnabled()) {
            debug.message("IdentityResource.createInstance() :: Created resourceId={} in realm={} by AdminID={}", resourceId, realm, admin.getTokenID());
        }
        return newResultPromise(dtls);
    } catch (final ObjectNotFound notFound) {
        debug.error("IdentityResource.createInstance() :: Cannot READ resourceId={} : Resource cannot be found.", resourceId, notFound);
        return new NotFoundException("Resource not found.", notFound).asPromise();
    } catch (final TokenExpired tokenExpired) {
        debug.error("IdentityResource.createInstance() :: Cannot CREATE resourceId={} : Unauthorized", resourceId, tokenExpired);
        return new PermanentException(401, "Unauthorized", null).asPromise();
    } catch (final NeedMoreCredentials needMoreCredentials) {
        debug.error("IdentityResource.createInstance() :: Cannot CREATE resourceId={} : Token is not authorized", resourceId, needMoreCredentials);
        return new ForbiddenException("Token is not authorized", needMoreCredentials).asPromise();
    } catch (ResourceException re) {
        debug.warning("IdentityResource.createInstance() :: Cannot CREATE resourceId={}", resourceId, re);
        return re.asPromise();
    } catch (final Exception e) {
        debug.error("IdentityResource.createInstance() :: Cannot CREATE resourceId={}", resourceId, e);
        return new NotFoundException(e.getMessage(), e).asPromise();
    }
}
Also used : ForbiddenException(org.forgerock.json.resource.ForbiddenException) NeedMoreCredentials(com.sun.identity.idsvcs.NeedMoreCredentials) ObjectNotFound(com.sun.identity.idsvcs.ObjectNotFound) PermanentException(org.forgerock.json.resource.PermanentException) IdentityRestUtils.jsonValueToIdentityDetails(org.forgerock.openam.core.rest.IdentityRestUtils.jsonValueToIdentityDetails) IdentityDetails(com.sun.identity.idsvcs.IdentityDetails) NotFoundException(org.forgerock.json.resource.NotFoundException) ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException) TokenExpired(com.sun.identity.idsvcs.TokenExpired) ResourceException(org.forgerock.json.resource.ResourceException) InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException) DeleteFailedException(org.forgerock.openam.cts.exceptions.DeleteFailedException) SSOException(com.iplanet.sso.SSOException) NotFoundException(org.forgerock.json.resource.NotFoundException) NotSupportedException(org.forgerock.json.resource.NotSupportedException) BadRequestException(org.forgerock.json.resource.BadRequestException) MessagingException(javax.mail.MessagingException) ConflictException(org.forgerock.json.resource.ConflictException) PermanentException(org.forgerock.json.resource.PermanentException) ForbiddenException(org.forgerock.json.resource.ForbiddenException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException) IdRepoException(com.sun.identity.idm.IdRepoException) SMSException(com.sun.identity.sm.SMSException) ResourceException(org.forgerock.json.resource.ResourceException) CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)

Example 19 with IdentityDetails

use of com.sun.identity.idsvcs.IdentityDetails in project OpenAM by OpenRock.

the class IdentityResourceV1 method deleteInstance.

