Search in sources :

Example 6 with ObjectNotFound

use of com.sun.identity.idsvcs.ObjectNotFound in project OpenAM by OpenRock.

the class IdentityResourceV3 method patchInstance.

/**
     * Patch the user's password and only the password.  No other value may be patched.  The old value of the
     * password does not have to be known.  Admin only.  The only patch operation supported is "replace", i.e. not
     * "add" or "move", etc.
     *
     * @param context The context
     * @param resourceId The username we're patching
     * @param request The patch request
     */
@Override
public Promise<ResourceResponse, ResourceException> patchInstance(final Context context, final String resourceId, final PatchRequest request) {
    if (!objectType.equals(IdentityRestUtils.USER_TYPE)) {
        return new BadRequestException("Cannot patch object type " + objectType).asPromise();
    }
    RealmContext realmContext = context.asContext(RealmContext.class);
    final String realm = realmContext.getResolvedRealm();
    try {
        if (!isAdmin(context)) {
            return new ForbiddenException("Only admin can patch user values").asPromise();
        }
        SSOToken ssoToken = getSSOToken(RestUtils.getToken().getTokenID().toString());
        IdentityServicesImpl identityServices = getIdentityServices();
        IdentityDetails identityDetails = identityServices.read(resourceId, getIdentityServicesAttributes(realm, objectType), ssoToken);
        Attribute[] existingAttributes = identityDetails.getAttributes();
        Map<String, Set<String>> existingAttributeMap = attributesToMap(existingAttributes);
        Map<String, Set<String>> newAttributeMap = new HashMap<>();
        if (existingAttributeMap.containsKey(IdentityRestUtils.UNIVERSAL_ID)) {
            Set<String> values = existingAttributeMap.get(IdentityRestUtils.UNIVERSAL_ID);
            if (isNotEmpty(values) && !isUserActive(values.iterator().next())) {
                return new ForbiddenException("User " + resourceId + " is not active: Request is forbidden").asPromise();
            }
        }
        boolean updateNeeded = false;
        for (PatchOperation patchOperation : request.getPatchOperations()) {
            switch(patchOperation.getOperation()) {
                case PatchOperation.OPERATION_REPLACE:
                    {
                        String name = getFieldName(patchOperation.getField());
                        if (!patchableAttributes.contains(name)) {
                            return new BadRequestException("For the object type " + IdentityRestUtils.USER_TYPE + ", field \"" + name + "\" cannot be altered by PATCH").asPromise();
                        }
                        JsonValue value = patchOperation.getValue();
                        newAttributeMap.put(name, identityAttributeJsonToSet(value));
                        updateNeeded = true;
                        break;
                    }
                default:
                    return new BadRequestException("PATCH of " + IdentityRestUtils.USER_TYPE + " does not support operation " + patchOperation.getOperation()).asPromise();
            }
        }
        if (updateNeeded) {
            identityDetails.setAttributes(mapToAttributes(newAttributeMap));
            identityServices.update(identityDetails, ssoToken);
            // re-read the altered identity details from the repo.
            identityDetails = identityServices.read(resourceId, getIdentityServicesAttributes(realm, objectType), ssoToken);
        }
        return newResultPromise(newResourceResponse("result", "1", identityDetailsToJsonValue(identityDetails)));
    } catch (final ObjectNotFound notFound) {
        logger.error("IdentityResourceV3.patchInstance cannot find resource " + resourceId, notFound);
        return new NotFoundException("Resource cannot be found.", notFound).asPromise();
    } catch (final TokenExpired tokenExpired) {
        logger.error("IdentityResourceV3.patchInstance, token expired", tokenExpired);
        return new PermanentException(401, "Unauthorized", null).asPromise();
    } catch (final AccessDenied accessDenied) {
        logger.error("IdentityResourceV3.patchInstance, access denied", accessDenied);
        return new ForbiddenException(accessDenied.getMessage(), accessDenied).asPromise();
    } catch (final GeneralFailure generalFailure) {
        logger.error("IdentityResourceV3.patchInstance, general failure " + generalFailure.getMessage());
        return new BadRequestException(generalFailure.getMessage(), generalFailure).asPromise();
    } catch (ForbiddenException fex) {
        logger.warning("IdentityResourceV3.patchInstance, insufficient privileges.", fex);
        return fex.asPromise();
    } catch (NotFoundException notFound) {
        logger.warning("IdentityResourceV3.patchInstance " + resourceId + " not found", notFound);
        return new NotFoundException("Resource " + resourceId + " cannot be found.", notFound).asPromise();
    } catch (ResourceException resourceException) {
        logger.warning("IdentityResourceV3.patchInstance caught ResourceException", resourceException);
        return resourceException.asPromise();
    } catch (Exception exception) {
        logger.error("IdentityResourceV3.patchInstance caught exception", exception);
        return new InternalServerErrorException(exception.getMessage(), exception).asPromise();
    }
}
Also used : SSOToken(com.iplanet.sso.SSOToken) Set(java.util.Set) HashSet(java.util.HashSet) Attribute(com.sun.identity.idsvcs.Attribute) HashMap(java.util.HashMap) NotFoundException(org.forgerock.json.resource.NotFoundException) IdentityServicesImpl(com.sun.identity.idsvcs.opensso.IdentityServicesImpl) ObjectNotFound(com.sun.identity.idsvcs.ObjectNotFound) PermanentException(org.forgerock.json.resource.PermanentException) PatchOperation(org.forgerock.json.resource.PatchOperation) TokenExpired(com.sun.identity.idsvcs.TokenExpired) ResourceException(org.forgerock.json.resource.ResourceException) ForbiddenException(org.forgerock.json.resource.ForbiddenException) RealmContext(org.forgerock.openam.rest.RealmContext) JsonValue(org.forgerock.json.JsonValue) AccessDenied(com.sun.identity.idsvcs.AccessDenied) PermanentException(org.forgerock.json.resource.PermanentException) InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException) ForbiddenException(org.forgerock.json.resource.ForbiddenException) NotFoundException(org.forgerock.json.resource.NotFoundException) BadRequestException(org.forgerock.json.resource.BadRequestException) ResourceException(org.forgerock.json.resource.ResourceException) GeneralFailure(com.sun.identity.idsvcs.GeneralFailure) BadRequestException(org.forgerock.json.resource.BadRequestException) IdentityDetails(com.sun.identity.idsvcs.IdentityDetails) InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)

