Examples with OAuthSystemException org.apache.amber.oauth2.common.exception.OAuthSystemException used on opensource projects

Search in sources :

Example 51 with OAuthSystemException

use of org.apache.amber.oauth2.common.exception.OAuthSystemException in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2Util method getAccessTokenDOFromMatchingTokenIssuer.

/**
 * Loop through provided token issuer list and tries to get the access token DO.
 *
 * @param tokenIdentifier Provided token identifier.
 * @param tokenIssuerMap  List of token issuers.
 * @return Obtained matching access token DO if possible.
 * @throws IdentityOAuth2Exception
 */
private static AccessTokenDO getAccessTokenDOFromMatchingTokenIssuer(String tokenIdentifier, Map<String, OauthTokenIssuer> tokenIssuerMap, boolean includeExpired) throws IdentityOAuth2Exception {
    AccessTokenDO accessTokenDO;
    if (tokenIssuerMap != null) {
        for (Map.Entry<String, OauthTokenIssuer> oauthTokenIssuerEntry : tokenIssuerMap.entrySet()) {
            try {
                OauthTokenIssuer oauthTokenIssuer = oauthTokenIssuerEntry.getValue();
                String tokenAlias = oauthTokenIssuer.getAccessTokenHash(tokenIdentifier);
                if (oauthTokenIssuer.usePersistedAccessTokenAlias()) {
                    accessTokenDO = OAuth2Util.getAccessTokenDOFromTokenIdentifier(tokenAlias, includeExpired);
                } else {
                    accessTokenDO = OAuth2Util.getAccessTokenDOFromTokenIdentifier(tokenIdentifier, includeExpired);
                }
                if (accessTokenDO != null) {
                    return accessTokenDO;
                }
            } catch (OAuthSystemException e) {
                if (log.isDebugEnabled()) {
                    if (IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.ACCESS_TOKEN)) {
                        log.debug("Token issuer: " + oauthTokenIssuerEntry.getKey() + " was tried and" + " failed to parse the received token: " + tokenIdentifier);
                    } else {
                        log.debug("Token issuer: " + oauthTokenIssuerEntry.getKey() + " was tried and" + " failed to parse the received token.");
                    }
                }
            } catch (IllegalArgumentException e) {
                if (log.isDebugEnabled()) {
                    if (IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.ACCESS_TOKEN)) {
                        log.debug("Token issuer: " + oauthTokenIssuerEntry.getKey() + " was tried and" + " failed to get the token from database: " + tokenIdentifier);
                    } else {
                        log.debug("Token issuer: " + oauthTokenIssuerEntry.getKey() + " was tried and" + " failed  to get the token from database.");
                    }
                }
            }
        }
    }
    return null;
}
Also used : AccessTokenDO(org.wso2.carbon.identity.oauth2.model.AccessTokenDO) OauthTokenIssuer(org.wso2.carbon.identity.oauth2.token.OauthTokenIssuer) OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException) Map(java.util.Map) TreeMap(java.util.TreeMap) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) HashMap(java.util.HashMap)

Example 52 with OAuthSystemException

use of org.apache.amber.oauth2.common.exception.OAuthSystemException in project identity-inbound-auth-oauth by wso2-extensions.

the class RefreshGrantHandler method createTokens.

