Search in sources :

Example 1 with UnknownClientException

use of edu.uiuc.ncsa.security.core.exceptions.UnknownClientException in project OA4MP by ncsa.

the class OA2CertServlet method getClient.

/**
 * This looks for the information about the client and checks the secret.
 *
 * @param req
 * @return
 */
@Override
public Client getClient(HttpServletRequest req) {
    String rawID = req.getParameter(CONST(CONSUMER_KEY));
    String rawSecret = getFirstParameterValue(req, CLIENT_SECRET);
    // According to the spec. this must be in a Basic Authz header if it is not sent as parameter
    List<String> basicTokens = HeaderUtils.getAuthHeader(req, "Basic");
    if (2 < basicTokens.size()) {
        // too many tokens to unscramble
        throw new OA2GeneralError(OA2Errors.INVALID_TOKEN, "Error: Too many authorization tokens.", HttpStatus.SC_UNAUTHORIZED);
    // throw new GeneralException("Too many authorization tokens");
    }
    if (rawID == null) {
        for (String x : basicTokens) {
            try {
                // Here is some detective work. We get up to TWO basic Authz headers with the id and secret.
                // Since ids are valid URIs the idea here is anything that is uri must be an id and the other
                // one is the secret. This also handles the case that one of these is sent as a parameter
                // in the call and the other is in the header.
                URI test = URI.create(x);
                // be the secret.
                if (test.getScheme() != null) {
                    rawID = x;
                } else {
                    rawSecret = x;
                }
            } catch (Throwable t) {
                if (rawSecret == null) {
                    rawSecret = x;
                }
            }
        }
    }
    if (rawID == null) {
        throw new UnknownClientException("No client id");
    }
    Identifier id = BasicIdentifier.newID(rawID);
    OA2Client client = (OA2Client) getClient(id);
    if (client.isPublicClient()) {
        throw new GeneralException("Error: public clients not supported for this operation.");
    }
    if (rawSecret == null) {
        throw new GeneralException("Error: No secret. request refused.");
    }
    if (!client.getSecret().equals(DigestUtils.shaHex(rawSecret))) {
        throw new GeneralException("Error: Secret is incorrect. request refused.");
    }
    return client;
}
Also used : OA2Client(edu.uiuc.ncsa.security.oauth_2_0.OA2Client) BasicIdentifier(edu.uiuc.ncsa.security.core.util.BasicIdentifier) Identifier(edu.uiuc.ncsa.security.core.Identifier) GeneralException(edu.uiuc.ncsa.security.core.exceptions.GeneralException) UnknownClientException(edu.uiuc.ncsa.security.core.exceptions.UnknownClientException) OA2GeneralError(edu.uiuc.ncsa.security.oauth_2_0.OA2GeneralError) URI(java.net.URI)

Example 2 with UnknownClientException

use of edu.uiuc.ncsa.security.core.exceptions.UnknownClientException in project OA4MP by ncsa.

the class MyProxyDelegationServlet method getClient.

public Client getClient(Identifier identifier) {
    if (identifier == null) {
        throw new UnknownClientException("no client id");
    }
    Client c = getServiceEnvironment().getClientStore().get(identifier);
    if (c == null) {
        DebugUtil.dbg(this, "client name is " + getServiceEnvironment().getClientStore().getClass().getSimpleName());
        DebugUtil.dbg(this, "client store is a " + getServiceEnvironment().getClientStore());
        if (getServiceEnvironment().getClientStore().size() == 0) {
            System.err.println("NO ENTRIES IN CLIENT STORE");
        } else {
            System.err.println("Store contains " + getServiceEnvironment().getClientStore().size() + " entries.");
        }
        System.err.println("printing identifiers...");
        for (Identifier x : getServiceEnvironment().getClientStore().keySet()) {
            System.err.println(x);
        }
        System.err.println("done!");
        String ww = "The client with identifier \"" + identifier.toString() + "\"  cannot be found.";
        warn(ww + " Client store is " + getServiceEnvironment().getClientStore());
        throw new UnknownClientException(ww + "  Is the value in the client config correct?", identifier);
    }
    checkClientApproval(c);
    return c;
}
Also used : BasicIdentifier(edu.uiuc.ncsa.security.core.util.BasicIdentifier) Identifier(edu.uiuc.ncsa.security.core.Identifier) UnknownClientException(edu.uiuc.ncsa.security.core.exceptions.UnknownClientException) Client(edu.uiuc.ncsa.security.delegation.storage.Client)

Aggregations

Identifier (edu.uiuc.ncsa.security.core.Identifier)2 UnknownClientException (edu.uiuc.ncsa.security.core.exceptions.UnknownClientException)2 BasicIdentifier (edu.uiuc.ncsa.security.core.util.BasicIdentifier)2 GeneralException (edu.uiuc.ncsa.security.core.exceptions.GeneralException)1 Client (edu.uiuc.ncsa.security.delegation.storage.Client)1 OA2Client (edu.uiuc.ncsa.security.oauth_2_0.OA2Client)1 OA2GeneralError (edu.uiuc.ncsa.security.oauth_2_0.OA2GeneralError)1 URI (java.net.URI)1