Example 7 with ObjectNotFound

use of com.sun.identity.idsvcs.ObjectNotFound in project OpenAM by OpenRock.

the class IdentityServicesImpl method searchIdentityDetails.

/**
     * Searches the identity repository to find all identities that match the search criteria and returns them as a
     * list of identities.
     *
     * @param crestQuery A CREST Query object which will contain either a _queryId or a _queryFilter.
     * @param searchModifiers The search modifiers
     * @param admin Your SSO token.
     * @return a list of matching identities.
     * @throws ResourceException
     */
public List<IdentityDetails> searchIdentityDetails(CrestQuery crestQuery, Map<String, Set<String>> searchModifiers, SSOToken admin) throws ResourceException {
    try {
        String realm = "/";
        String objectType = "User";
        if (searchModifiers != null) {
            realm = attractValues("realm", searchModifiers, "/");
            objectType = attractValues("objecttype", searchModifiers, "User");
        }
        AMIdentityRepository repo = getRepo(admin, realm);
        IdType idType = getIdType(objectType);
        if (idType != null) {
            List<AMIdentity> identities = fetchAMIdentities(idType, crestQuery, true, repo, searchModifiers);
            List<IdentityDetails> result = new ArrayList<>();
            for (AMIdentity identity : identities) {
                result.add(convertToIdentityDetails(identity, null));
            }
            return result;
        }
        debug.error("IdentityServicesImpl.searchIdentities unsupported IdType " + objectType);
        throw new BadRequestException("searchIdentities: unsupported IdType " + objectType);
    } catch (IdRepoException e) {
        debug.error("IdentityServicesImpl.searchIdentities", e);
        throw new InternalServerErrorException(e.getMessage());
    } catch (SSOException e) {
        debug.error("IdentityServicesImpl.searchIdentities", e);
        throw new InternalServerErrorException(e.getMessage());
    } catch (ObjectNotFound e) {
        debug.error("IdentityServicesImpl.searchIdentities", e);
        throw new NotFoundException(e.getMessage());
    }
}
Also used : ArrayList(java.util.ArrayList) IdRepoException(com.sun.identity.idm.IdRepoException) NotFoundException(org.forgerock.json.resource.NotFoundException) SSOException(com.iplanet.sso.SSOException) IdType(com.sun.identity.idm.IdType) ObjectNotFound(com.sun.identity.idsvcs.ObjectNotFound) AMIdentity(com.sun.identity.idm.AMIdentity) AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository) IdentityDetails(com.sun.identity.idsvcs.IdentityDetails) BadRequestException(org.forgerock.json.resource.BadRequestException) InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)

Example 8 with ObjectNotFound

use of com.sun.identity.idsvcs.ObjectNotFound in project OpenAM by OpenRock.

the class IdentityServicesImpl method create.

