Example 1 with ObjectNotFound
use of com.sun.identity.idsvcs.ObjectNotFound in project OpenAM by OpenRock.
the class IdentityServicesImpl method search.
/**
* Searches the identity repository to find all identities that match the search criteria.
*
* @param crestQuery A CREST Query object which will contain either a _queryId or a _queryFilter.
* @param searchModifiers The search modifiers
* @param admin Your SSO token.
* @return a list of matching identifiers.
* @throws ResourceException
*/
public List<String> search(CrestQuery crestQuery, Map<String, Set<String>> searchModifiers, SSOToken admin) throws ResourceException {
List<String> rv = new ArrayList<>();
try {
String realm = "/";
String objectType = "User";
if (searchModifiers != null) {
realm = attractValues("realm", searchModifiers, "/");
objectType = attractValues("objecttype", searchModifiers, "User");
}
AMIdentityRepository repo = getRepo(admin, realm);
IdType idType = getIdType(objectType);
if (idType != null) {
List<AMIdentity> objList = fetchAMIdentities(idType, crestQuery, false, repo, searchModifiers);
if (objList != null && !objList.isEmpty()) {
List<String> names = getNames(realm, idType, objList);
if (!names.isEmpty()) {
for (String name : names) {
rv.add(name);
}
}
}
} else {
debug.error("IdentityServicesImpl:search unsupported IdType" + objectType);
throw new BadRequestException("search unsupported IdType: " + objectType);
}
} catch (IdRepoException e) {
debug.error("IdentityServicesImpl:search", e);
throw new InternalServerErrorException(e.getMessage());
} catch (SSOException e) {
debug.error("IdentityServicesImpl:search", e);
throw new InternalServerErrorException(e.getMessage());
} catch (ObjectNotFound e) {
debug.error("IdentityServicesImpl:search", e);
throw new NotFoundException(e.getMessage());
}
return rv;
}
Also used :
ArrayList(java.util.ArrayList)
IdRepoException(com.sun.identity.idm.IdRepoException)
NotFoundException(org.forgerock.json.resource.NotFoundException)
SSOException(com.iplanet.sso.SSOException)
IdType(com.sun.identity.idm.IdType)
ObjectNotFound(com.sun.identity.idsvcs.ObjectNotFound)
AMIdentity(com.sun.identity.idm.AMIdentity)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
BadRequestException(org.forgerock.json.resource.BadRequestException)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
Example 2 with ObjectNotFound
use of com.sun.identity.idsvcs.ObjectNotFound in project OpenAM by OpenRock.
the class IdentityServicesImpl method read.
public IdentityDetails read(String name, Map<String, Set<String>> attributes, SSOToken admin) throws IdServicesException {
IdentityDetails rv = null;
String realm = null;
String repoRealm;
String identityType = null;
List<String> attrsToGet = null;
if (attributes != null) {
for (Attribute attr : asAttributeArray(attributes)) {
String attrName = attr.getName();
if ("realm".equalsIgnoreCase(attrName)) {
String[] values = attr.getValues();
if (values != null && values.length > 0) {
realm = values[0];
}
} else if ("objecttype".equalsIgnoreCase(attrName)) {
String[] values = attr.getValues();
if (values != null && values.length > 0) {
identityType = values[0];
}
} else {
if (attrsToGet == null) {
attrsToGet = new ArrayList<>();
}
attrsToGet.add(attrName);
}
}
}
if (StringUtils.isEmpty(realm)) {
repoRealm = "/";
} else {
repoRealm = realm;
}
if (StringUtils.isEmpty(identityType)) {
identityType = "User";
}
try {
AMIdentity amIdentity = getAMIdentity(admin, identityType, name, repoRealm);
if (amIdentity == null) {
debug.error("IdentityServicesImpl:read identity not found");
throw new ObjectNotFound(name);
}
if (isSpecialUser(amIdentity)) {
throw new AccessDenied("Cannot retrieve attributes for this user.");
}
rv = convertToIdentityDetails(amIdentity, attrsToGet);
if (!StringUtils.isEmpty(realm)) {
// use the realm specified by the request
rv.setRealm(realm);
}
} catch (IdRepoException e) {
debug.error("IdentityServicesImpl:read", e);
mapIdRepoException(e);
} catch (SSOException e) {
debug.error("IdentityServicesImpl:read", e);
throw new GeneralFailure(e.getMessage());
}
return rv;
}
Also used :
Attribute(com.sun.identity.idsvcs.Attribute)
ObjectNotFound(com.sun.identity.idsvcs.ObjectNotFound)
AMIdentity(com.sun.identity.idm.AMIdentity)
ArrayList(java.util.ArrayList)
IdRepoException(com.sun.identity.idm.IdRepoException)
GeneralFailure(com.sun.identity.idsvcs.GeneralFailure)
IdentityDetails(com.sun.identity.idsvcs.IdentityDetails)
SSOException(com.iplanet.sso.SSOException)
AccessDenied(com.sun.identity.idsvcs.AccessDenied)
Example 3 with ObjectNotFound
use of com.sun.identity.idsvcs.ObjectNotFound in project OpenAM by OpenRock.
