Search in sources :

Example 16 with ApplicationException

use of io.jans.ca.plugin.adminui.model.exception.ApplicationException in project jans by JanssenProject.

the class OAuth2Service method getAccessToken.

/**
 * Calls token endpoint from the Identity Provider and returns a valid Access Token.
 */
public TokenResponse getAccessToken(String code) throws ApplicationException {
    try {
        log.debug("Getting access token with code");
        if (Strings.isNullOrEmpty(code)) {
            log.error(ErrorResponse.AUTHORIZATION_CODE_BLANK.getDescription());
            throw new ApplicationException(Response.Status.BAD_REQUEST.getStatusCode(), ErrorResponse.AUTHORIZATION_CODE_BLANK.getDescription());
        }
        AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration();
        TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
        tokenRequest.setCode(code);
        tokenRequest.setAuthUsername(auiConfiguration.getAuthServerClientId());
        tokenRequest.setAuthPassword(auiConfiguration.getAuthServerClientSecret());
        tokenRequest.setGrantType(GrantType.AUTHORIZATION_CODE);
        tokenRequest.setRedirectUri(auiConfiguration.getAuthServerRedirectUrl());
        tokenRequest.setScope(auiConfiguration.getAuthServerScope());
        io.jans.as.client.TokenResponse tokenResponse = getToken(tokenRequest, auiConfiguration.getAuthServerTokenEndpoint());
        TokenResponse tokenResp = new TokenResponse();
        tokenResp.setAccessToken(tokenResponse.getAccessToken());
        tokenResp.setIdToken(tokenResponse.getIdToken());
        tokenResp.setRefreshToken(tokenResponse.getRefreshToken());
        return tokenResp;
    } catch (ApplicationException e) {
        log.error(ErrorResponse.GET_ACCESS_TOKEN_ERROR.getDescription());
        throw e;
    } catch (Exception e) {
        log.error(ErrorResponse.GET_ACCESS_TOKEN_ERROR.getDescription(), e);
        throw new ApplicationException(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), ErrorResponse.GET_ACCESS_TOKEN_ERROR.getDescription());
    }
}
Also used : ApplicationException(io.jans.ca.plugin.adminui.model.exception.ApplicationException) TokenResponse(io.jans.ca.plugin.adminui.model.auth.TokenResponse) AUIConfiguration(io.jans.ca.plugin.adminui.model.config.AUIConfiguration) TokenRequest(io.jans.as.client.TokenRequest) ApplicationException(io.jans.ca.plugin.adminui.model.exception.ApplicationException) UnsupportedEncodingException(java.io.UnsupportedEncodingException)

Example 17 with ApplicationException

use of io.jans.ca.plugin.adminui.model.exception.ApplicationException in project jans by JanssenProject.

the class OAuth2Service method getApiProtectionToken.

/**
 * Calls token endpoint from the Identity Provider and returns a valid Access Token.
 */
public TokenResponse getApiProtectionToken(String userInfoJwt) throws ApplicationException {
    try {
        log.debug("Getting api-protection token");
        AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration();
        TokenRequest tokenRequest = new TokenRequest(GrantType.CLIENT_CREDENTIALS);
        tokenRequest.setAuthUsername(auiConfiguration.getTokenServerClientId());
        tokenRequest.setAuthPassword(auiConfiguration.getTokenServerClientSecret());
        tokenRequest.setGrantType(GrantType.CLIENT_CREDENTIALS);
        tokenRequest.setRedirectUri(auiConfiguration.getTokenServerRedirectUrl());
        if (Strings.isNullOrEmpty(userInfoJwt)) {
            log.warn(ErrorResponse.USER_INFO_JWT_BLANK.getDescription());
            tokenRequest.setScope(scopeAsString(Arrays.asList(OAuth2Resource.SCOPE_OPENID)));
        }
        io.jans.as.client.TokenResponse tokenResponse = getToken(tokenRequest, auiConfiguration.getTokenServerTokenEndpoint(), userInfoJwt);
        final Jwt tokenJwt = Jwt.parse(tokenResponse.getAccessToken());
        Map<String, Object> claims = getClaims(tokenJwt);
        TokenResponse tokenResp = new TokenResponse();
        tokenResp.setAccessToken(tokenResponse.getAccessToken());
        tokenResp.setIdToken(tokenResponse.getIdToken());
        tokenResp.setRefreshToken(tokenResponse.getRefreshToken());
        final String SCOPE = "scope";
        if (claims.get(SCOPE) instanceof List) {
            tokenResp.setScopes((List) claims.get(SCOPE));
        }
        if (claims.get("iat") != null) {
            tokenResp.setIat(Long.valueOf(claims.get("iat").toString()));
        }
        if (claims.get("exp") != null) {
            tokenResp.setExp(Long.valueOf(claims.get("exp").toString()));
        }
        if (claims.get("iss") != null) {
            tokenResp.setIssuer(claims.get("iss").toString());
        }
        return tokenResp;
    } catch (Exception e) {
        log.error(ErrorResponse.GET_API_PROTECTION_TOKEN_ERROR.getDescription(), e);
        throw new ApplicationException(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), ErrorResponse.GET_API_PROTECTION_TOKEN_ERROR.getDescription());
    }
}
Also used : Jwt(io.jans.as.model.jwt.Jwt) ApplicationException(io.jans.ca.plugin.adminui.model.exception.ApplicationException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) ApplicationException(io.jans.ca.plugin.adminui.model.exception.ApplicationException) TokenResponse(io.jans.ca.plugin.adminui.model.auth.TokenResponse) AUIConfiguration(io.jans.ca.plugin.adminui.model.config.AUIConfiguration) TokenRequest(io.jans.as.client.TokenRequest) JSONObject(org.json.JSONObject) List(java.util.List)