/**
     * Creates a new {@code AMIdentity} in the identity repository with the
     * details specified in {@code identity}.
     *
     * @param identity The identity details.
     * @param admin The admin token.
     * @throws ResourceException If a problem occurs.
     */
public void create(IdentityDetails identity, SSOToken admin) throws ResourceException {
    Reject.ifNull(identity, admin);
    // Obtain identity details & verify
    String idName = identity.getName();
    String idType = identity.getType();
    String realm = identity.getRealm();
    if (StringUtils.isEmpty(idName)) {
        // TODO: add a message to the exception
        throw new BadRequestException("Identity name not provided");
    }
    if (StringUtils.isEmpty(idType)) {
        idType = "user";
    }
    if (realm == null) {
        realm = "/";
    }
    try {
        // Obtain IdRepo to create validate IdType & operations
        IdType objectIdType = getIdType(idType);
        AMIdentityRepository repo = getRepo(admin, realm);
        if (!isOperationSupported(repo, objectIdType, IdOperation.CREATE)) {
            // TODO: add message to exception
            throw new UnsupportedOperationException("Unsupported: Type: " + idType + " Operation: CREATE");
        }
        // Obtain creation attributes
        Map<String, Set<String>> idAttrs = asMap(identity.getAttributes());
        // Create the identity, special case of Agents to merge
        // and validate the attributes
        AMIdentity amIdentity;
        if (isTypeAgent(objectIdType)) {
            createAgent(idAttrs, objectIdType, idType, idName, realm, admin);
        } else {
            // Create other identites like User, Group, Role, etc.
            amIdentity = repo.createIdentity(objectIdType, idName, idAttrs);
            // Process roles, groups & memberships
            if (IdType.USER.equals(objectIdType)) {
                Set<String> roles = asSet(identity.getRoleList());
                if (roles != null && !roles.isEmpty()) {
                    if (!isOperationSupported(repo, IdType.ROLE, IdOperation.EDIT)) {
                        // TODO: localize message
                        throw new UnsupportedOperationException("Unsupported: Type: " + IdType.ROLE + " Operation: EDIT");
                    }
                    for (String roleName : roles) {
                        AMIdentity role = fetchAMIdentity(repo, IdType.ROLE, roleName, false);
                        if (role != null) {
                            role.addMember(amIdentity);
                            role.store();
                        }
                    }
                }
                Set<String> groups = asSet(identity.getGroupList());
                if (groups != null && !groups.isEmpty()) {
                    if (!isOperationSupported(repo, IdType.GROUP, IdOperation.EDIT)) {
                        // TODO: localize message
                        throw new UnsupportedOperationException("Unsupported: Type: " + IdType.GROUP + " Operation: EDIT");
                    }
                    for (String groupName : groups) {
                        AMIdentity group = fetchAMIdentity(repo, IdType.GROUP, groupName, false);
                        if (group != null) {
                            group.addMember(amIdentity);
                            group.store();
                        }
                    }
                }
            }
            if (IdType.GROUP.equals(objectIdType) || IdType.ROLE.equals(objectIdType)) {
                Set<String> members = asSet(identity.getMemberList());
                if (members != null) {
                    if (IdType.GROUP.equals(objectIdType) && !isOperationSupported(repo, IdType.GROUP, IdOperation.EDIT)) {
                        throw new ForbiddenException("Token is not authorized");
                    }
                    if (IdType.ROLE.equals(objectIdType) && !isOperationSupported(repo, IdType.ROLE, IdOperation.EDIT)) {
                        throw new ForbiddenException("Token is not authorized");
                    }
                    for (String memberName : members) {
                        AMIdentity user = fetchAMIdentity(repo, IdType.USER, memberName, false);
                        if (user != null) {
                            amIdentity.addMember(user);
                        }
                    }
                    amIdentity.store();
                }
            }
        }
    } catch (IdRepoDuplicateObjectException ex) {
        throw new ConflictException("Resource already exists", ex);
    } catch (IdRepoException e) {
        debug.error("IdentityServicesImpl:create", e);
        if (IdRepoErrorCode.ACCESS_DENIED.equals(e.getErrorCode())) {
            throw new ForbiddenException(e.getMessage());
        } else if (e.getLdapErrorIntCode() == LDAPConstants.LDAP_CONSTRAINT_VIOLATION) {
            debug.error(e.getMessage(), e);
            throw new BadRequestException();
        } else {
            throw new NotFoundException(e.getMessage());
        }
    } catch (SSOException | SMSException | ConfigurationException | MalformedURLException | UnsupportedOperationException e) {
        debug.error("IdentityServicesImpl:create", e);
        throw new NotFoundException(e.getMessage());
    } catch (ObjectNotFound e) {
        debug.error("IdentityServicesImpl:create", e);
        throw new NotFoundException(e.getMessage());
    }
}
Also used : ForbiddenException(org.forgerock.json.resource.ForbiddenException) MalformedURLException(java.net.MalformedURLException) Set(java.util.Set) HashSet(java.util.HashSet) ConflictException(org.forgerock.json.resource.ConflictException) SMSException(com.sun.identity.sm.SMSException) IdRepoException(com.sun.identity.idm.IdRepoException) NotFoundException(org.forgerock.json.resource.NotFoundException) SSOException(com.iplanet.sso.SSOException) IdType(com.sun.identity.idm.IdType) ConfigurationException(com.sun.identity.common.configuration.ConfigurationException) ObjectNotFound(com.sun.identity.idsvcs.ObjectNotFound) IdRepoDuplicateObjectException(com.sun.identity.idm.IdRepoDuplicateObjectException) AMIdentity(com.sun.identity.idm.AMIdentity) AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository) BadRequestException(org.forgerock.json.resource.BadRequestException)

