Examples with STSValidateFailureEvent org.apache.cxf.sts.event.STSValidateFailureEvent used on opensource projects

Example 1 with STSValidateFailureEvent

use of org.apache.cxf.sts.event.STSValidateFailureEvent in project cxf by apache.

the class TokenValidateOperation method validate.

public RequestSecurityTokenResponseType validate(RequestSecurityTokenType request, Principal principal, Map<String, Object> messageContext) {
    long start = System.currentTimeMillis();
    TokenValidatorParameters validatorParameters = new TokenValidatorParameters();
    try {
        RequestRequirements requestRequirements = parseRequest(request, messageContext);
        TokenRequirements tokenRequirements = requestRequirements.getTokenRequirements();
        validatorParameters.setStsProperties(stsProperties);
        validatorParameters.setPrincipal(principal);
        validatorParameters.setMessageContext(messageContext);
        validatorParameters.setTokenStore(getTokenStore());
        // validatorParameters.setKeyRequirements(keyRequirements);
        validatorParameters.setTokenRequirements(tokenRequirements);
        ReceivedToken validateTarget = tokenRequirements.getValidateTarget();
        if (validateTarget == null || validateTarget.getToken() == null) {
            throw new STSException("No element presented for validation", STSException.INVALID_REQUEST);
        }
        validatorParameters.setToken(validateTarget);
        if (tokenRequirements.getTokenType() == null) {
            tokenRequirements.setTokenType(STSConstants.STATUS);
            LOG.fine("Received TokenType is null, falling back to default token type: " + STSConstants.STATUS);
        }
        // Get the realm of the request
        String realm = null;
        if (stsProperties.getRealmParser() != null) {
            RealmParser realmParser = stsProperties.getRealmParser();
            realm = realmParser.parseRealm(messageContext);
        }
        validatorParameters.setRealm(realm);
        TokenValidatorResponse tokenResponse = validateReceivedToken(principal, messageContext, realm, tokenRequirements, validateTarget);
        if (tokenResponse == null) {
            LOG.fine("No Token Validator has been found that can handle this token");
            tokenResponse = new TokenValidatorResponse();
            validateTarget.setState(STATE.INVALID);
            tokenResponse.setToken(validateTarget);
        }
        // 
        // Create a new token (if requested)
        // 
        TokenProviderResponse tokenProviderResponse = null;
        String tokenType = tokenRequirements.getTokenType();
        if (tokenResponse.getToken().getState() == STATE.VALID && !STSConstants.STATUS.equals(tokenType)) {
            TokenProviderParameters providerParameters = createTokenProviderParameters(requestRequirements, principal, messageContext);
            processValidToken(providerParameters, validateTarget, tokenResponse);
            // Check if the requested claims can be handled by the configured claim handlers
            providerParameters.setClaimsManager(claimsManager);
            Map<String, Object> additionalProperties = tokenResponse.getAdditionalProperties();
            if (additionalProperties != null) {
                providerParameters.setAdditionalProperties(additionalProperties);
            }
            realm = providerParameters.getRealm();
            for (TokenProvider tokenProvider : tokenProviders) {
                boolean canHandle = false;
                if (realm == null) {
                    canHandle = tokenProvider.canHandleToken(tokenType);
                } else {
                    canHandle = tokenProvider.canHandleToken(tokenType, realm);
                }
                if (canHandle) {
                    try {
                        tokenProviderResponse = tokenProvider.createToken(providerParameters);
                    } catch (STSException ex) {
                        LOG.log(Level.WARNING, "", ex);
                        throw ex;
                    } catch (RuntimeException ex) {
                        LOG.log(Level.WARNING, "", ex);
                        throw new STSException("Error in providing a token", ex, STSException.REQUEST_FAILED);
                    }
                    break;
                }
            }
            if (tokenProviderResponse == null || tokenProviderResponse.getToken() == null) {
                LOG.fine("No Token Provider has been found that can handle this token");
                throw new STSException("No token provider found for requested token type: " + tokenType, STSException.REQUEST_FAILED);
            }
        }
        // prepare response
        try {
            RequestSecurityTokenResponseType response = createResponse(tokenResponse, tokenProviderResponse, tokenRequirements);
            STSValidateSuccessEvent event = new STSValidateSuccessEvent(validatorParameters, System.currentTimeMillis() - start);
            publishEvent(event);
            return response;
        } catch (Throwable ex) {
            LOG.log(Level.WARNING, "", ex);
            throw new STSException("Error in creating the response", ex, STSException.REQUEST_FAILED);
        }
    } catch (RuntimeException ex) {
        STSValidateFailureEvent event = new STSValidateFailureEvent(validatorParameters, System.currentTimeMillis() - start, ex);
        publishEvent(event);
        throw ex;
    }
}