/**
     * {@inheritDoc}
     */
@Override
public Promise<ResourceResponse, ResourceException> deleteInstance(final Context context, final String resourceId, final DeleteRequest request) {
    RealmContext realmContext = context.asContext(RealmContext.class);
    final String realm = realmContext.getResolvedRealm();
    JsonValue result = new JsonValue(new LinkedHashMap<String, Object>(1));
    ResourceResponse resource;
    IdentityDetails dtls;
    try {
        SSOToken admin = getSSOToken(getCookieFromServerContext(context));
        // read to see if resource is available to user
        dtls = identityServices.read(resourceId, getIdentityServicesAttributes(realm), admin);
        // delete the resource
        identityServices.delete(dtls, admin);
        String principalName = PrincipalRestUtils.getPrincipalNameFromServerContext(context);
        debug.message("IdentityResource.deleteInstance :: DELETE of resourceId={} in realm={} performed by " + "principalName={}", resourceId, realm, principalName);
        result.put("success", "true");
        resource = newResourceResponse(resourceId, "0", result);
        return newResultPromise(resource);
    } catch (final NeedMoreCredentials ex) {
        debug.error("IdentityResource.deleteInstance() :: Cannot DELETE resourceId={} : User does not have enough" + " privileges.", resourceId, ex);
        return new ForbiddenException(resourceId, ex).asPromise();
    } catch (final ObjectNotFound notFound) {
        debug.error("IdentityResource.deleteInstance() :: Cannot DELETE {} : Resource cannot be found.", resourceId, notFound);
        return new NotFoundException("Resource cannot be found.", notFound).asPromise();
    } catch (final TokenExpired tokenExpired) {
        debug.error("IdentityResource.deleteInstance() :: Cannot DELETE resourceId={} : Unauthorized", resourceId, tokenExpired);
        return new PermanentException(401, "Unauthorized", null).asPromise();
    } catch (final AccessDenied accessDenied) {
        debug.error("IdentityResource.deleteInstance() :: Cannot DELETE resourceId={} : Access denied", resourceId, accessDenied);
        return new ForbiddenException(accessDenied).asPromise();
    } catch (final GeneralFailure generalFailure) {
        debug.error("IdentityResource.deleteInstance() :: Cannot DELETE resourceId={} : general failure", resourceId, generalFailure);
        return new BadRequestException(generalFailure.getMessage(), generalFailure).asPromise();
    } catch (ForbiddenException ex) {
        debug.warning("IdentityResource.deleteInstance() :: Cannot DELETE resourceId={}: User does not have " + "enough privileges.", resourceId, ex);
        return new ForbiddenException(resourceId, ex).asPromise();
    } catch (NotFoundException notFound) {
        debug.warning("IdentityResource.deleteInstance() :: Cannot DELETE resourceId={} : Resource cannot be found", resourceId, notFound);
        return new NotFoundException("Resource cannot be found.", notFound).asPromise();
    } catch (ResourceException re) {
        debug.warning("IdentityResource.deleteInstance() :: Cannot DELETE resourceId={} : resource failure", resourceId, re);
        result.put("success", "false");
        resource = newResourceResponse(resourceId, "0", result);
        return newResultPromise(resource);
    } catch (Exception e) {
        debug.error("IdentityResource.deleteInstance() :: Cannot DELETE resourceId={}", resourceId, e);
        result.put("success", "false");
        resource = newResourceResponse(resourceId, "0", result);
        return newResultPromise(resource);
    }
}
Also used : ForbiddenException(org.forgerock.json.resource.ForbiddenException) IdentityRestUtils.getSSOToken(org.forgerock.openam.core.rest.IdentityRestUtils.getSSOToken) SSOToken(com.iplanet.sso.SSOToken) NeedMoreCredentials(com.sun.identity.idsvcs.NeedMoreCredentials) RealmContext(org.forgerock.openam.rest.RealmContext) IdentityRestUtils.identityDetailsToJsonValue(org.forgerock.openam.core.rest.IdentityRestUtils.identityDetailsToJsonValue) JsonValue(org.forgerock.json.JsonValue) NotFoundException(org.forgerock.json.resource.NotFoundException) ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException) AccessDenied(com.sun.identity.idsvcs.AccessDenied) InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException) DeleteFailedException(org.forgerock.openam.cts.exceptions.DeleteFailedException) SSOException(com.iplanet.sso.SSOException) NotFoundException(org.forgerock.json.resource.NotFoundException) NotSupportedException(org.forgerock.json.resource.NotSupportedException) BadRequestException(org.forgerock.json.resource.BadRequestException) MessagingException(javax.mail.MessagingException) ConflictException(org.forgerock.json.resource.ConflictException) PermanentException(org.forgerock.json.resource.PermanentException) ForbiddenException(org.forgerock.json.resource.ForbiddenException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException) IdRepoException(com.sun.identity.idm.IdRepoException) SMSException(com.sun.identity.sm.SMSException) ResourceException(org.forgerock.json.resource.ResourceException) CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException) ResourceResponse(org.forgerock.json.resource.ResourceResponse) ObjectNotFound(com.sun.identity.idsvcs.ObjectNotFound) PermanentException(org.forgerock.json.resource.PermanentException) GeneralFailure(com.sun.identity.idsvcs.GeneralFailure) IdentityRestUtils.jsonValueToIdentityDetails(org.forgerock.openam.core.rest.IdentityRestUtils.jsonValueToIdentityDetails) IdentityDetails(com.sun.identity.idsvcs.IdentityDetails) BadRequestException(org.forgerock.json.resource.BadRequestException) TokenExpired(com.sun.identity.idsvcs.TokenExpired) ResourceException(org.forgerock.json.resource.ResourceException)

Example 20 with IdentityDetails

use of com.sun.identity.idsvcs.IdentityDetails in project OpenAM by OpenRock.

the class IdentityResourceV2 method attemptResourceCreation.

private Promise<IdentityDetails, ResourceException> attemptResourceCreation(String realm, SSOToken admin, IdentityDetails identity, String resourceId) {
    IdentityDetails dtls = null;
    try {
        // Create the resource
        identityServices.create(identity, admin);
        // Read created resource
        dtls = identityServices.read(resourceId, getIdentityServicesAttributes(realm, objectType), admin);
        if (debug.messageEnabled()) {
            debug.message("IdentityResource.createInstance() :: Created resourceId={} in realm={} by AdminID={}", resourceId, realm, admin.getTokenID());
        }
    } catch (final ObjectNotFound notFound) {
        debug.error("IdentityResource.createInstance() :: Cannot READ resourceId={} : Resource cannot be found.", resourceId, notFound);
        return new NotFoundException("Resource not found.", notFound).asPromise();
    } catch (final TokenExpired tokenExpired) {
        debug.error("IdentityResource.createInstance() :: Cannot CREATE resourceId={} : Unauthorized", resourceId, tokenExpired);
        return new PermanentException(401, "Unauthorized", null).asPromise();
    } catch (final NeedMoreCredentials needMoreCredentials) {
        debug.error("IdentityResource.createInstance() :: Cannot CREATE resourceId={} : Token is not authorized", resourceId, needMoreCredentials);
        return new ForbiddenException("Token is not authorized", needMoreCredentials).asPromise();
    } catch (final GeneralAccessDeniedError accessDenied) {
        debug.error("IdentityResource.createInstance() :: Cannot CREATE " + accessDenied);
        return new ForbiddenException().asPromise();
    } catch (GeneralFailure generalFailure) {
        debug.error("IdentityResource.createInstance() :: Cannot CREATE " + generalFailure);
        return new BadRequestException("Resource cannot be created: " + generalFailure.getMessage(), generalFailure).asPromise();
    } catch (AccessDenied accessDenied) {
        debug.error("IdentityResource.createInstance() :: Cannot CREATE " + accessDenied);
        return new ForbiddenException("Token is not authorized: " + accessDenied.getMessage(), accessDenied).asPromise();
    } catch (ResourceException re) {
        debug.warning("IdentityResource.createInstance() :: Cannot CREATE resourceId={}", resourceId, re);
        return re.asPromise();
    } catch (final Exception e) {
        debug.error("IdentityResource.createInstance() :: Cannot CREATE resourceId={}", resourceId, e);
        return new NotFoundException(e.getMessage(), e).asPromise();
    }
    return newResultPromise(dtls);
}
Also used : GeneralAccessDeniedError(com.sun.identity.idsvcs.opensso.GeneralAccessDeniedError) ForbiddenException(org.forgerock.json.resource.ForbiddenException) NeedMoreCredentials(com.sun.identity.idsvcs.NeedMoreCredentials) NotFoundException(org.forgerock.json.resource.NotFoundException) ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException) AccessDenied(com.sun.identity.idsvcs.AccessDenied) MessagingException(javax.mail.MessagingException) ConflictException(org.forgerock.json.resource.ConflictException) PermanentException(org.forgerock.json.resource.PermanentException) InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException) ForbiddenException(org.forgerock.json.resource.ForbiddenException) DeleteFailedException(org.forgerock.openam.cts.exceptions.DeleteFailedException) SSOException(com.iplanet.sso.SSOException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) NotFoundException(org.forgerock.json.resource.NotFoundException) ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException) NotSupportedException(org.forgerock.json.resource.NotSupportedException) BadRequestException(org.forgerock.json.resource.BadRequestException) IdRepoException(com.sun.identity.idm.IdRepoException) SMSException(com.sun.identity.sm.SMSException) ResourceException(org.forgerock.json.resource.ResourceException) CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException) ObjectNotFound(com.sun.identity.idsvcs.ObjectNotFound) PermanentException(org.forgerock.json.resource.PermanentException) GeneralFailure(com.sun.identity.idsvcs.GeneralFailure) IdentityDetails(com.sun.identity.idsvcs.IdentityDetails) BadRequestException(org.forgerock.json.resource.BadRequestException) TokenExpired(com.sun.identity.idsvcs.TokenExpired) ResourceException(org.forgerock.json.resource.ResourceException)

Aggregations

IdentityDetails (com.sun.identity.idsvcs.IdentityDetails)21 NotFoundException (org.forgerock.json.resource.NotFoundException)18 BadRequestException (org.forgerock.json.resource.BadRequestException)17 ResourceException (org.forgerock.json.resource.ResourceException)17 SSOException (com.iplanet.sso.SSOException)15 ServiceNotFoundException (com.sun.identity.sm.ServiceNotFoundException)14 IdRepoException (com.sun.identity.idm.IdRepoException)13 ForbiddenException (org.forgerock.json.resource.ForbiddenException)13 InternalServerErrorException (org.forgerock.json.resource.InternalServerErrorException)13 PermanentException (org.forgerock.json.resource.PermanentException)13 JsonValue (org.forgerock.json.JsonValue)12 SSOToken (com.iplanet.sso.SSOToken)10 SMSException (com.sun.identity.sm.SMSException)10 UnsupportedEncodingException (java.io.UnsupportedEncodingException)10 MessagingException (javax.mail.MessagingException)10 ConflictException (org.forgerock.json.resource.ConflictException)10 NotSupportedException (org.forgerock.json.resource.NotSupportedException)10 CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)10 DeleteFailedException (org.forgerock.openam.cts.exceptions.DeleteFailedException)10 ObjectNotFound (com.sun.identity.idsvcs.ObjectNotFound)9