Example 9 with ObjectNotFound

use of com.sun.identity.idsvcs.ObjectNotFound in project OpenAM by OpenRock.

the class IdentityServicesImpl method update.

/**
     * Updates an {@code AMIdentity} in the identity repository with the
     * details specified in {@code identity}.
     *
     * @param identity The updated identity details.
     * @param admin The admin token.
     * @throws ResourceException If a problem occurs.
     */
public void update(IdentityDetails identity, SSOToken admin) throws ResourceException {
    String idName = identity.getName();
    String idType = identity.getType();
    String realm = identity.getRealm();
    if (StringUtils.isEmpty(idName)) {
        // TODO: add a message to the exception
        throw new BadRequestException("");
    }
    if (StringUtils.isEmpty(idType)) {
        idType = "user";
    }
    if (realm == null) {
        realm = "";
    }
    try {
        IdType objectIdType = getIdType(idType);
        AMIdentityRepository repo = getRepo(admin, realm);
        if (!isOperationSupported(repo, objectIdType, IdOperation.EDIT)) {
            // TODO: add message to exception
            throw new ForbiddenException("");
        }
        AMIdentity amIdentity = getAMIdentity(admin, repo, idType, idName);
        if (amIdentity == null) {
            String msg = "Object \'" + idName + "\' of type \'" + idType + "\' not found.'";
            throw new NotFoundException(msg);
        }
        if (isSpecialUser(amIdentity)) {
            throw new ForbiddenException("Cannot update attributes for this user.");
        }
        Map<String, Set<String>> attrs = asMap(identity.getAttributes());
        if (attrs != null && !attrs.isEmpty()) {
            Map<String, Set<String>> idAttrs = new HashMap<>();
            Set<String> removeAttrs = new HashSet<>();
            for (Map.Entry<String, Set<String>> entry : attrs.entrySet()) {
                String attrName = entry.getKey();
                Set<String> attrValues = entry.getValue();
                if (attrValues != null && !attrValues.isEmpty()) {
                    // attribute to add or modify
                    idAttrs.put(attrName, attrValues);
                } else {
                    // attribute to remove
                    removeAttrs.add(attrName);
                }
            }
            boolean storeNeeded = false;
            if (!idAttrs.isEmpty()) {
                amIdentity.setAttributes(idAttrs);
                storeNeeded = true;
            }
            if (!removeAttrs.isEmpty()) {
                amIdentity.removeAttributes(removeAttrs);
                storeNeeded = true;
            }
            if (storeNeeded) {
                amIdentity.store();
            }
        }
        if (IdType.USER.equals(objectIdType)) {
            Set<String> roles = asSet(identity.getRoleList());
            if (!roles.isEmpty()) {
                setMemberships(repo, amIdentity, roles, IdType.ROLE);
            }
            Set<String> groups = asSet(identity.getGroupList());
            if (!groups.isEmpty()) {
                setMemberships(repo, amIdentity, groups, IdType.GROUP);
            }
        }
        if (IdType.GROUP.equals(objectIdType) || IdType.ROLE.equals(objectIdType)) {
            Set<String> members = asSet(identity.getMemberList());
            if (!members.isEmpty()) {
                setMembers(repo, amIdentity, members, IdType.USER);
            }
        }
    } catch (IdRepoException ex) {
        debug.error("IdentityServicesImpl:update", ex);
        if (IdRepoErrorCode.LDAP_EXCEPTION.equals(ex.getErrorCode())) {
            throw new InternalServerErrorException(ex.getConstraintViolationDetails());
        } else if (LDAPConstants.LDAP_INVALID_SYNTAX.equals(ex.getLDAPErrorCode())) {
            throw new BadRequestException("Unrecognized or invalid syntax for an attribute.");
        } else if (IdRepoErrorCode.ILLEGAL_ARGUMENTS.equals(ex.getErrorCode())) {
            throw new BadRequestException(ex);
        }
        throw RESOURCE_MAPPING_HANDLER.handleError(ex);
    } catch (SSOException ex) {
        debug.error("IdentityServicesImpl:update", ex);
        throw new BadRequestException(ex.getMessage());
    } catch (ObjectNotFound e) {
        debug.error("IdentityServicesImpl:update", e);
        throw new NotFoundException(e.getMessage());
    }
}
Also used : ForbiddenException(org.forgerock.json.resource.ForbiddenException) Set(java.util.Set) HashSet(java.util.HashSet) HashMap(java.util.HashMap) IdRepoException(com.sun.identity.idm.IdRepoException) NotFoundException(org.forgerock.json.resource.NotFoundException) SSOException(com.iplanet.sso.SSOException) IdType(com.sun.identity.idm.IdType) ObjectNotFound(com.sun.identity.idsvcs.ObjectNotFound) AMIdentity(com.sun.identity.idm.AMIdentity) AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository) BadRequestException(org.forgerock.json.resource.BadRequestException) InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException) Map(java.util.Map) HashMap(java.util.HashMap) HashSet(java.util.HashSet)

Example 10 with ObjectNotFound

use of com.sun.identity.idsvcs.ObjectNotFound in project OpenAM by OpenRock.

the class IdentityResourceV2 method updateInstance.