the class IdentityServicesImpl method delete.
/**
* Deletes an {@code AMIdentity} from the identity repository that match
* the details specified in {@code identity}.
*
* @param identity The identity to delete.
* @param admin The admin token.
* @throws ResourceException If a problem occurs.
*/
public void delete(IdentityDetails identity, SSOToken admin) throws ResourceException {
if (identity == null) {
throw new BadRequestException("delete failed: identity object not specified.");
}
String name = identity.getName();
String identityType = identity.getType();
String realm = identity.getRealm();
if (name == null) {
throw new NotFoundException("delete failed: null object name.");
}
if (realm == null) {
realm = "/";
}
try {
AMIdentity amIdentity = getAMIdentity(admin, identityType, name, realm);
if (amIdentity != null) {
if (isSpecialUser(amIdentity)) {
throw new ForbiddenException("Cannot delete user.");
}
AMIdentityRepository repo = getRepo(admin, realm);
IdType idType = amIdentity.getType();
if (IdType.GROUP.equals(idType) || IdType.ROLE.equals(idType)) {
// First remove users from memberships
Set<AMIdentity> members = getMembers(amIdentity, IdType.USER);
for (AMIdentity member : members) {
try {
removeMember(repo, amIdentity, member);
} catch (IdRepoException ex) {
//ignore this, member maybe already removed.
}
}
}
deleteAMIdentity(repo, amIdentity);
} else {
String msg = "Object \'" + name + "\' of type \'" + identityType + "\' was not found.";
throw new NotFoundException(msg);
}
} catch (IdRepoException ex) {
debug.error("IdentityServicesImpl:delete", ex);
throw RESOURCE_MAPPING_HANDLER.handleError(ex);
} catch (SSOException ex) {
debug.error("IdentityServicesImpl:delete", ex);
throw new BadRequestException(ex.getMessage());
} catch (ObjectNotFound e) {
debug.error("IdentityServicesImpl:delete", e);
throw new NotFoundException(e.getMessage());
}
}
Also used :
ForbiddenException(org.forgerock.json.resource.ForbiddenException)
ObjectNotFound(com.sun.identity.idsvcs.ObjectNotFound)
AMIdentity(com.sun.identity.idm.AMIdentity)
AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository)
IdRepoException(com.sun.identity.idm.IdRepoException)
BadRequestException(org.forgerock.json.resource.BadRequestException)
NotFoundException(org.forgerock.json.resource.NotFoundException)
SSOException(com.iplanet.sso.SSOException)
IdType(com.sun.identity.idm.IdType)
Example 4 with ObjectNotFound
use of com.sun.identity.idsvcs.ObjectNotFound in project OpenAM by OpenRock.
the class IdentityResourceV1 method readInstance.
