Examples with AuthenticationException org.forgerock.caf.authentication.api.AuthenticationException used on opensource projects

Example 1 with AuthenticationException

use of org.forgerock.caf.authentication.api.AuthenticationException in project OpenAM by OpenRock.

the class LocalSSOTokenSessionModule method validate.

/**
     * Validates the request by attempting to retrieve the SSOToken ID from the cookies on the request.
     * If the SSOToken ID cookie is not present then the method returns AuthStatus.SEND_FAILURE, otherwise if it is
     * present it is then used to retrieve the actual SSOToken from the SSOTokenManager, if valid then
     * AuthStatus.SUCCESS will be returned, otherwise AuthStatus.SEND_FAILURE will be returned.
     *
     * @param request The HttpServletRequest.
     * @param messageInfo A contextual object that encapsulates the client request and server response objects, and
     *                    that may be used to save state across a sequence of calls made to the methods of this
     *                    interface for the purpose of completing a secure message exchange.
     * @param clientSubject A Subject that represents the source of the service request. It is used by the method
     *                      implementation to store Principals and credentials validated in the request.
     * @return AuthStatus.SUCCESS if the SSOToken ID is valid, otherwise AuthStatus.SEND_FAILURE.
     * @throws AuthException If there is a problem validating the request.
     */
private Promise<AuthStatus, AuthenticationException> validate(HttpServletRequest request, MessageInfoContext messageInfo, Subject clientSubject) {
    String tokenId = getRequestUtils().getTokenId(request);
    if (StringUtils.isEmpty(tokenId)) {
        tokenId = request.getHeader(getCookieHeaderName());
    }
    if (!StringUtils.isEmpty(tokenId)) {
        SSOToken ssoToken = getFactory().getTokenFromId(tokenId);
        if (ssoToken != null) {
            int authLevel;
            try {
                authLevel = ssoToken.getAuthLevel();
                String name = ssoToken.getPrincipal().getName();
                handler.handle(new Callback[] { new CallerPrincipalCallback(clientSubject, name) });
                clientSubject.getPrincipals().add(ssoToken.getPrincipal());
            } catch (SSOException e) {
                return newExceptionPromise(new AuthenticationException(e.getMessage()));
            } catch (UnsupportedCallbackException e) {
                return newExceptionPromise(new AuthenticationException(e.getMessage()));
            } catch (IOException e) {
                return newExceptionPromise(new AuthenticationException(e.getMessage()));
            }
            Map<String, Object> context = (Map<String, Object>) messageInfo.getRequestContextMap().get("org.forgerock.authentication.context");
            context.put("authLevel", authLevel);
            context.put("tokenId", ssoToken.getTokenID().toString());
            return newResultPromise(SUCCESS);
        }
    }
    return newResultPromise(getInvalidSSOTokenAuthStatus());
}

Example 2 with AuthenticationException

use of org.forgerock.caf.authentication.api.AuthenticationException in project OpenAM by OpenRock.

the class LocalSSOTokenSessionModule method validateRequest.

/**
     * Validates the request by checking the validity of the SSOToken ID from the AM cookie.
     * <p>
     * If the SSOToken ID is a restricted token then the request must also contain a url parameter "requester" which
     * must contain the application SSOToken ID of the application the restricted token was issued for.
     *
     * @param messageInfo {@inheritDoc}
     * @param clientSubject {@inheritDoc}
     * @param serviceSubject {@inheritDoc}
     * @return {@inheritDoc}
     */
@Override
public Promise<AuthStatus, AuthenticationException> validateRequest(final MessageInfoContext messageInfo, final Subject clientSubject, Subject serviceSubject) {
    if (!isInitialised()) {
        initDependencies();
    }
    final HttpServletRequest request = (HttpServletRequest) messageInfo.asContext(AttributesContext.class).getAttributes().get(HttpServletRequest.class.getName());
    String requester = request.getParameter(REQUESTER_URL_PARAM);
    if (requester != null) {
        try {
            SSOToken requesterToken = getFactory().getTokenFromId(requester);
            if (getFactory().isTokenValid(requesterToken)) {
                Object o = RestrictedTokenContext.doUsing(requesterToken, new RestrictedTokenAction() {

                    public Object run() throws Exception {
                        return validate(request, messageInfo, clientSubject);
                    }
                });
                return newResultPromise((AuthStatus) o);
            }
        } catch (Exception ex) {
            return newExceptionPromise(new AuthenticationException("An error occurred whilst trying to use restricted token."));
        }
    }
    return validate(request, messageInfo, clientSubject);
}

Example 3 with AuthenticationException

use of org.forgerock.caf.authentication.api.AuthenticationException in project OpenAM by OpenRock.

the class XMLResourceExceptionHandlerTest method testWrite.

@Test
public void testWrite() throws Exception {
    //given
    MessageContext context = mock(MessageContext.class);
    AuditTrail mockAudit = mock(AuditTrail.class);
    Response response = new Response();
    doReturn(mockAudit).when(context).getAuditTrail();
    doReturn(response).when(context).getResponse();
    String message = "I don't know where it is";
    ResourceException ex = new NotFoundException(message);
    AuthenticationException ex2 = new AuthenticationException(ex);
    //when
    handler.write(context, ex2);
    //then
    assertThat(response.getStatus()).isEqualTo(Status.NOT_FOUND);
    String text = response.getEntity().getString();
    assertThat(text).contains("<message>" + message + "</message>");
    assertThat(text).contains("<code>404</code>");
}