/**
     * {@inheritDoc}
     */
@Override
public Promise<ResourceResponse, ResourceException> updateInstance(final Context context, final String resourceId, final UpdateRequest request) {
    RealmContext realmContext = context.asContext(RealmContext.class);
    final String realm = realmContext.getResolvedRealm();
    final JsonValue jVal = request.getContent();
    final String rev = request.getRevision();
    IdentityDetails dtls, newDtls;
    ResourceResponse resource;
    try {
        SSOToken token = getSSOToken(getCookieFromServerContext(context));
        // Retrieve details about user to be updated
        dtls = identityServices.read(resourceId, getIdentityServicesAttributes(realm, objectType), token);
        // Continue modifying the identity if read success
        boolean isUpdatingHisOwnPassword = SystemProperties.getAsBoolean(Constants.CASE_SENSITIVE_UUID) ? token.getProperty(ISAuthConstants.USER_ID).equals(resourceId) : token.getProperty(ISAuthConstants.USER_ID).equalsIgnoreCase(resourceId);
        // If the user wants to modify his password, he should use a different action.
        if (isUpdatingHisOwnPassword) {
            for (String key : jVal.keys()) {
                if (USER_PASSWORD.equalsIgnoreCase(key)) {
                    return new BadRequestException("Cannot update user password via PUT. " + "Use POST with _action=changePassword or _action=forgotPassword.").asPromise();
                }
            }
        }
        newDtls = jsonValueToIdentityDetails(objectType, jVal, realm);
        if (newDtls.getAttributes() == null || newDtls.getAttributes().length < 1) {
            throw new BadRequestException("Illegal arguments: One or more required arguments is null or empty");
        }
        if (newDtls.getName() != null && !resourceId.equalsIgnoreCase(newDtls.getName())) {
            throw new BadRequestException("id in path does not match id in request body");
        }
        newDtls.setName(resourceId);
        UserAttributeInfo userAttributeInfo = configHandler.getConfig(realm, UserAttributeInfoBuilder.class);
        // Handle attribute change when password is required
        // Get restSecurity for this realm
        RestSecurity restSecurity = restSecurityProvider.get(realm);
        // Make sure user is not admin and check to see if we are requiring a password to change any attributes
        Set<String> protectedUserAttributes = new HashSet<>();
        protectedUserAttributes.addAll(restSecurity.getProtectedUserAttributes());
        protectedUserAttributes.addAll(userAttributeInfo.getProtectedUpdateAttributes());
        if (!protectedUserAttributes.isEmpty() && !isAdmin(context)) {
            boolean hasReauthenticated = false;
            for (String protectedAttr : protectedUserAttributes) {
                JsonValue jValAttr = jVal.get(protectedAttr);
                if (!jValAttr.isNull()) {
                    // If attribute is not available set newAttr variable to empty string for use in comparison
                    String newAttr = (jValAttr.isString()) ? jValAttr.asString() : "";
                    // Get the value of current attribute
                    String currentAttr = "";
                    Map<String, Set<String>> attrs = asMap(dtls.getAttributes());
                    for (Map.Entry<String, Set<String>> attribute : attrs.entrySet()) {
                        String attributeName = attribute.getKey();
                        if (protectedAttr.equalsIgnoreCase(attributeName)) {
                            currentAttr = attribute.getValue().iterator().next();
                        }
                    }
                    // Compare newAttr and currentAttr
                    if (!currentAttr.equals(newAttr) && !hasReauthenticated) {
                        // check header to make sure that password is there then check to see if it's correct
                        String strCurrentPass = RestUtils.getMimeHeaderValue(context, CURRENT_PASSWORD);
                        if (strCurrentPass != null && !strCurrentPass.isEmpty() && checkValidPassword(resourceId, strCurrentPass.toCharArray(), realm)) {
                            //set a boolean value so we know reauth has been done
                            hasReauthenticated = true;
                        //continue will allow attribute(s) change(s)
                        } else {
                            throw new BadRequestException("Must provide a valid confirmation password to change " + "protected attribute (" + protectedAttr + ") from '" + currentAttr + "' to '" + newAttr + "'");
                        }
                    }
                }
            }
        }
        // update resource with new details
        identityServices.update(newDtls, token);
        String principalName = PrincipalRestUtils.getPrincipalNameFromServerContext(context);