private void createTokens(AccessTokenDO accessTokenDO, OAuthTokenReqMessageContext tokReqMsgCtx) throws IdentityOAuth2Exception {
    try {
        OauthTokenIssuer oauthTokenIssuer = OAuth2Util.getOAuthTokenIssuerForOAuthApp(accessTokenDO.getConsumerKey());
        String accessToken = oauthTokenIssuer.accessToken(tokReqMsgCtx);
        String refreshToken = oauthTokenIssuer.refreshToken(tokReqMsgCtx);
        if (log.isDebugEnabled()) {
            if (IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.ACCESS_TOKEN)) {
                log.debug("New access token (hashed): " + DigestUtils.sha256Hex(accessToken) + " & new refresh token (hashed): " + DigestUtils.sha256Hex(refreshToken));
            } else {
                log.debug("Access token and refresh token generated.");
            }
        }
        accessTokenDO.setAccessToken(accessToken);
        accessTokenDO.setRefreshToken(refreshToken);
    } catch (OAuthSystemException e) {
        throw new IdentityOAuth2Exception("Error when generating the tokens.", e);
    } catch (InvalidOAuthClientException e) {
        throw new IdentityOAuth2Exception("Error while retrieving oauth issuer for the app with clientId: " + accessTokenDO.getConsumerKey(), e);
    }
}
Also used : OauthTokenIssuer(org.wso2.carbon.identity.oauth2.token.OauthTokenIssuer) IdentityOAuth2Exception(org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception) OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException) InvalidOAuthClientException(org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException)

Example 53 with OAuthSystemException

use of org.apache.amber.oauth2.common.exception.OAuthSystemException in project Kustvakt by KorAP.

the class OAuth2ResponseHandler method throwit.

public WebApplicationException throwit(OAuthProblemException e, String state) {
    OAuthResponse oAuthResponse = null;
    try {
        OAuthErrorResponseBuilder builder = OAuthResponse.errorResponse(e.getResponseStatus()).error(e);
        if (state != null && !state.isEmpty()) {
            builder.setState(state);
        }
        oAuthResponse = builder.buildJSONMessage();
    } catch (OAuthSystemException e1) {
        throwit(e1, state);
    }
    Response r = createResponse(oAuthResponse);
    return new WebApplicationException(r);
}
Also used : Response(javax.ws.rs.core.Response) OAuthResponse(org.apache.oltu.oauth2.common.message.OAuthResponse) OAuthErrorResponseBuilder(org.apache.oltu.oauth2.common.message.OAuthResponse.OAuthErrorResponseBuilder) WebApplicationException(javax.ws.rs.WebApplicationException) OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException) OAuthResponse(org.apache.oltu.oauth2.common.message.OAuthResponse)

Example 54 with OAuthSystemException

use of org.apache.amber.oauth2.common.exception.OAuthSystemException in project Kustvakt by KorAP.

the class OAuth2Controller method requestAuthorizationCode.

/**
 * Requests an authorization code.
 *
 * Kustvakt supports authorization only with Kalamar as the
 * authorization web-frontend or user interface. Thus
 * authorization code request requires user authentication
 * using authorization header.
 *
 * <br /><br />
 * RFC 6749:
 * If the client omits the scope parameter when requesting
 * authorization, the authorization server MUST either process the
 * request using a pre-defined default value or fail the request
 * indicating an invalid scope.
 *
 * @param request
 *            HttpServletRequest
 * @param form
 *            form parameters
 * @return a redirect URL
 */
@POST
@Path("authorize")
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response requestAuthorizationCode(@Context HttpServletRequest request, @Context SecurityContext context, @FormParam("state") String state, MultivaluedMap<String, String> form) {
    TokenContext tokenContext = (TokenContext) context.getUserPrincipal();
    String username = tokenContext.getUsername();
    ZonedDateTime authTime = tokenContext.getAuthenticationTime();
    try {
        scopeService.verifyScope(tokenContext, OAuth2Scope.AUTHORIZE);
        HttpServletRequest requestWithForm = new FormRequestWrapper(request, form);
        OAuth2AuthorizationRequest authzRequest = new OAuth2AuthorizationRequest(requestWithForm);
        String uri = authorizationService.requestAuthorizationCode(requestWithForm, authzRequest, username, authTime);
        return responseHandler.sendRedirect(uri);
    } catch (OAuthSystemException e) {
        throw responseHandler.throwit(e, state);
    } catch (OAuthProblemException e) {
        throw responseHandler.throwit(e, state);
    } catch (KustvaktException e) {
        throw responseHandler.throwit(e, state);
    }
}
Also used : TokenContext(de.ids_mannheim.korap.security.context.TokenContext) HttpServletRequest(javax.servlet.http.HttpServletRequest) OAuthProblemException(org.apache.oltu.oauth2.common.exception.OAuthProblemException) FormRequestWrapper(de.ids_mannheim.korap.web.utils.FormRequestWrapper) KustvaktException(de.ids_mannheim.korap.exceptions.KustvaktException) ZonedDateTime(java.time.ZonedDateTime) OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException) OAuth2AuthorizationRequest(de.ids_mannheim.korap.oauth2.oltu.OAuth2AuthorizationRequest) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes)

