Search in sources :

Example 1 with UaaException

use of org.cloudfoundry.identity.uaa.error.UaaException in project uaa by cloudfoundry.

the class ClientAdminEndpoints method listClientDetails.

@RequestMapping(value = "/oauth/clients", method = RequestMethod.GET)
@ResponseBody
public SearchResults<?> listClientDetails(@RequestParam(value = "attributes", required = false) String attributesCommaSeparated, @RequestParam(required = false, defaultValue = "client_id pr") String filter, @RequestParam(required = false, defaultValue = "client_id") String sortBy, @RequestParam(required = false, defaultValue = "ascending") String sortOrder, @RequestParam(required = false, defaultValue = "1") int startIndex, @RequestParam(required = false, defaultValue = "100") int count) {
    if (count > clientMaxCount) {
        count = clientMaxCount;
    }
    List<ClientDetails> result = new ArrayList<ClientDetails>();
    List<ClientDetails> clients;
    try {
        clients = clientDetailsService.query(filter, sortBy, "ascending".equalsIgnoreCase(sortOrder), IdentityZoneHolder.get().getId());
        if (count > clients.size()) {
            count = clients.size();
        }
    } catch (IllegalArgumentException e) {
        String msg = "Invalid filter expression: [" + filter + "]";
        if (StringUtils.hasText(sortBy)) {
            msg += " [" + sortBy + "]";
        }
        throw new UaaException(msg, HttpStatus.BAD_REQUEST.value());
    }
    for (ClientDetails client : UaaPagingUtils.subList(clients, startIndex, count)) {
        result.add(removeSecret(client));
    }
    if (!StringUtils.hasLength(attributesCommaSeparated)) {
        return new SearchResults<>(Collections.singletonList(SCIM_CLIENTS_SCHEMA_URI), result, startIndex, count, clients.size());
    }
    String[] attributes = attributesCommaSeparated.split(",");
    try {
        return SearchResultsFactory.buildSearchResultFrom(result, startIndex, count, clients.size(), attributes, attributeNameMapper, Collections.singletonList(SCIM_CLIENTS_SCHEMA_URI));
    } catch (SpelParseException e) {
        throw new UaaException("Invalid attributes: [" + attributesCommaSeparated + "]", HttpStatus.BAD_REQUEST.value());
    } catch (SpelEvaluationException e) {
        throw new UaaException("Invalid attributes: [" + attributesCommaSeparated + "]", HttpStatus.BAD_REQUEST.value());
    }
}
Also used : SpelParseException(org.springframework.expression.spel.SpelParseException) SpelEvaluationException(org.springframework.expression.spel.SpelEvaluationException) BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) UaaException(org.cloudfoundry.identity.uaa.error.UaaException) ArrayList(java.util.ArrayList) SearchResults(org.cloudfoundry.identity.uaa.resources.SearchResults) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Example 2 with UaaException

use of org.cloudfoundry.identity.uaa.error.UaaException in project uaa by cloudfoundry.

the class ApprovalsAdminEndpoints method handleException.

@ExceptionHandler
public View handleException(Exception t) {
    UaaException e = t instanceof UaaException ? (UaaException) t : new UaaException("Unexpected error", "Error accessing user's approvals", HttpStatus.INTERNAL_SERVER_ERROR.value());
    Class<?> clazz = t.getClass();
    for (Class<?> key : statuses.keySet()) {
        if (key.isAssignableFrom(clazz)) {
            e = new UaaException(t.getMessage(), "Error accessing user's approvals", statuses.get(key).value());
            break;
        }
    }
    return new ConvertingExceptionView(new ResponseEntity<ExceptionReport>(new ExceptionReport(e, false), HttpStatus.valueOf(e.getHttpStatus())), messageConverters);
}
Also used : UaaException(org.cloudfoundry.identity.uaa.error.UaaException) ConvertingExceptionView(org.cloudfoundry.identity.uaa.web.ConvertingExceptionView) ExceptionReport(org.cloudfoundry.identity.uaa.web.ExceptionReport)

Example 3 with UaaException

use of org.cloudfoundry.identity.uaa.error.UaaException in project uaa by cloudfoundry.

the class ChangeEmailController method changeEmail.

@RequestMapping(value = "/change_email.do", method = RequestMethod.POST)
public String changeEmail(Model model, @Valid @ModelAttribute("newEmail") ValidEmail newEmail, BindingResult result, @RequestParam(required = false, value = "client_id") String clientId, @RequestParam(required = false, value = "redirect_uri") String redirectUri, RedirectAttributes redirectAttributes, HttpServletResponse response) {
    SecurityContext securityContext = SecurityContextHolder.getContext();
    if (result.hasErrors()) {
        model.addAttribute("error_message_code", "invalid_email");
        model.addAttribute("email", ((UaaPrincipal) securityContext.getAuthentication().getPrincipal()).getEmail());
        response.setStatus(HttpStatus.UNPROCESSABLE_ENTITY.value());
        return "change_email";
    }
    String origin = ((UaaPrincipal) securityContext.getAuthentication().getPrincipal()).getOrigin();
    if (!origin.equals(OriginKeys.UAA)) {
        redirectAttributes.addAttribute("error_message_code", "email_change.non-uaa-origin");
        return "redirect:profile";
    }
    String userId = ((UaaPrincipal) securityContext.getAuthentication().getPrincipal()).getId();
    String userEmail = ((UaaPrincipal) securityContext.getAuthentication().getPrincipal()).getName();
    try {
        changeEmailService.beginEmailChange(userId, userEmail, newEmail.getNewEmail(), clientId, redirectUri);
    } catch (UaaException e) {
        if (e.getHttpStatus() == 409) {
            model.addAttribute("error_message_code", "username_exists");
            model.addAttribute("email", ((UaaPrincipal) securityContext.getAuthentication().getPrincipal()).getEmail());
            response.setStatus(HttpStatus.UNPROCESSABLE_ENTITY.value());
            return "change_email";
        }
    }
    return "redirect:email_sent?code=email_change";
}
Also used : UaaPrincipal(org.cloudfoundry.identity.uaa.authentication.UaaPrincipal) UaaException(org.cloudfoundry.identity.uaa.error.UaaException) SecurityContext(org.springframework.security.core.context.SecurityContext) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 4 with UaaException