        debug.message("IdentityResource.updateInstance :: UPDATE of resourceId={} in realm={} performed " + "by principalName={}", resourceId, realm, principalName);
        // read updated identity back to client
        IdentityDetails checkIdent = identityServices.read(dtls.getName(), getIdentityServicesAttributes(realm, objectType), token);
        return newResultPromise(this.identityResourceV1.buildResourceResponse(resourceId, context, checkIdent));
    } catch (final ObjectNotFound onf) {
        debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} : Could not find the " + "resource", resourceId, onf);
        return new NotFoundException("Could not find the resource [ " + resourceId + " ] to update", onf).asPromise();
    } catch (final NeedMoreCredentials needMoreCredentials) {
        debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} : Token is not authorized", resourceId, needMoreCredentials);
        return new ForbiddenException("Token is not authorized", needMoreCredentials).asPromise();
    } catch (final TokenExpired tokenExpired) {
        debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} : Unauthorized", resourceId, tokenExpired);
        return new PermanentException(401, "Unauthorized", null).asPromise();
    } catch (final AccessDenied accessDenied) {
        debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} : Access denied", resourceId, accessDenied);
        return new ForbiddenException(accessDenied.getMessage(), accessDenied).asPromise();
    } catch (final GeneralFailure generalFailure) {
        debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={}", resourceId, generalFailure);
        return new BadRequestException(generalFailure.getMessage(), generalFailure).asPromise();
    } catch (BadRequestException bre) {
        debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={}", resourceId, bre);
        return bre.asPromise();
    } catch (NotFoundException e) {
        debug.warning("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} : Could not find the " + "resource", resourceId, e);
        return new NotFoundException("Could not find the resource [ " + resourceId + " ] to update", e).asPromise();
    } catch (ResourceException re) {
        debug.warning("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={} ", resourceId, re);
        return re.asPromise();
    } catch (final Exception e) {
        debug.error("IdentityResource.updateInstance() :: Cannot UPDATE resourceId={}", resourceId, e);
        return new NotFoundException(e.getMessage(), e).asPromise();
    }
}
Also used : UserAttributeInfo(org.forgerock.openam.core.rest.UserAttributeInfo) SSOToken(com.iplanet.sso.SSOToken) Set(java.util.Set) HashSet(java.util.HashSet) NotFoundException(org.forgerock.json.resource.NotFoundException) ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException) ObjectNotFound(com.sun.identity.idsvcs.ObjectNotFound) PermanentException(org.forgerock.json.resource.PermanentException) RestSecurity(org.forgerock.openam.services.RestSecurity) TokenExpired(com.sun.identity.idsvcs.TokenExpired) ResourceException(org.forgerock.json.resource.ResourceException) HashSet(java.util.HashSet) ForbiddenException(org.forgerock.json.resource.ForbiddenException) NeedMoreCredentials(com.sun.identity.idsvcs.NeedMoreCredentials) RealmContext(org.forgerock.openam.rest.RealmContext) JsonValue(org.forgerock.json.JsonValue) AccessDenied(com.sun.identity.idsvcs.AccessDenied) MessagingException(javax.mail.MessagingException) ConflictException(org.forgerock.json.resource.ConflictException) PermanentException(org.forgerock.json.resource.PermanentException) InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException) ForbiddenException(org.forgerock.json.resource.ForbiddenException) DeleteFailedException(org.forgerock.openam.cts.exceptions.DeleteFailedException) SSOException(com.iplanet.sso.SSOException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) NotFoundException(org.forgerock.json.resource.NotFoundException) ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException) NotSupportedException(org.forgerock.json.resource.NotSupportedException) BadRequestException(org.forgerock.json.resource.BadRequestException) IdRepoException(com.sun.identity.idm.IdRepoException) SMSException(com.sun.identity.sm.SMSException) ResourceException(org.forgerock.json.resource.ResourceException) CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException) Responses.newResourceResponse(org.forgerock.json.resource.Responses.newResourceResponse) ResourceResponse(org.forgerock.json.resource.ResourceResponse) GeneralFailure(com.sun.identity.idsvcs.GeneralFailure) IdentityDetails(com.sun.identity.idsvcs.IdentityDetails) BadRequestException(org.forgerock.json.resource.BadRequestException) Map(java.util.Map) IdentityServicesImpl.asMap(com.sun.identity.idsvcs.opensso.IdentityServicesImpl.asMap) LinkedHashMap(java.util.LinkedHashMap)