/**
* {@inheritDoc}
*/
@Override
public Promise<ResourceResponse, ResourceException> readInstance(final Context context, final String resourceId, final ReadRequest request) {
RealmContext realmContext = context.asContext(RealmContext.class);
final String realm = realmContext.getResolvedRealm();
IdentityDetails dtls;
try {
SSOToken admin = getSSOToken(getCookieFromServerContext(context));
dtls = identityServices.read(resourceId, getIdentityServicesAttributes(realm), admin);
String principalName = PrincipalRestUtils.getPrincipalNameFromServerContext(context);
debug.message("IdentityResource.readInstance :: READ of resourceId={} in realm={} performed by " + "principalName={}", resourceId, realm, principalName);
return newResultPromise(buildResourceResponse(resourceId, context, dtls));
} catch (final NeedMoreCredentials needMoreCredentials) {
debug.error("IdentityResource.readInstance() :: Cannot READ resourceId={} : User does not have enough " + "privileges.", resourceId, needMoreCredentials);
return new ForbiddenException("User does not have enough privileges.", needMoreCredentials).asPromise();
} catch (final ObjectNotFound objectNotFound) {
debug.error("IdentityResource.readInstance() :: Cannot READ resourceId={} : Resource cannot be found.", resourceId, objectNotFound);
return new NotFoundException("Resource cannot be found.", objectNotFound).asPromise();
} catch (final TokenExpired tokenExpired) {
debug.error("IdentityResource.readInstance() :: Cannot READ resourceId={} : Unauthorized", resourceId, tokenExpired);
return new PermanentException(401, "Unauthorized", null).asPromise();
} catch (final AccessDenied accessDenied) {
debug.error("IdentityResource.readInstance() :: Cannot READ resourceId={} : Access denied", resourceId, accessDenied);
return new ForbiddenException(accessDenied.getMessage(), accessDenied).asPromise();
} catch (final GeneralFailure generalFailure) {
debug.error("IdentityResource.readInstance() :: Cannot READ resourceId={}", resourceId, generalFailure);
return new BadRequestException(generalFailure.getMessage(), generalFailure).asPromise();
} catch (final Exception e) {
debug.error("IdentityResource.readInstance() :: Cannot READ resourceId={}", resourceId, e);
return new NotFoundException(e.getMessage(), e).asPromise();
}
}
Also used :
ForbiddenException(org.forgerock.json.resource.ForbiddenException)
IdentityRestUtils.getSSOToken(org.forgerock.openam.core.rest.IdentityRestUtils.getSSOToken)
SSOToken(com.iplanet.sso.SSOToken)
NeedMoreCredentials(com.sun.identity.idsvcs.NeedMoreCredentials)
RealmContext(org.forgerock.openam.rest.RealmContext)
NotFoundException(org.forgerock.json.resource.NotFoundException)
ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException)
AccessDenied(com.sun.identity.idsvcs.AccessDenied)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
DeleteFailedException(org.forgerock.openam.cts.exceptions.DeleteFailedException)
SSOException(com.iplanet.sso.SSOException)
NotFoundException(org.forgerock.json.resource.NotFoundException)
NotSupportedException(org.forgerock.json.resource.NotSupportedException)
BadRequestException(org.forgerock.json.resource.BadRequestException)
MessagingException(javax.mail.MessagingException)
ConflictException(org.forgerock.json.resource.ConflictException)
PermanentException(org.forgerock.json.resource.PermanentException)
ForbiddenException(org.forgerock.json.resource.ForbiddenException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException)
IdRepoException(com.sun.identity.idm.IdRepoException)
SMSException(com.sun.identity.sm.SMSException)
ResourceException(org.forgerock.json.resource.ResourceException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
ObjectNotFound(com.sun.identity.idsvcs.ObjectNotFound)
PermanentException(org.forgerock.json.resource.PermanentException)
GeneralFailure(com.sun.identity.idsvcs.GeneralFailure)
IdentityRestUtils.jsonValueToIdentityDetails(org.forgerock.openam.core.rest.IdentityRestUtils.jsonValueToIdentityDetails)
IdentityDetails(com.sun.identity.idsvcs.IdentityDetails)
BadRequestException(org.forgerock.json.resource.BadRequestException)
TokenExpired(com.sun.identity.idsvcs.TokenExpired)
Example 5 with ObjectNotFound
use of com.sun.identity.idsvcs.ObjectNotFound in project OpenAM by OpenRock.
the class IdentityResourceV1 method updateInstance.
