Search in sources :

Example 1 with Rp

use of io.jans.ca.server.service.Rp in project jans by JanssenProject.

the class Cli method main.

public static void main(String[] args) {
    CommandLineParser parser = new DefaultParser();
    CommandLine cmd = null;
    String rpId;
    switchOffLogging();
    try {
        cmd = parser.parse(options(), args);
        rpId = cmd.getOptionValue("rp_id");
        Injector injector = ServerLauncher.getInjector();
        final RpServerConfiguration conf = parseConfiguration(cmd.getOptionValue("c"));
        injector.getInstance(ConfigurationService.class).setConfiguration(conf);
        injector.getInstance(PersistenceService.class).create();
        RpService rpService = injector.getInstance(RpService.class);
        RpSyncService rpSyncService = injector.getInstance(RpSyncService.class);
        rpService.load();
        // check multiple options
        if (hasMultipleActionOptions(cmd)) {
            System.out.println("Multiple parameters in command is not allowed.");
            printHelpAndExit();
            return;
        }
        // list
        if (cmd.hasOption("l")) {
            if (hasListParameterValue(args)) {
                System.out.println("Warning: Arguments after list parameter is not required, hence will be ignored.");
            }
            final Collection<Rp> values = rpService.getRps().values();
            if (values.isEmpty()) {
                System.out.println("There are no any entries yet in database.");
                return;
            }
            System.out.println("rp_id                                client_name");
            for (Rp rp : values) {
                System.out.println(String.format("%s  %s", rp.getRpId(), rp.getClientName() != null ? rp.getClientName() : ""));
            }
            return;
        }
        // view by oxd_id
        if (cmd.hasOption("rp_id")) {
            print(rpId, rpSyncService.getRp(rpId));
            return;
        }
        if (cmd.hasOption("d")) {
            // delete
            if (rpService.remove(cmd.getOptionValue("d"))) {
                System.out.println("Entry removed successfully.");
            } else {
                System.out.println("Failed to remove entry from database.");
            }
            return;
        }
        System.out.println("Unable to recognize valid parameter.");
        printHelpAndExit();
    } catch (ParseException e) {
        System.out.println(e.getMessage());
        printHelpAndExit();
    } catch (RuntimeException e) {
        // oxd is running and keeps h2 database locked, so we connect to oxd-server and fetch RP via client connection
        if (cmd != null) {
            tryToConnectToRunningRp(cmd);
        } else {
            printHelpAndExit();
        }
    } catch (Throwable e) {
        System.out.println("Failed to run jans_client_api CLI (make sure jans_client_api was run at least one time and database file is created). Error: " + e.getMessage());
        e.printStackTrace();
        System.exit(1);
    }
}
Also used : PersistenceService(io.jans.ca.server.persistence.service.PersistenceService) Injector(com.google.inject.Injector) RpSyncService(io.jans.ca.server.service.RpSyncService) ConfigurationService(io.jans.ca.server.service.ConfigurationService) RpService(io.jans.ca.server.service.RpService) Rp(io.jans.ca.server.service.Rp)

Example 2 with Rp

use of io.jans.ca.server.service.Rp in project jans by JanssenProject.

the class RegisterSiteOperation method validateParametersAndFallbackIfNeeded.

