Example 31 with GeneralException
use of edu.uiuc.ncsa.security.core.exceptions.GeneralException in project OA4MP by ncsa.
the class AccessTokenServlet method verifyAndGet.
@Override
public ServiceTransaction verifyAndGet(IssuerResponse iResponse) throws IOException {
ATResponse atResponse = (ATResponse) iResponse;
Verifier verifier = atResponse.getVerifier();
debug("5.a. verifier = " + atResponse.getVerifier());
checkTimestamp(verifier.getToken());
ServiceTransaction transaction = (ServiceTransaction) getTransactionStore().get(verifier);
if (transaction == null) {
throw new TransactionNotFoundException("No transaction found for verifier " + verifier);
}
checkClientApproval(transaction.getClient());
String cc = "client=" + transaction.getClient().getIdentifierString();
info("5.a. " + cc);
debug("5.a. grant valid=" + transaction.isAuthGrantValid() + ", at valid=" + transaction.isAccessTokenValid());
if (!transaction.isAuthGrantValid() || transaction.isAccessTokenValid()) {
String msg = "Error: the state of the transaction is invalid for auth grant " + transaction.getAuthorizationGrant();
warn(msg);
throw new GeneralException(msg);
}
return transaction;
}
Also used :
GeneralException(edu.uiuc.ncsa.security.core.exceptions.GeneralException)
ServiceTransaction(edu.uiuc.ncsa.security.delegation.server.ServiceTransaction)
TransactionNotFoundException(edu.uiuc.ncsa.security.core.exceptions.TransactionNotFoundException)
Verifier(edu.uiuc.ncsa.security.delegation.token.Verifier)
ATResponse(edu.uiuc.ncsa.security.delegation.server.request.ATResponse)
Example 32 with GeneralException
use of edu.uiuc.ncsa.security.core.exceptions.GeneralException in project OA4MP by ncsa.
the class CertServlet method verifyAndGet.
public ServiceTransaction verifyAndGet(IssuerResponse iResponse) throws IOException {
PAResponse par = (PAResponse) iResponse;
AccessToken accessToken = par.getAccessToken();
ServiceTransaction t = (ServiceTransaction) getTransactionStore().get(accessToken);
if (t == null) {
throw new GeneralException("Error: no transaction found for access token \"" + accessToken + "\"");
}
if (!t.isAccessTokenValid()) {
throw new GeneralException("Error: invalid access token. Request refused");
}
checkClientApproval(t.getClient());
checkTimestamp(accessToken.getToken());
return t;
}
Also used :
GeneralException(edu.uiuc.ncsa.security.core.exceptions.GeneralException)
ServiceTransaction(edu.uiuc.ncsa.security.delegation.server.ServiceTransaction)
AccessToken(edu.uiuc.ncsa.security.delegation.token.AccessToken)
PAResponse(edu.uiuc.ncsa.security.delegation.server.request.PAResponse)
Example 33 with GeneralException
use of edu.uiuc.ncsa.security.core.exceptions.GeneralException in project OA4MP by ncsa.
the class InitServlet method verifyAndGet.
@Override
public ServiceTransaction verifyAndGet(IssuerResponse iResponse) throws IOException {
AGResponse agResponse = (AGResponse) iResponse;
Map<String, String> params = agResponse.getParameters();
ServiceTransaction transaction = newTransaction();
transaction.setAuthorizationGrant(agResponse.getGrant());
debug("creating transaction for trans id=" + transaction.getIdentifierString());
transaction.setAuthGrantValid(false);
transaction.setAccessTokenValid(false);
transaction.setCallback(URI.create(params.get(OAUTH_CALLBACK)));
MyPKCS10CertRequest certReq = null;
// Fix for CIL-409
if (!params.containsKey(CERT_REQUEST)) {
throw new GeneralException("Error: missing cert request parameter.");
}
String rawCR = params.get(CERT_REQUEST);
if (isEmpty(rawCR)) {
throw new GeneralException("Error: empty cert request.");
}
try {
certReq = CertUtil.fromStringToCertReq(rawCR);
} catch (Throwable throwable) {
throwable.printStackTrace();
throw new GeneralException("Error: cert request is bad/not understandable:" + (rawCR == null ? "(null)" : rawCR), throwable);
}
transaction.setCertReq(certReq);
// Assumption here is that the cert lifetime is in milliseconds
transaction.setLifetime(Long.parseLong(params.get(CERT_LIFETIME)));
return transaction;
}
Also used :
GeneralException(edu.uiuc.ncsa.security.core.exceptions.GeneralException)
ServiceTransaction(edu.uiuc.ncsa.security.delegation.server.ServiceTransaction)
AGResponse(edu.uiuc.ncsa.security.delegation.server.request.AGResponse)
MyPKCS10CertRequest(edu.uiuc.ncsa.security.util.pkcs.MyPKCS10CertRequest)
Example 34 with GeneralException
use of edu.uiuc.ncsa.security.core.exceptions.GeneralException in project OA4MP by ncsa.
