Examples with InvalidGrantException io.gravitee.am.gateway.handler.oauth2.exception.InvalidGrantException used on opensource projects

Search in sources :

Example 6 with InvalidGrantException

use of io.gravitee.am.gateway.handler.oauth2.exception.InvalidGrantException in project gravitee-access-management by gravitee-io.

the class ExtensionGrantGranter method resolveResourceOwner.

@Override
protected Maybe<User> resolveResourceOwner(TokenRequest tokenRequest, Client client) {
    return extensionGrantProvider.grant(convert(tokenRequest)).flatMap(endUser -> {
        if (extensionGrant.isCreateUser()) {
            Map<String, Object> additionalInformation = endUser.getAdditionalInformation() == null ? new HashMap<>() : new HashMap<>(endUser.getAdditionalInformation());
            // set source provider
            additionalInformation.put("source", extensionGrant.getIdentityProvider() != null ? extensionGrant.getIdentityProvider() : extensionGrant.getId());
            additionalInformation.put("client_id", client.getId());
            ((DefaultUser) endUser).setAdditionalInformation(additionalInformation);
            return userAuthenticationManager.connect(endUser, false).toMaybe();
        } else {
            // Check that the user is existing from the identity provider
            if (extensionGrant.isUserExists()) {
                if (extensionGrant.getIdentityProvider() == null) {
                    return Maybe.error(new InvalidGrantException("No identity_provider provided"));
                }
                return identityProviderManager.get(extensionGrant.getIdentityProvider()).flatMap(prov -> retrieveUserByUsernameFromIdp(prov, tokenRequest, convert(endUser)).switchIfEmpty(Maybe.defer(() -> {
                    LOGGER.debug("User name '{}' not found, try as the userId", endUser.getUsername());
                    if (endUser.getId() != null) {
                        // so the search by ID should be done with the username...
                        return userService.findById(endUser.getUsername()).flatMap(user -> retrieveUserByUsernameFromIdp(prov, tokenRequest, user));
                    }
                    return Maybe.empty();
                }))).map(idpUser -> {
                    User user = new User();
                    user.setId(endUser.getId());
                    user.setExternalId(idpUser.getId());
                    user.setUsername(endUser.getUsername());
                    Map<String, Object> extraInformation = new HashMap<>(idpUser.getAdditionalInformation());
                    if (endUser.getAdditionalInformation() != null) {
                        extraInformation.putAll(endUser.getAdditionalInformation());
                    }
                    if (user.getLoggedAt() != null) {
                        extraInformation.put(Claims.auth_time, user.getLoggedAt().getTime() / 1000);
                    }
                    extraInformation.put(StandardClaims.PREFERRED_USERNAME, user.getUsername());
                    user.setAdditionalInformation(extraInformation);
                    user.setCreatedAt(idpUser.getCreatedAt());
                    user.setUpdatedAt(idpUser.getUpdatedAt());
                    user.setDynamicRoles(idpUser.getRoles());
                    return user;
                }).switchIfEmpty(Maybe.error(new InvalidGrantException("Unknown user: " + endUser.getId())));
            } else {
                User user = new User();
                // we do not router AM user, user id is the idp user id
                user.setId(endUser.getId());
                user.setUsername(endUser.getUsername());
                user.setAdditionalInformation(endUser.getAdditionalInformation());
                return Maybe.just(user);
            }
        }
    }).onErrorResumeNext(ex -> {
        return Maybe.error(new InvalidGrantException(ex.getMessage()));
    });
}
Also used : Claims(io.gravitee.am.common.oidc.idtoken.Claims) Client(io.gravitee.am.model.oidc.Client) Date(java.util.Date) Authentication(io.gravitee.am.identityprovider.api.Authentication) Maybe(io.reactivex.Maybe) LoggerFactory(org.slf4j.LoggerFactory) IdentityProviderManager(io.gravitee.am.gateway.handler.common.auth.idp.IdentityProviderManager) HashMap(java.util.HashMap) TokenService(io.gravitee.am.gateway.handler.oauth2.service.token.TokenService) Single(io.reactivex.Single) DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) TokenRequestResolver(io.gravitee.am.gateway.handler.oauth2.service.request.TokenRequestResolver) Map(java.util.Map) User(io.gravitee.am.model.User) SimpleAuthenticationContext(io.gravitee.am.identityprovider.api.SimpleAuthenticationContext) InvalidGrantException(io.gravitee.am.gateway.handler.oauth2.exception.InvalidGrantException) StandardClaims(io.gravitee.am.common.oidc.StandardClaims) Logger(org.slf4j.Logger) UserAuthenticationManager(io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager) TokenRequest(io.gravitee.am.gateway.handler.oauth2.service.request.TokenRequest) ExtensionGrantProvider(io.gravitee.am.extensiongrant.api.ExtensionGrantProvider) ExtensionGrant(io.gravitee.am.model.ExtensionGrant) AbstractTokenGranter(io.gravitee.am.gateway.handler.oauth2.service.granter.AbstractTokenGranter) AuthenticationProvider(io.gravitee.am.identityprovider.api.AuthenticationProvider) UnauthorizedClientException(io.gravitee.am.gateway.handler.oauth2.exception.UnauthorizedClientException) List(java.util.List) EndUserAuthentication(io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication) UserService(io.gravitee.am.gateway.handler.common.user.UserService) DefaultUser(io.gravitee.am.identityprovider.api.DefaultUser) User(io.gravitee.am.model.User) HashMap(java.util.HashMap) HashMap(java.util.HashMap) Map(java.util.Map) InvalidGrantException(io.gravitee.am.gateway.handler.oauth2.exception.InvalidGrantException)

Aggregations

InvalidGrantException (io.gravitee.am.gateway.handler.oauth2.exception.InvalidGrantException)6 Client (io.gravitee.am.model.oidc.Client)4 UserAuthenticationManager (io.gravitee.am.gateway.handler.common.auth.user.UserAuthenticationManager)3 AbstractTokenGranter (io.gravitee.am.gateway.handler.oauth2.service.granter.AbstractTokenGranter)3 TokenRequest (io.gravitee.am.gateway.handler.oauth2.service.request.TokenRequest)3 TokenService (io.gravitee.am.gateway.handler.oauth2.service.token.TokenService)3 User (io.gravitee.am.model.User)3 Maybe (io.reactivex.Maybe)3 Single (io.reactivex.Single)3 InvalidRequestException (io.gravitee.am.common.exception.oauth2.InvalidRequestException)2 RequiredClaims (io.gravitee.am.common.exception.uma.RequiredClaims)2 GrantType (io.gravitee.am.common.oauth2.GrantType)2 EndUserAuthentication (io.gravitee.am.gateway.handler.common.auth.user.EndUserAuthentication)2 TokenRequestResolver (io.gravitee.am.gateway.handler.oauth2.service.request.TokenRequestResolver)2 SimpleAuthenticationContext (io.gravitee.am.identityprovider.api.SimpleAuthenticationContext)2 InvalidTokenException (io.gravitee.am.common.exception.oauth2.InvalidTokenException)1 UmaException (io.gravitee.am.common.exception.uma.UmaException)1 JWT (io.gravitee.am.common.jwt.JWT)1 Parameters (io.gravitee.am.common.oauth2.Parameters)1 PASSWORD (io.gravitee.am.common.oauth2.Parameters.PASSWORD)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial