use of org.cloudfoundry.identity.uaa.error.UaaException in project uaa by cloudfoundry.
the class ClientAdminEndpoints method listClientDetails.
@RequestMapping(value = "/oauth/clients", method = RequestMethod.GET)
@ResponseBody
public SearchResults<?> listClientDetails(@RequestParam(value = "attributes", required = false) String attributesCommaSeparated, @RequestParam(required = false, defaultValue = "client_id pr") String filter, @RequestParam(required = false, defaultValue = "client_id") String sortBy, @RequestParam(required = false, defaultValue = "ascending") String sortOrder, @RequestParam(required = false, defaultValue = "1") int startIndex, @RequestParam(required = false, defaultValue = "100") int count) {
if (count > clientMaxCount) {
count = clientMaxCount;
}
List<ClientDetails> result = new ArrayList<ClientDetails>();
List<ClientDetails> clients;
try {
clients = clientDetailsService.query(filter, sortBy, "ascending".equalsIgnoreCase(sortOrder), IdentityZoneHolder.get().getId());
if (count > clients.size()) {
count = clients.size();
}
} catch (IllegalArgumentException e) {
String msg = "Invalid filter expression: [" + filter + "]";
if (StringUtils.hasText(sortBy)) {
msg += " [" + sortBy + "]";
}
throw new UaaException(msg, HttpStatus.BAD_REQUEST.value());
}
for (ClientDetails client : UaaPagingUtils.subList(clients, startIndex, count)) {
result.add(removeSecret(client));
}
if (!StringUtils.hasLength(attributesCommaSeparated)) {
return new SearchResults<>(Collections.singletonList(SCIM_CLIENTS_SCHEMA_URI), result, startIndex, count, clients.size());
}
String[] attributes = attributesCommaSeparated.split(",");
try {
return SearchResultsFactory.buildSearchResultFrom(result, startIndex, count, clients.size(), attributes, attributeNameMapper, Collections.singletonList(SCIM_CLIENTS_SCHEMA_URI));
} catch (SpelParseException e) {
throw new UaaException("Invalid attributes: [" + attributesCommaSeparated + "]", HttpStatus.BAD_REQUEST.value());
} catch (SpelEvaluationException e) {
throw new UaaException("Invalid attributes: [" + attributesCommaSeparated + "]", HttpStatus.BAD_REQUEST.value());
}
}
use of org.cloudfoundry.identity.uaa.error.UaaException in project uaa by cloudfoundry.
the class ApprovalsAdminEndpoints method handleException.
@ExceptionHandler
public View handleException(Exception t) {
UaaException e = t instanceof UaaException ? (UaaException) t : new UaaException("Unexpected error", "Error accessing user's approvals", HttpStatus.INTERNAL_SERVER_ERROR.value());
Class<?> clazz = t.getClass();
for (Class<?> key : statuses.keySet()) {
if (key.isAssignableFrom(clazz)) {
e = new UaaException(t.getMessage(), "Error accessing user's approvals", statuses.get(key).value());
break;
}
}
return new ConvertingExceptionView(new ResponseEntity<ExceptionReport>(new ExceptionReport(e, false), HttpStatus.valueOf(e.getHttpStatus())), messageConverters);
}
use of org.cloudfoundry.identity.uaa.error.UaaException in project uaa by cloudfoundry.
the class ChangeEmailController method changeEmail.