the class JGlobusUtil method createProxyCertificate.
public static X509Certificate createProxyCertificate(X509Certificate baseCert, PrivateKey generatedPrivateKey, PublicKey publicKey, int certLifetimeInSeconds) {
// Sign a cert req from OAuth client using a cert obtained from MyProxy server
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
ProxyPolicy policy = new ProxyPolicy(ProxyPolicy.LIMITED);
ProxyCertInfo proxyCertInfo = new ProxyCertInfo(policy);
X509ExtensionSet extSet = new X509ExtensionSet();
extSet.add(new ProxyCertInfoExtension(proxyCertInfo));
BouncyCastleCertProcessingFactory factory = BouncyCastleCertProcessingFactory.getDefault();
try {
// add the cert afterwards so there is no issue with modifying the list early.
X509Certificate x = factory.createProxyCertificate(baseCert, generatedPrivateKey, publicKey, certLifetimeInSeconds, GSI_4_LIMITED_PROXY, extSet, null);
return x;
} catch (GeneralSecurityException e) {
String errMsg = "3.c. Error: signing a limited proxy credential: " + e.getMessage();
// throw it.
throw new GeneralException(errMsg, e);
}
}
Also used :
X509ExtensionSet(org.globus.gsi.X509ExtensionSet)
GeneralException(edu.uiuc.ncsa.security.core.exceptions.GeneralException)
GeneralSecurityException(java.security.GeneralSecurityException)
ProxyPolicy(org.globus.gsi.proxy.ext.ProxyPolicy)
ProxyCertInfoExtension(org.globus.gsi.proxy.ext.ProxyCertInfoExtension)
BouncyCastleCertProcessingFactory(org.globus.gsi.bc.BouncyCastleCertProcessingFactory)
ProxyCertInfo(org.globus.gsi.proxy.ext.ProxyCertInfo)
X509Certificate(java.security.cert.X509Certificate)
Example 35 with GeneralException
use of edu.uiuc.ncsa.security.core.exceptions.GeneralException in project OA4MP by ncsa.
the class AdminClientServer method get.
public AbstractACResponse get(ACGetRequest request) {
if (request.getAdminClient().getIdentifierString().length() == 0) {
throw new GeneralException("Error: No supplied admin client identifier.");
}
AdminClient adminClient = getAdminClientStore().get(request.getAdminClient().getIdentifier());
// do not return the secret or its hash
adminClient.setSecret("");
return new ACGetResponse(adminClient, cose.getClientApprovalStore().isApproved(adminClient.getIdentifier()));
}
Also used :
GeneralException(edu.uiuc.ncsa.security.core.exceptions.GeneralException)
AdminClient(edu.uiuc.ncsa.myproxy.oa4mp.server.admin.adminClient.AdminClient)
Aggregations
GeneralException (edu.uiuc.ncsa.security.core.exceptions.GeneralException)53
ServiceTransaction (edu.uiuc.ncsa.security.delegation.server.ServiceTransaction)9
SQLException (java.sql.SQLException)8
Connection (java.sql.Connection)7
PreparedStatement (java.sql.PreparedStatement)7
ResultSet (java.sql.ResultSet)7
Identifier (edu.uiuc.ncsa.security.core.Identifier)5
BasicIdentifier (edu.uiuc.ncsa.security.core.util.BasicIdentifier)5
MyPKCS10CertRequest (edu.uiuc.ncsa.security.util.pkcs.MyPKCS10CertRequest)5
X509Certificate (java.security.cert.X509Certificate)5
AssetResponse (edu.uiuc.ncsa.myproxy.oa4mp.client.AssetResponse)4
TransactionState (edu.uiuc.ncsa.security.delegation.servlet.TransactionState)4
AccessToken (edu.uiuc.ncsa.security.delegation.token.AccessToken)4
AuthorizationGrant (edu.uiuc.ncsa.security.delegation.token.AuthorizationGrant)4
OA2SE (edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2SE)3
OA2ServiceTransaction (edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2ServiceTransaction)3
ColumnMap (edu.uiuc.ncsa.security.storage.sql.internals.ColumnMap)3
File (java.io.File)3
IOException (java.io.IOException)3
HashMap (java.util.HashMap)3