private void validateParametersAndFallbackIfNeeded(RegisterSiteParams params) {
    if (StringUtils.isNotBlank(params.getClientId()) && StringUtils.isBlank(params.getClientSecret())) {
        throw new HttpException(ErrorResponseCode.INVALID_CLIENT_SECRET_REQUIRED);
    }
    if (StringUtils.isNotBlank(params.getClientSecret()) && StringUtils.isBlank(params.getClientId())) {
        throw new HttpException(ErrorResponseCode.INVALID_CLIENT_ID_REQUIRED);
    }
    Rp fallback = getConfigurationService().defaultRp();
    // op_configuration_endpoint
    LOG.info("Either 'op_configuration_endpoint' or 'op_host' should be set. jans_client_api will now check which of these parameter is available.");
    if (StringUtils.isBlank(params.getOpConfigurationEndpoint())) {
        LOG.warn("'op_configuration_endpoint' is not set for parameter: " + params + ". Look up at configuration file for fallback of 'op_configuration_endpoint'.");
        String fallbackOpConfigurationEndpoint = fallback.getOpConfigurationEndpoint();
        if (StringUtils.isNotBlank(fallbackOpConfigurationEndpoint)) {
            LOG.warn("Fallback to op_configuration_endpoint: " + fallbackOpConfigurationEndpoint + ", from configuration file.");
            params.setOpConfigurationEndpoint(fallbackOpConfigurationEndpoint);
        }
    }
    // op_host
    if (Strings.isNullOrEmpty(params.getOpHost()) && Strings.isNullOrEmpty(params.getOpConfigurationEndpoint())) {
        LOG.error("Either 'op_configuration_endpoint' or 'op_host' should be set. Parameter: " + params);
        throw new HttpException(ErrorResponseCode.INVALID_OP_HOST_AND_CONFIGURATION_ENDPOINT);
    }
    // grant_type
    List<String> grantTypes = Lists.newArrayList();
    if (params.getGrantTypes() != null && !params.getGrantTypes().isEmpty()) {
        grantTypes.addAll(params.getGrantTypes());
    }
    if (grantTypes.isEmpty() && fallback.getGrantType() != null && !fallback.getGrantType().isEmpty()) {
        grantTypes.addAll(fallback.getGrantType());
    }
    if (!grantTypes.contains(GrantType.CLIENT_CREDENTIALS.getValue()) && getConfigurationService().getConfiguration().getAddClientCredentialsGrantTypeAutomaticallyDuringClientRegistration()) {
        grantTypes.add(GrantType.CLIENT_CREDENTIALS.getValue());
    }
    params.setGrantTypes(grantTypes);
    // post_logout_redirect_uri
    if (params.getPostLogoutRedirectUris() != null && params.getPostLogoutRedirectUris().isEmpty() && fallback.getPostLogoutRedirectUris() != null && !fallback.getPostLogoutRedirectUris().isEmpty()) {
        params.setPostLogoutRedirectUris(fallback.getPostLogoutRedirectUris());
    }
    // response_type
    List<String> responseTypes = Lists.newArrayList();
    if (params.getResponseTypes() != null && !params.getResponseTypes().isEmpty()) {
        responseTypes.addAll(params.getResponseTypes());
    }
    if (responseTypes.isEmpty() && fallback.getResponseTypes() != null && !fallback.getResponseTypes().isEmpty()) {
        responseTypes.addAll(fallback.getResponseTypes());
    }
    if (responseTypes.isEmpty()) {
        responseTypes.add("code");
    }
    params.setResponseTypes(responseTypes);
    // redirect_uris
    if (params.getRedirectUris() == null || params.getRedirectUris().isEmpty()) {
        params.setRedirectUris(fallback.getRedirectUris());
    }
    Set<String> redirectUris = Sets.newLinkedHashSet();
    if (params.getRedirectUris() != null && !params.getRedirectUris().isEmpty() && params.getRedirectUris().stream().allMatch(uri -> Utils.isValidUrl(uri))) {
        redirectUris.addAll(params.getRedirectUris());
    } else {
        throw new HttpException(ErrorResponseCode.INVALID_REDIRECT_URI);
    }
    final Boolean autoRegister = getConfigurationService().getConfiguration().getUma2AuthRegisterClaimsGatheringEndpointAsRedirectUriOfClient();
    if (autoRegister != null && autoRegister && !redirectUris.isEmpty()) {
        String first = redirectUris.iterator().next();
        if (first.contains(getDiscoveryService().getConnectDiscoveryResponse(params.getOpConfigurationEndpoint(), params.getOpHost(), params.getOpDiscoveryPath()).getIssuer())) {
            final UmaMetadata discovery = getDiscoveryService().getUmaDiscovery(params.getOpConfigurationEndpoint(), params.getOpHost(), params.getOpDiscoveryPath());