@Override
public Promise<ResourceResponse, ResourceException> updateInstance(final Context context, final String resourceId, final UpdateRequest request) {
RealmContext realmContext = context.asContext(RealmContext.class);
final String realm = realmContext.getResolvedRealm();
final JsonValue jsonValue = request.getContent();
final String rev = request.getRevision();
IdentityDetails dtls, newDtls;
ResourceResponse resource;
try {
SSOToken admin = getSSOToken(getCookieFromServerContext(context));
// Retrieve details about user to be updated
dtls = identityServices.read(resourceId, getIdentityServicesAttributes(realm), admin);
//be removed from the IdentityDetails object.
if (!isAdmin(context)) {
for (String attrName : jsonValue.keys()) {
if ("userpassword".equalsIgnoreCase(attrName)) {
String newPassword = jsonValue.get(attrName).asString();
if (!StringUtils.isBlank(newPassword)) {
String oldPassword = RestUtils.getMimeHeaderValue(context, OLD_PASSWORD);
if (StringUtils.isBlank(oldPassword)) {
throw new BadRequestException("The old password is missing from the request");
}
//This is an end-user trying to change the password, so let's change the password by
//verifying that the provided old password is correct. We also remove the password from the
//list of attributes to prevent the administrative password reset via the update call.
jsonValue.remove(attrName);
IdentityRestUtils.changePassword(context, realm, resourceId, oldPassword, newPassword);
}
break;
}
}
}
newDtls = jsonValueToIdentityDetails(objectType, jsonValue, realm);
if (newDtls.getName() != null && !resourceId.equalsIgnoreCase(newDtls.getName())) {
throw new BadRequestException("id in path does not match id in request body");
}
newDtls.setName(resourceId);
// update resource with new details
identityServices.update(newDtls, admin);
// read updated identity back to client
IdentityDetails checkIdent = identityServices.read(dtls.getName(), getIdentityServicesAttributes(realm), admin);
// handle updated resource
resource = newResourceResponse(resourceId, "0", identityDetailsToJsonValue(checkIdent));
return newResultPromise(resource);
} catch (final ObjectNotFound onf) {
debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} : Could not find the " + "resource", resourceId, onf);
return new NotFoundException("Could not find the resource [ " + resourceId + " ] to update", onf).asPromise();
} catch (final NeedMoreCredentials needMoreCredentials) {
debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} : Token is not authorized", resourceId, needMoreCredentials);
return new ForbiddenException("Token is not authorized", needMoreCredentials).asPromise();
} catch (final TokenExpired tokenExpired) {
debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} : Unauthorized", resourceId, tokenExpired);
return new PermanentException(401, "Unauthorized", null).asPromise();
} catch (final AccessDenied accessDenied) {
debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} : Access denied", resourceId, accessDenied);
return new ForbiddenException(accessDenied.getMessage(), accessDenied).asPromise();
} catch (final GeneralFailure generalFailure) {
debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={}", resourceId, generalFailure);
return new BadRequestException(generalFailure.getMessage(), generalFailure).asPromise();
} catch (NotFoundException e) {
debug.warning("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} : Could not find the " + "resource", resourceId, e);
return new NotFoundException("Could not find the resource [ " + resourceId + " ] to update", e).asPromise();
} catch (ResourceException re) {
debug.warning("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} ", resourceId, re);
return re.asPromise();
} catch (SSOException ssoe) {
debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={}", resourceId, ssoe);
return new ForbiddenException(ssoe).asPromise();
} catch (final Exception e) {
debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={}", resourceId, e);
return new NotFoundException(e).asPromise();
}
}
Also used :
ForbiddenException(org.forgerock.json.resource.ForbiddenException)
IdentityRestUtils.getSSOToken(org.forgerock.openam.core.rest.IdentityRestUtils.getSSOToken)
SSOToken(com.iplanet.sso.SSOToken)
NeedMoreCredentials(com.sun.identity.idsvcs.NeedMoreCredentials)
RealmContext(org.forgerock.openam.rest.RealmContext)
IdentityRestUtils.identityDetailsToJsonValue(org.forgerock.openam.core.rest.IdentityRestUtils.identityDetailsToJsonValue)
JsonValue(org.forgerock.json.JsonValue)
NotFoundException(org.forgerock.json.resource.NotFoundException)
ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException)
SSOException(com.iplanet.sso.SSOException)
AccessDenied(com.sun.identity.idsvcs.AccessDenied)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
DeleteFailedException(org.forgerock.openam.cts.exceptions.DeleteFailedException)
SSOException(com.iplanet.sso.SSOException)
NotFoundException(org.forgerock.json.resource.NotFoundException)
NotSupportedException(org.forgerock.json.resource.NotSupportedException)
BadRequestException(org.forgerock.json.resource.BadRequestException)
MessagingException(javax.mail.MessagingException)
ConflictException(org.forgerock.json.resource.ConflictException)
PermanentException(org.forgerock.json.resource.PermanentException)
ForbiddenException(org.forgerock.json.resource.ForbiddenException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException)
IdRepoException(com.sun.identity.idm.IdRepoException)
SMSException(com.sun.identity.sm.SMSException)
ResourceException(org.forgerock.json.resource.ResourceException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
ResourceResponse(org.forgerock.json.resource.ResourceResponse)
ObjectNotFound(com.sun.identity.idsvcs.ObjectNotFound)
PermanentException(org.forgerock.json.resource.PermanentException)
GeneralFailure(com.sun.identity.idsvcs.GeneralFailure)
IdentityRestUtils.jsonValueToIdentityDetails(org.forgerock.openam.core.rest.IdentityRestUtils.jsonValueToIdentityDetails)
IdentityDetails(com.sun.identity.idsvcs.IdentityDetails)
BadRequestException(org.forgerock.json.resource.BadRequestException)
TokenExpired(com.sun.identity.idsvcs.TokenExpired)
ResourceException(org.forgerock.json.resource.ResourceException)
Aggregations
ObjectNotFound (com.sun.identity.idsvcs.ObjectNotFound)15
IdRepoException (com.sun.identity.idm.IdRepoException)14
SSOException (com.iplanet.sso.SSOException)12
BadRequestException (org.forgerock.json.resource.BadRequestException)12
NotFoundException (org.forgerock.json.resource.NotFoundException)12
ForbiddenException (org.forgerock.json.resource.ForbiddenException)10
InternalServerErrorException (org.forgerock.json.resource.InternalServerErrorException)10
IdentityDetails (com.sun.identity.idsvcs.IdentityDetails)9
AccessDenied (com.sun.identity.idsvcs.AccessDenied)7
GeneralFailure (com.sun.identity.idsvcs.GeneralFailure)7
TokenExpired (com.sun.identity.idsvcs.TokenExpired)7
SMSException (com.sun.identity.sm.SMSException)7
ConflictException (org.forgerock.json.resource.ConflictException)7
PermanentException (org.forgerock.json.resource.PermanentException)7
ResourceException (org.forgerock.json.resource.ResourceException)7
AMIdentity (com.sun.identity.idm.AMIdentity)6
NeedMoreCredentials (com.sun.identity.idsvcs.NeedMoreCredentials)6
ServiceNotFoundException (com.sun.identity.sm.ServiceNotFoundException)6
UnsupportedEncodingException (java.io.UnsupportedEncodingException)6
MessagingException (javax.mail.MessagingException)6