@RequestMapping(value = "/change_email.do", method = RequestMethod.POST)
public String changeEmail(Model model, @Valid @ModelAttribute("newEmail") ValidEmail newEmail, BindingResult result, @RequestParam(required = false, value = "client_id") String clientId, @RequestParam(required = false, value = "redirect_uri") String redirectUri, RedirectAttributes redirectAttributes, HttpServletResponse response) {
SecurityContext securityContext = SecurityContextHolder.getContext();
if (result.hasErrors()) {
model.addAttribute("error_message_code", "invalid_email");
model.addAttribute("email", ((UaaPrincipal) securityContext.getAuthentication().getPrincipal()).getEmail());
response.setStatus(HttpStatus.UNPROCESSABLE_ENTITY.value());
return "change_email";
}
String origin = ((UaaPrincipal) securityContext.getAuthentication().getPrincipal()).getOrigin();
if (!origin.equals(OriginKeys.UAA)) {
redirectAttributes.addAttribute("error_message_code", "email_change.non-uaa-origin");
return "redirect:profile";
}
String userId = ((UaaPrincipal) securityContext.getAuthentication().getPrincipal()).getId();
String userEmail = ((UaaPrincipal) securityContext.getAuthentication().getPrincipal()).getName();
try {
changeEmailService.beginEmailChange(userId, userEmail, newEmail.getNewEmail(), clientId, redirectUri);
} catch (UaaException e) {
if (e.getHttpStatus() == 409) {
model.addAttribute("error_message_code", "username_exists");
model.addAttribute("email", ((UaaPrincipal) securityContext.getAuthentication().getPrincipal()).getEmail());
response.setStatus(HttpStatus.UNPROCESSABLE_ENTITY.value());
return "change_email";
}
}
return "redirect:email_sent?code=email_change";
}
use of org.cloudfoundry.identity.uaa.error.UaaException in project uaa by cloudfoundry.
the class CurrentUserCookieRequestFilter method handleError.
private void handleError(HttpServletResponse response, UaaPrincipal principal) throws IOException {
int status = HttpStatus.INTERNAL_SERVER_ERROR.value();
UaaException error = new UaaException(CURRENT_USER_COOKIE_ERROR, errorMessage(principal), status);
response.setStatus(status);
response.getWriter().write(JsonUtils.writeValueAsString(error));
response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE);
}
use of org.cloudfoundry.identity.uaa.error.UaaException in project uaa by cloudfoundry.
the class EmailChangeEmailService method completeVerification.
@Override
public Map<String, String> completeVerification(String code) {
ExpiringCode expiringCode = codeStore.retrieveCode(code, identityZoneManager.getCurrentIdentityZoneId());
if ((null == expiringCode) || ((null != expiringCode.getIntent()) && !EMAIL.name().equals(expiringCode.getIntent()))) {
throw new UaaException("Error", 400);
}
Map<String, String> codeData = JsonUtils.readValue(expiringCode.getData(), new TypeReference<Map<String, String>>() {
});
String userId = codeData.get("user_id");
String email = codeData.get("email");
ScimUser user = scimUserProvisioning.retrieve(userId, identityZoneManager.getCurrentIdentityZoneId());
if (user.getUserName().equals(user.getPrimaryEmail())) {
user.setUserName(email);
}
user.getEmails().clear();
user.setPrimaryEmail(email);
scimUserProvisioning.update(userId, user, identityZoneManager.getCurrentIdentityZoneId());
String clientId = codeData.get("client_id");
String redirectLocation = null;
if (clientId != null) {
String redirectUri = codeData.get("redirect_uri") == null ? "" : codeData.get("redirect_uri");
try {
ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId, identityZoneManager.getCurrentIdentityZoneId());
Set<String> redirectUris = clientDetails.getRegisteredRedirectUri() == null ? Collections.emptySet() : clientDetails.getRegisteredRedirectUri();
String changeEmailRedirectUrl = (String) clientDetails.getAdditionalInformation().get(CHANGE_EMAIL_REDIRECT_URL);
redirectLocation = findMatchingRedirectUri(redirectUris, redirectUri, changeEmailRedirectUrl);
} catch (NoSuchClientException ignored) {
}
}
Map<String, String> result = new HashMap<>();
result.put("userId", user.getId());
result.put("username", user.getUserName());
result.put("email", user.getPrimaryEmail());
result.put("redirect_url", redirectLocation);
return result;
}
Aggregations