            String autoRedirectUri = discovery.getClaimsInteractionEndpoint() + "?authentication=true";
            LOG.trace("Register claims interaction endpoint as redirect_uri: " + autoRedirectUri);
            redirectUris.add(autoRedirectUri);
        } else {
            LOG.trace("Skip auto registration of claims interaction endpoint as redirect_uri because OP host for different uri's is different which will not pass AS redirect_uri's validation (same host must be present).");
        }
    }
    params.setRedirectUris(Lists.newArrayList(redirectUris));
    // claims_redirect_uri
    if ((params.getClaimsRedirectUri() == null || params.getClaimsRedirectUri().isEmpty()) && (fallback.getClaimsRedirectUri() != null && !fallback.getClaimsRedirectUri().isEmpty())) {
        params.setClaimsRedirectUri(fallback.getClaimsRedirectUri());
    }
    Set<String> claimsRedirectUris = Sets.newHashSet();
    if (params.getClaimsRedirectUri() != null && !params.getClaimsRedirectUri().isEmpty()) {
        claimsRedirectUris.addAll(params.getClaimsRedirectUri());
    }
    params.setClaimsRedirectUri(Lists.newArrayList(claimsRedirectUris));
    // scope
    if (params.getScope() == null || params.getScope().isEmpty()) {
        params.setScope(fallback.getScope());
    }
    if (params.getScope() == null || params.getScope().isEmpty()) {
        throw new HttpException(ErrorResponseCode.INVALID_SCOPE);
    }
    // acr_values
    if (params.getAcrValues() == null || params.getAcrValues().isEmpty()) {
        params.setAcrValues(fallback.getAcrValues());
    }
    // client_jwks_uri
    if (Strings.isNullOrEmpty(params.getClientJwksUri()) && !Strings.isNullOrEmpty(fallback.getClientJwksUri())) {
        params.setClientJwksUri(fallback.getClientJwksUri());
    }
    // contacts
    if (params.getContacts() == null || params.getContacts().isEmpty()) {
        params.setContacts(fallback.getContacts());
    }
    // ui_locales
    if (params.getUiLocales() == null || params.getUiLocales().isEmpty()) {
        params.setUiLocales(fallback.getUiLocales());
    }
    // claims_locales
    if ((params.getClaimsLocales() == null || params.getClaimsLocales().isEmpty()) && (fallback.getClaimsLocales() != null && !fallback.getClaimsLocales().isEmpty())) {
        params.setClaimsLocales(fallback.getClaimsLocales());
    }
    // client_name
    if (StringUtils.isBlank(params.getClientName()) && StringUtils.isNotBlank(fallback.getClientName())) {
        params.setClientName(fallback.getClientName());
    }
    // client_jwks_uri
    if (StringUtils.isBlank(params.getClientJwksUri()) && StringUtils.isNotBlank(fallback.getClientJwksUri())) {
        params.setClientJwksUri(fallback.getClientJwksUri());
    }
    // token_endpoint_auth_method
    if (StringUtils.isBlank(params.getClientTokenEndpointAuthMethod()) && StringUtils.isNotBlank(fallback.getTokenEndpointAuthMethod())) {
        params.setClientTokenEndpointAuthMethod(fallback.getTokenEndpointAuthMethod());
    }
    // token_endpoint_auth_signing_alg
    if (StringUtils.isBlank(params.getClientTokenEndpointAuthSigningAlg()) && StringUtils.isNotBlank(fallback.getTokenEndpointAuthSigningAlg())) {
        params.setClientTokenEndpointAuthSigningAlg(fallback.getTokenEndpointAuthSigningAlg());
    }
    // request_uris
    if ((params.getClientRequestUris() == null || params.getClientRequestUris().isEmpty()) && (fallback.getRequestUris() != null && !fallback.getRequestUris().isEmpty())) {
        params.setClientRequestUris(fallback.getRequestUris());
    }
    // front_channel_logout_uris
    if (StringUtils.isBlank(params.getClientFrontchannelLogoutUri()) && StringUtils.isNotBlank(fallback.getFrontChannelLogoutUri())) {
        params.setClientFrontchannelLogoutUri(fallback.getFrontChannelLogoutUri());
    }
    // sector_identifier_uri
    if (StringUtils.isBlank(params.getClientSectorIdentifierUri()) && StringUtils.isNotBlank(fallback.getSectorIdentifierUri())) {
        params.setClientSectorIdentifierUri(fallback.getSectorIdentifierUri());
    }
    // client_id
    if (StringUtils.isBlank(params.getClientId()) && StringUtils.isNotBlank(fallback.getClientId())) {
        params.setClientId(fallback.getClientId());
    }
    // client_secret
    if (StringUtils.isBlank(params.getClientSecret()) && StringUtils.isNotBlank(fallback.getClientSecret())) {