Example 18 with ApplicationException

use of io.jans.ca.plugin.adminui.model.exception.ApplicationException in project jans by JanssenProject.

the class OAuth2Service method getUserInfo.

public UserInfoResponse getUserInfo(UserInfoRequest userInfoRequest) throws ApplicationException {
    ApacheHttpClient43Engine engine = new ApacheHttpClient43Engine();
    try {
        log.debug("Getting User-Info from auth-server: {}", userInfoRequest.getAccessToken());
        AUIConfiguration auiConfiguration = auiConfigurationService.getAUIConfiguration();
        String accessToken = org.apache.logging.log4j.util.Strings.isNotBlank(userInfoRequest.getAccessToken()) ? userInfoRequest.getAccessToken() : null;
        if (Strings.isNullOrEmpty(userInfoRequest.getCode()) && Strings.isNullOrEmpty(accessToken)) {
            log.error(ErrorResponse.CODE_OR_TOKEN_REQUIRED.getDescription());
            throw new ApplicationException(Response.Status.BAD_REQUEST.getStatusCode(), ErrorResponse.CODE_OR_TOKEN_REQUIRED.getDescription());
        }
        if (org.apache.logging.log4j.util.Strings.isNotBlank(userInfoRequest.getCode()) && org.apache.logging.log4j.util.Strings.isBlank(accessToken)) {
            TokenResponse tokenResponse = getAccessToken(userInfoRequest.getCode());
            accessToken = tokenResponse.getAccessToken();
        }
        log.debug("Access Token : {}", accessToken);
        MultivaluedMap<String, String> body = new MultivaluedHashMap<>();
        body.putSingle("access_token", accessToken);
        ResteasyClient client = ((ResteasyClientBuilder) ClientBuilder.newBuilder()).httpEngine(engine).build();
        ResteasyWebTarget target = client.target(UriBuilder.fromPath(auiConfiguration.getAuthServerUserInfoEndpoint()));
        Response response = target.request().header("Authorization", "Bearer " + accessToken).post(Entity.form(body));
        log.debug("User-Info response status code: {}", response.getStatus());
        if (response.getStatus() == 200) {
            String entity = response.readEntity(String.class);
            log.debug("User-Info response entity: {}", entity);
            final Jwt jwtUserInfo = Jwt.parse(entity);
            log.debug("User-Info response jwtUserInfo: {}", jwtUserInfo);
            UserInfoResponse userInfoResponse = new UserInfoResponse();
            userInfoResponse.setClaims(getClaims(jwtUserInfo));
            userInfoResponse.setJwtUserInfo(entity);
            log.debug("User-Info response userInfoResponse: {}", userInfoResponse);
            return userInfoResponse;
        }
    } catch (ApplicationException e) {
        log.error(ErrorResponse.GET_USER_INFO_ERROR.getDescription());
        throw e;
    } catch (Exception e) {
        log.error(ErrorResponse.GET_USER_INFO_ERROR.getDescription(), e);
        throw new ApplicationException(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), ErrorResponse.GET_USER_INFO_ERROR.getDescription());
    } finally {
        if (engine != null) {
            engine.close();
        }
    }
    return null;
}
Also used : ResteasyClient(org.jboss.resteasy.client.jaxrs.ResteasyClient) Jwt(io.jans.as.model.jwt.Jwt) ApacheHttpClient43Engine(org.jboss.resteasy.client.jaxrs.engines.ApacheHttpClient43Engine) ApplicationException(io.jans.ca.plugin.adminui.model.exception.ApplicationException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) MultivaluedHashMap(javax.ws.rs.core.MultivaluedHashMap) ErrorResponse(io.jans.ca.plugin.adminui.utils.ErrorResponse) TokenResponse(io.jans.ca.plugin.adminui.model.auth.TokenResponse) UserInfoResponse(io.jans.ca.plugin.adminui.model.auth.UserInfoResponse) Response(javax.ws.rs.core.Response) ApplicationException(io.jans.ca.plugin.adminui.model.exception.ApplicationException) TokenResponse(io.jans.ca.plugin.adminui.model.auth.TokenResponse) AUIConfiguration(io.jans.ca.plugin.adminui.model.config.AUIConfiguration) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) UserInfoResponse(io.jans.ca.plugin.adminui.model.auth.UserInfoResponse)

Aggregations

ApplicationException (io.jans.ca.plugin.adminui.model.exception.ApplicationException)18 AdminConf (io.jans.as.model.config.adminui.AdminConf)10 AdminPermission (io.jans.as.model.config.adminui.AdminPermission)6 AdminRole (io.jans.as.model.config.adminui.AdminRole)5 RolePermissionMapping (io.jans.as.model.config.adminui.RolePermissionMapping)5 TokenResponse (io.jans.ca.plugin.adminui.model.auth.TokenResponse)5 AUIConfiguration (io.jans.ca.plugin.adminui.model.config.AUIConfiguration)4 ErrorResponse (io.jans.ca.plugin.adminui.utils.ErrorResponse)4 Response (javax.ws.rs.core.Response)4 Lists (com.google.api.client.util.Lists)3 PersistenceEntryManager (io.jans.orm.PersistenceEntryManager)3 UnsupportedEncodingException (java.io.UnsupportedEncodingException)3 java.util (java.util)3 Collectors (java.util.stream.Collectors)3 Inject (javax.inject.Inject)3 Singleton (javax.inject.Singleton)3 CollectionUtils (org.apache.commons.collections.CollectionUtils)3 Logger (org.slf4j.Logger)3 TokenRequest (io.jans.as.client.TokenRequest)2 Jwt (io.jans.as.model.jwt.Jwt)2