Aggregations

ObjectNotFound (com.sun.identity.idsvcs.ObjectNotFound)15 IdRepoException (com.sun.identity.idm.IdRepoException)14 SSOException (com.iplanet.sso.SSOException)12 BadRequestException (org.forgerock.json.resource.BadRequestException)12 NotFoundException (org.forgerock.json.resource.NotFoundException)12 ForbiddenException (org.forgerock.json.resource.ForbiddenException)10 InternalServerErrorException (org.forgerock.json.resource.InternalServerErrorException)10 IdentityDetails (com.sun.identity.idsvcs.IdentityDetails)9 AccessDenied (com.sun.identity.idsvcs.AccessDenied)7 GeneralFailure (com.sun.identity.idsvcs.GeneralFailure)7 TokenExpired (com.sun.identity.idsvcs.TokenExpired)7 SMSException (com.sun.identity.sm.SMSException)7 ConflictException (org.forgerock.json.resource.ConflictException)7 PermanentException (org.forgerock.json.resource.PermanentException)7 ResourceException (org.forgerock.json.resource.ResourceException)7 AMIdentity (com.sun.identity.idm.AMIdentity)6 NeedMoreCredentials (com.sun.identity.idsvcs.NeedMoreCredentials)6 ServiceNotFoundException (com.sun.identity.sm.ServiceNotFoundException)6 UnsupportedEncodingException (java.io.UnsupportedEncodingException)6 MessagingException (javax.mail.MessagingException)6