Examples with ApiResponses com.wordnik.swagger.annotations.ApiResponses used on opensource projects

Example 26 with ApiResponses

use of com.wordnik.swagger.annotations.ApiResponses in project oxAuth by GluuFederation.

the class CreateRptWS method getGat.

@Path("gat")
@POST
@Produces({ UmaConstants.JSON_MEDIA_TYPE })
@ApiOperation(value = "The endpoint at which the requester asks the AM to issue an GAT", produces = UmaConstants.JSON_MEDIA_TYPE, notes = "The endpoint at which the requester asks the AM to issue an GAT")
@ApiResponses(value = { @ApiResponse(code = 401, message = "Unauthorized") })
public Response getGat(@HeaderParam("Authorization") String authorization, @HeaderParam("Host") String amHost, GatRequest request, @Context HttpServletRequest httpRequest) {
    try {
        umaValidationService.assertHasAuthorizationScope(authorization);
        String validatedAmHost = umaValidationService.validateAmHost(amHost);
        UmaRPT rpt = rptManager.createRPT(authorization, validatedAmHost, true);
        authorizeGat(request, rpt, authorization, httpRequest);
        String rptResponse = rpt.getCode();
        final Boolean umaRptAsJwt = appConfiguration.getUmaRptAsJwt();
        if (umaRptAsJwt != null && umaRptAsJwt) {
            rptResponse = createJwr(rpt, authorization, request.getScopes()).asString();
        }
        return Response.status(Response.Status.CREATED).entity(ServerUtil.asJson(new RPTResponse(rptResponse))).build();
    } catch (Exception ex) {
        log.error("Exception happened", ex);
        if (ex instanceof WebApplicationException) {
            throw (WebApplicationException) ex;
        }
        throw new WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(errorResponseFactory.getUmaJsonErrorResponse(UmaErrorResponseType.SERVER_ERROR)).build());
    }
}

Example 27 with ApiResponses

use of com.wordnik.swagger.annotations.ApiResponses in project oxAuth by GluuFederation.

the class CreateRptWS method getRpt.

@Path("rpt")
@POST
@Produces({ UmaConstants.JSON_MEDIA_TYPE })
@ApiOperation(value = "The endpoint at which the requester asks the AM to issue an RPT", produces = UmaConstants.JSON_MEDIA_TYPE, notes = "The endpoint at which the requester asks the AM to issue an RPT")
@ApiResponses(value = { @ApiResponse(code = 401, message = "Unauthorized") })
public Response getRpt(@HeaderParam("Authorization") String authorization, @HeaderParam("Host") String amHost) {
    try {
        umaValidationService.assertHasAuthorizationScope(authorization);
        String validatedAmHost = umaValidationService.validateAmHost(amHost);
        UmaRPT rpt = rptManager.createRPT(authorization, validatedAmHost, false);
        String rptResponse = rpt.getCode();
        final Boolean umaRptAsJwt = appConfiguration.getUmaRptAsJwt();
        if (umaRptAsJwt != null && umaRptAsJwt) {
            rptResponse = createJwr(rpt, authorization, Lists.<String>newArrayList()).asString();
        }
        return Response.status(Response.Status.CREATED).entity(ServerUtil.asJson(new RPTResponse(rptResponse))).build();
    } catch (Exception ex) {
        log.error("Exception happened", ex);
        if (ex instanceof WebApplicationException) {
            throw (WebApplicationException) ex;
        }
        throw new WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(errorResponseFactory.getUmaJsonErrorResponse(UmaErrorResponseType.SERVER_ERROR)).build());
    }
}

Example 28 with ApiResponses

use of com.wordnik.swagger.annotations.ApiResponses in project oxAuth by GluuFederation.

the class PermissionRegistrationWS method registerResourceSetPermission.

@POST
@Consumes({ UmaConstants.JSON_MEDIA_TYPE })
@Produces({ UmaConstants.JSON_MEDIA_TYPE })
@ApiOperation(value = "Registers permission using the POST method", consumes = UmaConstants.JSON_MEDIA_TYPE, produces = UmaConstants.JSON_MEDIA_TYPE, notes = "The resource server uses the POST method at the endpoint. The body of the HTTP request message contains a JSON object providing the requested permission, using a format derived from the scope description format specified in [OAuth-resource-reg], as follows. The object has the following properties:")
@ApiResponses(value = { @ApiResponse(code = 401, message = "Unauthorized"), @ApiResponse(code = 400, message = "Bad Request") })
public Response registerResourceSetPermission(@Context HttpServletRequest request, @HeaderParam("Authorization") String authorization, @HeaderParam("Host") String amHost, @ApiParam(value = "The identifier for a resource set to which this client is seeking access. The identifier MUST correspond to a resource set that was previously registered.", required = true) UmaPermission resourceSetPermissionRequest) {
    try {
        umaValidationService.assertHasProtectionScope(authorization);
        String validatedAmHost = umaValidationService.validateAmHost(amHost);
        umaValidationService.validateResourceSet(resourceSetPermissionRequest);
        final ResourceSetPermission resourceSetPermissions = resourceSetPermissionManager.createResourceSetPermission(validatedAmHost, resourceSetPermissionRequest, umaRsPermissionService.rptExpirationDate());
        resourceSetPermissionManager.addResourceSetPermission(resourceSetPermissions, tokenService.getClientDn(authorization));
        return Response.status(Response.Status.CREATED).entity(new PermissionTicket(resourceSetPermissions.getTicket())).build();
    } catch (Exception ex) {
        if (ex instanceof WebApplicationException) {
            throw (WebApplicationException) ex;
        }
        log.error("Exception happened", ex);
        throw new WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(errorResponseFactory.getUmaJsonErrorResponse(UmaErrorResponseType.SERVER_ERROR)).build());
    }
}