        params.setClientSecret(fallback.getClientSecret());
    }
    // access_token_signing_alg
    if (StringUtils.isBlank(params.getAccessTokenSigningAlg()) && StringUtils.isNotBlank(fallback.getAccessTokenSigningAlg())) {
        params.setAccessTokenSigningAlg(fallback.getAccessTokenSigningAlg());
    }
    // logo_uri
    if (StringUtils.isBlank(params.getLogoUri()) && StringUtils.isNotBlank(fallback.getLogoUri())) {
        params.setLogoUri(fallback.getLogoUri());
    }
    // client_uri
    if (StringUtils.isBlank(params.getClientUri()) && StringUtils.isNotBlank(fallback.getClientUri())) {
        params.setClientUri(fallback.getClientUri());
    }
    // policy_uri
    if (StringUtils.isBlank(params.getPolicyUri()) && StringUtils.isNotBlank(fallback.getPolicyUri())) {
        params.setPolicyUri(fallback.getPolicyUri());
    }
    // tos_uri
    if (StringUtils.isBlank(params.getTosUri()) && StringUtils.isNotBlank(fallback.getTosUri())) {
        params.setTosUri(fallback.getTosUri());
    }
    // jwks
    if (StringUtils.isBlank(params.getJwks()) && StringUtils.isNotBlank(fallback.getJwks())) {
        params.setJwks(fallback.getJwks());
    }
    // id_token_binding_cnf
    if (StringUtils.isBlank(params.getIdTokenBindingCnf()) && StringUtils.isNotBlank(fallback.getIdTokenBindingCnf())) {
        params.setIdTokenBindingCnf(fallback.getIdTokenBindingCnf());
    }
    // tls_client_auth_subject_dn
    if (StringUtils.isBlank(params.getTlsClientAuthSubjectDn()) && StringUtils.isNotBlank(fallback.getTlsClientAuthSubjectDn())) {
        params.setTlsClientAuthSubjectDn(fallback.getTlsClientAuthSubjectDn());
    }
    // id_token_signed_response_alg
    if (StringUtils.isBlank(params.getIdTokenSignedResponseAlg()) && StringUtils.isNotBlank(fallback.getIdTokenSignedResponseAlg())) {
        params.setIdTokenSignedResponseAlg(fallback.getIdTokenSignedResponseAlg());
    }
    // id_token_encrypted_response_alg
    if (StringUtils.isBlank(params.getIdTokenEncryptedResponseAlg()) && StringUtils.isNotBlank(fallback.getIdTokenEncryptedResponseAlg())) {
        params.setIdTokenEncryptedResponseAlg(fallback.getIdTokenEncryptedResponseAlg());
    }
    // id_token_encrypted_response_enc
    if (StringUtils.isBlank(params.getIdTokenEncryptedResponseEnc()) && StringUtils.isNotBlank(fallback.getIdTokenEncryptedResponseEnc())) {
        params.setIdTokenEncryptedResponseEnc(fallback.getIdTokenEncryptedResponseEnc());
    }
    // user_info_signed_response_alg
    if (StringUtils.isBlank(params.getUserInfoSignedResponseAlg()) && StringUtils.isNotBlank(fallback.getUserInfoSignedResponseAlg())) {
        params.setUserInfoSignedResponseAlg(fallback.getUserInfoSignedResponseAlg());
    }
    // user_info_encrypted_response_alg
    if (StringUtils.isBlank(params.getUserInfoEncryptedResponseAlg()) && StringUtils.isNotBlank(fallback.getUserInfoEncryptedResponseAlg())) {
        params.setUserInfoEncryptedResponseAlg(fallback.getUserInfoEncryptedResponseAlg());
    }
    // user_info_encrypted_response_enc
    if (StringUtils.isBlank(params.getUserInfoEncryptedResponseEnc()) && StringUtils.isNotBlank(fallback.getUserInfoEncryptedResponseEnc())) {
        params.setUserInfoEncryptedResponseEnc(fallback.getUserInfoEncryptedResponseEnc());
    }
    // request_object_signing_alg
    if (StringUtils.isBlank(params.getRequestObjectSigningAlg()) && StringUtils.isNotBlank(fallback.getRequestObjectSigningAlg())) {
        params.setRequestObjectSigningAlg(fallback.getRequestObjectSigningAlg());
    }
    // request_object_encryption_alg
    if (StringUtils.isBlank(params.getRequestObjectEncryptionAlg()) && StringUtils.isNotBlank(fallback.getRequestObjectEncryptionAlg())) {
        params.setRequestObjectEncryptionAlg(fallback.getRequestObjectEncryptionAlg());
    }
    // request_object_encryption_enc
    if (StringUtils.isBlank(params.getRequestObjectEncryptionEnc()) && StringUtils.isNotBlank(fallback.getRequestObjectEncryptionEnc())) {
        params.setRequestObjectEncryptionEnc(fallback.getRequestObjectEncryptionEnc());
    }
    // default_max_age
    if (params.getDefaultMaxAge() == null && fallback.getDefaultMaxAge() != null) {
        params.setDefaultMaxAge(fallback.getDefaultMaxAge());
    }
    // initiate_login_uri