Example 55 with OAuthSystemException

use of org.apache.amber.oauth2.common.exception.OAuthSystemException in project Kustvakt by KorAP.

the class OAuth2Controller method revokeAllClientTokensViaSuperClient.

/**
 * Revokes all tokens of a client for the authenticated user from
 * a super client. This service is not part of the OAUTH2
 * specification. It requires user authentication via
 * authorization header, and super client
 * via URL-encoded form parameters.
 *
 * @param request
 * @param form
 *            containing client_id, super_client_id,
 *            super_client_secret
 * @return 200 if token invalidation is successful or the given
 *         token is invalid
 */
@POST
@Path("revoke/super/all")
@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
public Response revokeAllClientTokensViaSuperClient(@Context SecurityContext context, @Context HttpServletRequest request, MultivaluedMap<String, String> form) {
    TokenContext tokenContext = (TokenContext) context.getUserPrincipal();
    String username = tokenContext.getUsername();
    try {
        OAuth2RevokeAllTokenSuperRequest revokeTokenRequest = new OAuth2RevokeAllTokenSuperRequest(new FormRequestWrapper(request, form));
        tokenService.revokeAllClientTokensViaSuperClient(username, revokeTokenRequest);
        return Response.ok("SUCCESS").build();
    } catch (OAuthSystemException e) {
        throw responseHandler.throwit(e);
    } catch (OAuthProblemException e) {
        throw responseHandler.throwit(e);
    } catch (KustvaktException e) {
        throw responseHandler.throwit(e);
    }
}
Also used : TokenContext(de.ids_mannheim.korap.security.context.TokenContext) OAuthProblemException(org.apache.oltu.oauth2.common.exception.OAuthProblemException) FormRequestWrapper(de.ids_mannheim.korap.web.utils.FormRequestWrapper) OAuth2RevokeAllTokenSuperRequest(de.ids_mannheim.korap.oauth2.oltu.OAuth2RevokeAllTokenSuperRequest) KustvaktException(de.ids_mannheim.korap.exceptions.KustvaktException) OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes)

Aggregations

OAuthSystemException (org.apache.oltu.oauth2.common.exception.OAuthSystemException)100 OAuthClientRequest (org.apache.oltu.oauth2.client.request.OAuthClientRequest)47 IOException (java.io.IOException)37 OAuthProblemException (org.apache.oltu.oauth2.common.exception.OAuthProblemException)36 Request (okhttp3.Request)27 Response (okhttp3.Response)27 OAuthJSONAccessTokenResponse (org.apache.oltu.oauth2.client.response.OAuthJSONAccessTokenResponse)20 Builder (okhttp3.Request.Builder)17 OAuthBearerClientRequest (org.apache.oltu.oauth2.client.request.OAuthBearerClientRequest)17 Map (java.util.Map)15 OAuthResponse (org.apache.oltu.oauth2.common.message.OAuthResponse)15 OAuthClientResponse (org.apache.oltu.oauth2.client.response.OAuthClientResponse)14 MediaType (okhttp3.MediaType)13 RequestBody (okhttp3.RequestBody)13 TokenRequestBuilder (org.apache.oltu.oauth2.client.request.OAuthClientRequest.TokenRequestBuilder)12 AuthenticationRequestBuilder (org.apache.oltu.oauth2.client.request.OAuthClientRequest.AuthenticationRequestBuilder)11 Path (javax.ws.rs.Path)10 OAuthClient (org.apache.oltu.oauth2.client.OAuthClient)9 IdentityOAuth2Exception (org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception)9 HashMap (java.util.HashMap)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial