Example 1 with BadClientCredentialsException
use of io.gravitee.am.common.exception.oauth2.BadClientCredentialsException in project gravitee-access-management by gravitee-io.
the class LoginSSOPOSTEndpoint method handle.
@Override
public void handle(RoutingContext routingContext) {
// Prepare context to render post form.
final MultiMap queryParams = RequestUtils.getCleanedQueryParams(routingContext.request());
routingContext.put(ACTION_KEY, queryParams.get(ACTION_KEY));
routingContext.put(FORM_PARAMETERS, queryParams.remove(ACTION_KEY));
if (StringUtils.isEmpty(routingContext.get(ACTION_KEY)) || ((MultiMap) routingContext.get(FORM_PARAMETERS)).isEmpty()) {
routingContext.fail(new BadClientCredentialsException());
return;
}
// Render login SSO POST form.
engine.render(routingContext.data(), "login_sso_post", res -> {
if (res.succeeded()) {
routingContext.response().putHeader(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_HTML);
routingContext.response().end(res.result());
} else {
logger.error("Unable to render Login SSO POST page", res.cause());
routingContext.fail(res.cause());
}
});
}
Also used :
MultiMap(io.vertx.reactivex.core.MultiMap)
BadClientCredentialsException(io.gravitee.am.common.exception.oauth2.BadClientCredentialsException)
Example 2 with BadClientCredentialsException
use of io.gravitee.am.common.exception.oauth2.BadClientCredentialsException in project gravitee-access-management by gravitee-io.
the class LogoutCallbackEndpoint method restoreCurrentSession.
/**
* Restore current session (user and application) to properly sign out the user.
*
* @param routingContext the routing context
* @param handler handler holding the potential current session
*/
private void restoreCurrentSession(RoutingContext routingContext, Handler<AsyncResult<UserToken>> handler) {
// The OP SHOULD accept ID Tokens when the RP identified by the ID Token's aud claim and/or sid claim has a current session
// or had a recent session at the OP, even when the exp time has passed.
final MultiMap originalLogoutQueryParams = routingContext.get(ConstantKeys.PARAM_CONTEXT_KEY);
if (originalLogoutQueryParams != null && originalLogoutQueryParams.contains(ConstantKeys.ID_TOKEN_HINT_KEY)) {
final String idToken = originalLogoutQueryParams.get(ConstantKeys.ID_TOKEN_HINT_KEY);
userService.extractSessionFromIdToken(idToken).map(userToken -> {
// check if the user ids match
if (userToken.getUser() != null && routingContext.user() != null) {
User endUser = ((io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) routingContext.user().getDelegate()).getUser();
if (!userToken.getUser().getId().equals(endUser.getId())) {
throw new UserNotFoundException(userToken.getUser().getId());
}
}
return userToken;
}).subscribe(currentSession -> handler.handle(Future.succeededFuture(currentSession)), error -> handler.handle(Future.succeededFuture(new UserToken())));
return;
}
if (routingContext.get(Parameters.CLIENT_ID) == null) {
logger.error("Unable to restore client for logout callback");
handler.handle(Future.failedFuture(new InvalidRequestException("Invalid state")));
return;
}
final User endUser = routingContext.user() != null ? ((io.gravitee.am.gateway.handler.common.vertx.web.auth.user.User) routingContext.user().getDelegate()).getUser() : null;
final String clientId = routingContext.get(Parameters.CLIENT_ID);
clientSyncService.findByClientId(clientId).subscribe(client -> handler.handle(Future.succeededFuture(new UserToken(endUser, client))), ex -> {
logger.error("An error has occurred when getting client {}", clientId, ex);
handler.handle(Future.failedFuture(new BadClientCredentialsException()));
}, () -> {
logger.error("Unknown client {}", clientId);
handler.handle(Future.failedFuture(new BadClientCredentialsException()));
});
}
Also used :
BadClientCredentialsException(io.gravitee.am.common.exception.oauth2.BadClientCredentialsException)
AuthenticationFlowContextService(io.gravitee.am.service.AuthenticationFlowContextService)
RequestUtils(io.gravitee.am.gateway.handler.common.vertx.utils.RequestUtils)
Logger(org.slf4j.Logger)
HttpServerRequest(io.vertx.reactivex.core.http.HttpServerRequest)
Client(io.gravitee.am.model.oidc.Client)
CertificateManager(io.gravitee.am.gateway.handler.common.certificate.CertificateManager)
LoggerFactory(org.slf4j.LoggerFactory)
UserService(io.gravitee.am.gateway.handler.root.service.user.UserService)
ConstantKeys(io.gravitee.am.common.utils.ConstantKeys)
Domain(io.gravitee.am.model.Domain)
Future(io.vertx.core.Future)
RoutingContext(io.vertx.reactivex.ext.web.RoutingContext)
UserNotFoundException(io.gravitee.am.service.exception.UserNotFoundException)
MultiMap(io.vertx.reactivex.core.MultiMap)
InvalidRequestException(io.gravitee.am.common.exception.oauth2.InvalidRequestException)
UserToken(io.gravitee.am.gateway.handler.root.service.user.model.UserToken)
JWTService(io.gravitee.am.gateway.handler.common.jwt.JWTService)
ClientSyncService(io.gravitee.am.gateway.handler.common.client.ClientSyncService)
AsyncResult(io.vertx.core.AsyncResult)
User(io.gravitee.am.model.User)
Handler(io.vertx.core.Handler)
Parameters(io.gravitee.am.common.oauth2.Parameters)
StringUtils(org.springframework.util.StringUtils)
UserNotFoundException(io.gravitee.am.service.exception.UserNotFoundException)
User(io.gravitee.am.model.User)
MultiMap(io.vertx.reactivex.core.MultiMap)
BadClientCredentialsException(io.gravitee.am.common.exception.oauth2.BadClientCredentialsException)
InvalidRequestException(io.gravitee.am.common.exception.oauth2.InvalidRequestException)
UserToken(io.gravitee.am.gateway.handler.root.service.user.model.UserToken)
Aggregations
BadClientCredentialsException (io.gravitee.am.common.exception.oauth2.BadClientCredentialsException)2
MultiMap (io.vertx.reactivex.core.MultiMap)2
InvalidRequestException (io.gravitee.am.common.exception.oauth2.InvalidRequestException)1
Parameters (io.gravitee.am.common.oauth2.Parameters)1
ConstantKeys (io.gravitee.am.common.utils.ConstantKeys)1
CertificateManager (io.gravitee.am.gateway.handler.common.certificate.CertificateManager)1
ClientSyncService (io.gravitee.am.gateway.handler.common.client.ClientSyncService)1
JWTService (io.gravitee.am.gateway.handler.common.jwt.JWTService)1
RequestUtils (io.gravitee.am.gateway.handler.common.vertx.utils.RequestUtils)1
UserService (io.gravitee.am.gateway.handler.root.service.user.UserService)1
UserToken (io.gravitee.am.gateway.handler.root.service.user.model.UserToken)1
Domain (io.gravitee.am.model.Domain)1
User (io.gravitee.am.model.User)1
Client (io.gravitee.am.model.oidc.Client)1
AuthenticationFlowContextService (io.gravitee.am.service.AuthenticationFlowContextService)1
UserNotFoundException (io.gravitee.am.service.exception.UserNotFoundException)1
AsyncResult (io.vertx.core.AsyncResult)1
Future (io.vertx.core.Future)1
Handler (io.vertx.core.Handler)1
HttpServerRequest (io.vertx.reactivex.core.http.HttpServerRequest)1