    if (StringUtils.isBlank(params.getInitiateLoginUri()) && StringUtils.isNotBlank(fallback.getInitiateLoginUri())) {
        params.setInitiateLoginUri(fallback.getInitiateLoginUri());
    }
    // authorized_origins
    if ((params.getAuthorizedOrigins() == null || params.getAuthorizedOrigins().isEmpty()) && (fallback.getAuthorizedOrigins() != null && !fallback.getAuthorizedOrigins().isEmpty())) {
        params.setAuthorizedOrigins(fallback.getAuthorizedOrigins());
    }
    // access_token_lifetime
    if (params.getAccessTokenLifetime() == null && fallback.getAccessTokenLifetime() != null) {
        params.setAccessTokenLifetime(fallback.getAccessTokenLifetime());
    }
    // software_id
    if (StringUtils.isBlank(params.getSoftwareId()) && StringUtils.isNotBlank(fallback.getSoftwareId())) {
        params.setSoftwareId(fallback.getSoftwareId());
    }
    // software_version
    if (StringUtils.isBlank(params.getSoftwareVersion()) && StringUtils.isNotBlank(fallback.getSoftwareVersion())) {
        params.setSoftwareVersion(fallback.getSoftwareVersion());
    }
    // software_statement
    if (StringUtils.isBlank(params.getSoftwareStatement()) && StringUtils.isNotBlank(fallback.getSoftwareStatement())) {
        params.setSoftwareStatement(fallback.getSoftwareStatement());
    }
    // custom_attributes
    if ((params.getCustomAttributes() == null || params.getCustomAttributes().isEmpty()) && (fallback.getCustomAttributes() != null && !fallback.getCustomAttributes().isEmpty())) {
        params.setCustomAttributes(fallback.getCustomAttributes());
    }
    // access_token_as_jwt
    if (params.getAccessTokenAsJwt() == null) {
        params.setAccessTokenAsJwt(fallback.getAccessTokenAsJwt());
    }
    // rpt_as_jwt
    if (params.getRptAsJwt() == null) {
        params.setRptAsJwt(fallback.getRptAsJwt());
    }
    // front_channel_logout_session_required
    if (params.getFrontChannelLogoutSessionRequired() == null) {
        params.setFrontChannelLogoutSessionRequired(fallback.getFrontChannelLogoutSessionRequired());
    }
    // run_introspection_script_beforeaccess_token_as_jwt_creation_and_include_claims
    if (params.getRunIntrospectionScriptBeforeAccessTokenAsJwtCreationAndIncludeClaims() == null) {
        params.setRunIntrospectionScriptBeforeAccessTokenAsJwtCreationAndIncludeClaims(fallback.getRunIntrospectionScriptBeforeAccessTokenAsJwtCreationAndIncludeClaims());
    }
    // require_auth_time
    if (params.getRequireAuthTime() == null) {
        params.setRequireAuthTime(fallback.getRequireAuthTime());
    }
}
Also used : StringUtils(org.apache.commons.lang.StringUtils) SubjectType(io.jans.as.model.common.SubjectType) RegisterSiteParams(io.jans.ca.common.params.RegisterSiteParams) Utils(io.jans.ca.server.Utils) LoggerFactory(org.slf4j.LoggerFactory) RegisterRequestMapper(io.jans.ca.server.mapper.RegisterRequestMapper) BlockEncryptionAlgorithm(io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm) NumberUtils(org.apache.commons.lang.math.NumberUtils) ArrayList(java.util.ArrayList) HttpException(io.jans.ca.server.HttpException) Strings(com.google.common.base.Strings) ApplicationType(io.jans.as.model.register.ApplicationType) ErrorResponseCode(io.jans.ca.common.ErrorResponseCode) IOpResponse(io.jans.ca.common.response.IOpResponse) Lists(com.google.common.collect.Lists) CollectionUtils(org.apache.commons.collections.CollectionUtils) RegisterClient(io.jans.as.client.RegisterClient) Command(io.jans.ca.common.Command) Logger(org.slf4j.Logger) Set(java.util.Set) SignatureAlgorithm(io.jans.as.model.crypto.signature.SignatureAlgorithm) UUID(java.util.UUID) RegisterRequest(io.jans.as.client.RegisterRequest) RegisterSiteResponse(io.jans.ca.common.response.RegisterSiteResponse) Sets(com.google.common.collect.Sets) Injector(com.google.inject.Injector) UmaMetadata(io.jans.as.model.uma.UmaMetadata) RegisterResponse(io.jans.as.client.RegisterResponse) List(java.util.List) AuthenticationMethod(io.jans.as.model.common.AuthenticationMethod) Preconditions(com.google.common.base.Preconditions) GrantType(io.jans.as.model.common.GrantType) KeyEncryptionAlgorithm(io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm) Rp(io.jans.ca.server.service.Rp) UmaMetadata(io.jans.as.model.uma.UmaMetadata) HttpException(io.jans.ca.server.HttpException) Rp(io.jans.ca.server.service.Rp)