Example 29 with ApiResponses

use of com.wordnik.swagger.annotations.ApiResponses in project oxAuth by GluuFederation.

the class ResourceSetRegistrationWS method getResourceSetList.

/**
     * Gets resource set lists.
     * ATTENTION: "scope" is parameter added by gluu to have additional filtering.
     * There is no such parameter in UMA specification.
     *
     * @param authorization authorization
     * @param scope         scope of resource set for additional filtering, can blank string.
     * @return resource set ids.
     */
@GET
@Produces({ UmaConstants.JSON_MEDIA_TYPE })
@ApiOperation(value = "Lists all previously registered resource set identifiers for this user using the GET method.", notes = "Lists all previously registered resource set identifiers for this user using the GET method. The authorization server MUST return the list in the form of a JSON array of {rsid} string values.\n" + "\n" + "The resource server uses this method as a first step in checking whether its understanding of protected resources is in full synchronization with the authorization server's understanding.", response = ResourceSet.class)
@ApiResponses(value = { @ApiResponse(code = 401, message = "Unauthorized") })
public List<String> getResourceSetList(@HeaderParam("Authorization") String authorization, @QueryParam("scope") @ApiParam(value = "Scope uri", required = false) String scope) {
    try {
        log.trace("Getting list of resource set descriptions.");
        final AuthorizationGrant authorizationGrant = umaValidationService.assertHasProtectionScope(authorization);
        final String clientDn = authorizationGrant.getClientDn();
        final List<org.xdi.oxauth.model.uma.persistence.ResourceSet> ldapResourceSets = resourceSetService.getResourceSetsByAssociatedClient(clientDn);
        final List<String> result = new ArrayList<String>(ldapResourceSets.size());
        for (org.xdi.oxauth.model.uma.persistence.ResourceSet ldapResourceSet : ldapResourceSets) {
            // if scope parameter is not null then filter by it, otherwise just add to result
            if (StringUtils.isNotBlank(scope)) {
                final List<String> scopeUrlsByDns = umaScopeService.getScopeUrlsByDns(ldapResourceSet.getScopes());
                if (scopeUrlsByDns != null && scopeUrlsByDns.contains(scope)) {
                    result.add(ldapResourceSet.getId());
                }
            } else {
                result.add(ldapResourceSet.getId());
            }
        }
        return result;
    } catch (Exception ex) {
        log.error("Exception happened on getResourceSetList()", ex);
        if (ex instanceof WebApplicationException) {
            throw (WebApplicationException) ex;
        }
    }
    errorResponseFactory.throwUmaInternalErrorException();
    // redundant but required by java
    return Lists.newArrayList();
}

Example 30 with ApiResponses

use of com.wordnik.swagger.annotations.ApiResponses in project oxAuth by GluuFederation.

the class GluuConfigurationWS method getConfiguration.

@GET
@Produces({ "application/json" })
@ApiOperation(value = "Provides configuration data as json document. It contains non-standard OpenID Connect discovery metadata supported by the Gluu server.", response = GluuConfiguration.class)
@ApiResponses(value = { @ApiResponse(code = 500, message = "Failed to build gluu configuration json object.") })
public Response getConfiguration() {
    try {
        final GluuConfiguration conf = new GluuConfiguration();
        conf.setIdGenerationEndpoint(appConfiguration.getIdGenerationEndpoint());
        conf.setIntrospectionEndpoint(appConfiguration.getIntrospectionEndpoint());
        conf.setAuthLevelMapping(createAuthLevelMapping());
        conf.setScopeToClaimsMapping(createScopeToClaimsMapping());
        // convert manually to avoid possible conflicts between resteasy
        // providers, e.g. jettison, jackson
        final String entity = ServerUtil.asPrettyJson(conf);
        log.trace("Gluu configuration: {}", entity);
        return Response.ok(entity).build();
    } catch (Throwable ex) {
        log.error(ex.getMessage(), ex);
        throw new WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(errorResponseFactory.getErrorResponse(GluuErrorResponseType.SERVER_ERROR)).build());
    }
}