use of org.cloudfoundry.identity.uaa.error.UaaException in project uaa by cloudfoundry.

the class CurrentUserCookieRequestFilter method handleError.

private void handleError(HttpServletResponse response, UaaPrincipal principal) throws IOException {
    int status = HttpStatus.INTERNAL_SERVER_ERROR.value();
    UaaException error = new UaaException(CURRENT_USER_COOKIE_ERROR, errorMessage(principal), status);
    response.setStatus(status);
    response.getWriter().write(JsonUtils.writeValueAsString(error));
    response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE);
}
Also used : UaaException(org.cloudfoundry.identity.uaa.error.UaaException)

Example 5 with UaaException

use of org.cloudfoundry.identity.uaa.error.UaaException in project uaa by cloudfoundry.

the class EmailChangeEmailService method completeVerification.

@Override
public Map<String, String> completeVerification(String code) {
    ExpiringCode expiringCode = codeStore.retrieveCode(code, identityZoneManager.getCurrentIdentityZoneId());
    if ((null == expiringCode) || ((null != expiringCode.getIntent()) && !EMAIL.name().equals(expiringCode.getIntent()))) {
        throw new UaaException("Error", 400);
    }
    Map<String, String> codeData = JsonUtils.readValue(expiringCode.getData(), new TypeReference<Map<String, String>>() {
    });
    String userId = codeData.get("user_id");
    String email = codeData.get("email");
    ScimUser user = scimUserProvisioning.retrieve(userId, identityZoneManager.getCurrentIdentityZoneId());
    if (user.getUserName().equals(user.getPrimaryEmail())) {
        user.setUserName(email);
    }
    user.getEmails().clear();
    user.setPrimaryEmail(email);
    scimUserProvisioning.update(userId, user, identityZoneManager.getCurrentIdentityZoneId());
    String clientId = codeData.get("client_id");
    String redirectLocation = null;
    if (clientId != null) {
        String redirectUri = codeData.get("redirect_uri") == null ? "" : codeData.get("redirect_uri");
        try {
            ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId, identityZoneManager.getCurrentIdentityZoneId());
            Set<String> redirectUris = clientDetails.getRegisteredRedirectUri() == null ? Collections.emptySet() : clientDetails.getRegisteredRedirectUri();
            String changeEmailRedirectUrl = (String) clientDetails.getAdditionalInformation().get(CHANGE_EMAIL_REDIRECT_URL);
            redirectLocation = findMatchingRedirectUri(redirectUris, redirectUri, changeEmailRedirectUrl);
        } catch (NoSuchClientException ignored) {
        }
    }
    Map<String, String> result = new HashMap<>();
    result.put("userId", user.getId());
    result.put("username", user.getUserName());
    result.put("email", user.getPrimaryEmail());
    result.put("redirect_url", redirectLocation);
    return result;
}
Also used : ScimUser(org.cloudfoundry.identity.uaa.scim.ScimUser) UaaException(org.cloudfoundry.identity.uaa.error.UaaException) ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) ExpiringCode(org.cloudfoundry.identity.uaa.codestore.ExpiringCode) NoSuchClientException(org.springframework.security.oauth2.provider.NoSuchClientException)

Aggregations

UaaException (org.cloudfoundry.identity.uaa.error.UaaException)28 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)10 Test (org.junit.Test)9 ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)8 ScimUser (org.cloudfoundry.identity.uaa.scim.ScimUser)7 RandomValueStringGenerator (org.springframework.security.oauth2.common.util.RandomValueStringGenerator)7 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)6 Test (org.junit.jupiter.api.Test)5 ExpiringCode (org.cloudfoundry.identity.uaa.codestore.ExpiringCode)4 HttpHeaders (org.springframework.http.HttpHeaders)4 UaaAuthentication (org.cloudfoundry.identity.uaa.authentication.UaaAuthentication)3 InvalidPasswordException (org.cloudfoundry.identity.uaa.scim.exception.InvalidPasswordException)3 Authentication (org.springframework.security.core.Authentication)3 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)3 Timestamp (java.sql.Timestamp)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 InvalidCodeException (org.cloudfoundry.identity.uaa.authentication.InvalidCodeException)2 UaaPrincipal (org.cloudfoundry.identity.uaa.authentication.UaaPrincipal)2 SecretFailureEvent (org.cloudfoundry.identity.uaa.client.event.SecretFailureEvent)2 ClientDetailsHelper.arrayFromString (org.cloudfoundry.identity.uaa.mock.util.ClientDetailsHelper.arrayFromString)2