Example 3 with Rp

use of io.jans.ca.server.service.Rp in project jans by JanssenProject.

the class RsProtectOperation method validate.

private void validate(RsProtectParams params) {
    if (params.getResources() == null || params.getResources().isEmpty()) {
        throw new HttpException(ErrorResponseCode.NO_UMA_RESOURCES_TO_PROTECT);
    }
    if (!ResourceValidator.isHttpMethodUniqueInPath(params.getResources())) {
        throw new HttpException(ErrorResponseCode.UMA_HTTP_METHOD_NOT_UNIQUE);
    }
    if (params.getResources() != null) {
        for (RsResource resource : params.getResources()) {
            if (resource.getConditions() != null) {
                for (Condition condition : resource.getConditions()) {
                    if (condition.getScopeExpression() != null) {
                        String json = condition.getScopeExpression().toString();
                        if (StringUtils.isNotBlank(json) && !json.equalsIgnoreCase("null")) {
                            boolean nodeValid = JsonLogicNodeParser.isNodeValid(json);
                            LOG.trace("Scope expression validator - Valid: " + nodeValid + ", expression: " + json);
                            if (!nodeValid) {
                                throw new HttpException(ErrorResponseCode.UMA_FAILED_TO_VALIDATE_SCOPE_EXPRESSION);
                            }
                            validateScopeExpression(json);
                        }
                    }
                }
            }
        }
    }
    Rp rp = getRp();
    List<UmaResource> existingUmaResources = rp.getUmaProtectedResources();
    if (existingUmaResources != null && !existingUmaResources.isEmpty()) {
        if (params.getOverwrite() == null || !params.getOverwrite()) {
            throw new HttpException(ErrorResponseCode.UMA_PROTECTION_FAILED_BECAUSE_RESOURCES_ALREADY_EXISTS);
        } else {
            // remove existing resources, overwrite=true
            UmaMetadata discovery = getDiscoveryService().getUmaDiscoveryByRpId(params.getRpId());
            String pat = getUmaTokenService().getPat(params.getRpId()).getToken();
            UmaResourceService resourceService = UmaClientFactory.instance().createResourceService(discovery, getHttpService().getClientEngine());
            for (UmaResource resource : existingUmaResources) {
                LOG.trace("Removing existing resource " + resource.getId() + " ...");
                resourceService.deleteResource("Bearer " + pat, resource.getId());
                LOG.trace("Removed existing resource " + resource.getId() + ".");
            }
            rp.getUmaProtectedResources().clear();
            getRpService().updateSilently(rp);
        }
    }
}
Also used : Condition(io.jans.ca.rs.protect.Condition) UmaMetadata(io.jans.as.model.uma.UmaMetadata) RsResource(io.jans.ca.rs.protect.RsResource) UmaResourceService(io.jans.as.client.uma.UmaResourceService) HttpException(io.jans.ca.server.HttpException) Rp(io.jans.ca.server.service.Rp) UmaResource(io.jans.ca.server.model.UmaResource)

Example 4 with Rp

use of io.jans.ca.server.service.Rp in project jans by JanssenProject.

the class RsProtectOperation method execute.

@Override
public IOpResponse execute(final RsProtectParams params) throws Exception {
    validate(params);
    Rp rp = getRp();
    PatProvider patProvider = new PatProvider() {

        @Override
        public String getPatToken() {
            return getUmaTokenService().getPat(params.getRpId()).getToken();
        }

        @Override
        public void clearPat() {
        // do nothing
        }
    };
    ResourceRegistrar registrar = getOpClientFactory().createResourceRegistrar(patProvider, new ServiceProvider(rp.getOpHost()));
    try {
        registrar.register(params.getResources());
    } catch (ClientErrorException e) {
        LOG.debug("Failed to register resource. Entity: " + e.getResponse().readEntity(String.class) + ", status: " + e.getResponse().getStatus(), e);
        if (e.getResponse().getStatus() == 400 || e.getResponse().getStatus() == 401) {
            LOG.debug("Try maybe PAT is lost on AS, force refresh PAT and re-try ...");
            // force to refresh PAT
            getUmaTokenService().obtainPat(params.getRpId());
            registrar.register(params.getResources());
        } else {
            throw e;
        }
    } catch (Exception e) {
        LOG.error(e.getMessage(), e);
        throw e;
    }
    persist(registrar, rp);
    return new RsProtectResponse(rp.getRpId());
}
Also used : ServiceProvider(io.jans.ca.rs.protect.resteasy.ServiceProvider) RsProtectResponse(io.jans.ca.common.response.RsProtectResponse) PatProvider(io.jans.ca.rs.protect.resteasy.PatProvider) ClientErrorException(javax.ws.rs.ClientErrorException) ResourceRegistrar(io.jans.ca.rs.protect.resteasy.ResourceRegistrar) Rp(io.jans.ca.server.service.Rp) ClientErrorException(javax.ws.rs.ClientErrorException) HttpException(io.jans.ca.server.HttpException) IOException(java.io.IOException)

Example 5 with Rp

use of io.jans.ca.server.service.Rp in project jans by JanssenProject.

the class JansPersistenceService method getRp.

public Rp getRp(String rpId) {
    try {
        RpObject rpFromGluuPersistance = getRpObject(rpId, new String[0]);
        Rp rp = MigrationService.parseRp(rpFromGluuPersistance.getData());
        if (rp != null) {
            LOG.debug("Found RP id: {}, RP : {} ", rpId, rp);
            return rp;
        }
        LOG.error("Failed to fetch RP by id: {} ", rpId);
        return null;
    } catch (Exception e) {
        LOG.error("Failed to update rpId: {} ", rpId, e);
    }
    return null;
}
Also used : RpObject(io.jans.ca.server.persistence.modal.RpObject) Rp(io.jans.ca.server.service.Rp) SQLException(java.sql.SQLException) EntryPersistenceException(io.jans.orm.exception.EntryPersistenceException)

Aggregations

Rp (io.jans.ca.server.service.Rp)28 HttpException (io.jans.ca.server.HttpException)13 Injector (com.google.inject.Injector)4 OpenIdConfigurationResponse (io.jans.as.client.OpenIdConfigurationResponse)4 RegisterRequest (io.jans.as.client.RegisterRequest)4 SignatureAlgorithm (io.jans.as.model.crypto.signature.SignatureAlgorithm)4 Jwt (io.jans.as.model.jwt.Jwt)4 UmaMetadata (io.jans.as.model.uma.UmaMetadata)4 IOpResponse (io.jans.ca.common.response.IOpResponse)4 Lists (com.google.common.collect.Lists)3 Command (io.jans.ca.common.Command)3 ErrorResponseCode (io.jans.ca.common.ErrorResponseCode)3 RegisterSiteResponse (io.jans.ca.common.response.RegisterSiteResponse)3 Utils (io.jans.ca.server.Utils)3 List (java.util.List)3 StringUtils (org.apache.commons.lang.StringUtils)3 Test (org.testng.annotations.Test)3 Strings (com.google.common.base.Strings)2 Sets (com.google.common.collect.Sets)2 RegisterClient (io.jans.as.client.RegisterClient)2