Example 61 with InternalServerErrorException
use of org.forgerock.json.resource.InternalServerErrorException in project OpenAM by OpenRock.
the class UmaLabelsStore method createLabel.
private ResourceSetLabel createLabel(String realm, String username, ResourceSetLabel label, String id, Connection connection) throws LdapException, InternalServerErrorException {
final AddRequest addRequest = LDAPRequests.newAddRequest(getLabelDn(realm, username, id)).addAttribute("objectClass", "top", OBJECT_CLASS).addAttribute(ID_ATTR, id).addAttribute(NAME_ATTR, label.getName()).addAttribute(TYPE_ATTR, label.getType().name());
if (CollectionUtils.isNotEmpty(label.getResourceSetIds())) {
addRequest.addAttribute(RESOURCE_SET_ATTR, label.getResourceSetIds().toArray());
}
Result result = connection.add(addRequest);
if (!result.isSuccess()) {
throw new InternalServerErrorException("Unknown unsuccessful request");
}
return new ResourceSetLabel(id, label.getName(), label.getType(), label.getResourceSetIds());
}
Also used :
AddRequest(org.forgerock.opendj.ldap.requests.AddRequest)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
Result(org.forgerock.opendj.ldap.responses.Result)
Example 62 with InternalServerErrorException
use of org.forgerock.json.resource.InternalServerErrorException in project OpenAM by OpenRock.
the class ClientResource method deleteInstance.
public Promise<ResourceResponse, ResourceException> deleteInstance(Context context, String resourceId, DeleteRequest request) {
String principal = PrincipalRestUtils.getPrincipalNameFromServerContext(context);
Map<String, String> responseVal = new HashMap<String, String>();
JsonValue response;
try {
String realm = request.getAdditionalParameter("realm");
if (realm == null) {
realm = "/";
}
manager.deleteIdentity(resourceId, realm);
try {
//delete the tokens associated with that client_id
final TokenFilter tokenFilter = new TokenFilterBuilder().and().withAttribute(OAuthTokenField.CLIENT_ID.getField(), resourceId).withAttribute(OAuthTokenField.REALM.getField(), realm).build();
store.deleteOnQueryAsync(tokenFilter);
} catch (CoreTokenException e) {
if (auditLogger.isAuditLogEnabled()) {
String[] obs = { "FAILED_DELETE_CLIENT", responseVal.toString() };
auditLogger.logErrorMessage("FAILED_DELETE_CLIENT", obs, null);
}
if (debug.errorEnabled()) {
debug.error("ClientResource :: DELETE by " + principal + ": Unable to delete client with ID, " + resourceId);
}
throw new InternalServerErrorException("Unable to delete client", e);
}
responseVal.put("success", "true");
response = new JsonValue(responseVal);
ResourceResponse resource = newResourceResponse("results", "1", response);
if (auditLogger.isAuditLogEnabled()) {
String[] obs = { "DELETED_CLIENT", response.toString() };
auditLogger.logAccessMessage("DELETED_CLIENT", obs, null);
if (debug.messageEnabled()) {
debug.error("ClientResource :: DELETE by " + principal + ": delete client with ID, " + resourceId);
}
}
return newResultPromise(resource);
} catch (IdRepoException e) {
responseVal.put("success", "false");
if (auditLogger.isAuditLogEnabled()) {
String[] obs = { "FAILED_DELETE_CLIENT", responseVal.toString() };
auditLogger.logErrorMessage("FAILED_DELETE_CLIENT", obs, null);
}
if (debug.errorEnabled()) {
debug.error("ClientResource :: DELETE by " + principal + ": Unable to delete client with ID, " + resourceId, e);
}
return new InternalServerErrorException("Unable to delete client", e).asPromise();
} catch (SSOException e) {
responseVal.put("success", "false");
if (auditLogger.isAuditLogEnabled()) {
String[] obs = { "FAILED_DELETE_CLIENT", responseVal.toString() };
auditLogger.logErrorMessage("FAILED_DELETE_CLIENT", obs, null);
}
if (debug.errorEnabled()) {
debug.error("ClientResource :: DELETE by " + principal + ": Unable to delete client with ID, " + resourceId, e);
}
return new InternalServerErrorException("Unable to delete client", e).asPromise();
} catch (InternalServerErrorException e) {
responseVal.put("success", "false");
if (auditLogger.isAuditLogEnabled()) {
String[] obs = { "FAILED_DELETE_CLIENT", responseVal.toString() };
auditLogger.logErrorMessage("FAILED_DELETE_CLIENT", obs, null);
}
if (debug.errorEnabled()) {
debug.error("ClientResource :: DELETE by " + principal + ": Unable to delete client with ID, " + resourceId, e);
}
return new InternalServerErrorException("Unable to delete client", e).asPromise();
}
}
Also used :
Responses.newResourceResponse(org.forgerock.json.resource.Responses.newResourceResponse)
ResourceResponse(org.forgerock.json.resource.ResourceResponse)
HashMap(java.util.HashMap)
JsonValue(org.forgerock.json.JsonValue)
IdRepoException(com.sun.identity.idm.IdRepoException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
TokenFilterBuilder(org.forgerock.openam.cts.api.filter.TokenFilterBuilder)
SSOException(com.iplanet.sso.SSOException)
TokenFilter(org.forgerock.openam.cts.api.filter.TokenFilter)
Example 63 with InternalServerErrorException
use of org.forgerock.json.resource.InternalServerErrorException in project OpenAM by OpenRock.
the class SubjectAttributesResourceV1 method queryCollection.
@Override
public Promise<QueryResponse, ResourceException> queryCollection(Context context, QueryRequest request, QueryResourceHandler handler) {
final Subject mySubject = getContextSubject(context);
if (mySubject == null) {
debug.error("SubjectAttributesResource :: QUERY : Unknown Subject");
return new BadRequestException().asPromise();
}
final String principalName = PrincipalRestUtils.getPrincipalNameFromSubject(mySubject);
final SubjectAttributesManager manager = getSubjectAttributesManager(mySubject, getRealm(context));
final Set<String> attributes;
try {
attributes = manager.getAvailableSubjectAttributeNames();
} catch (EntitlementException e) {
debug.error("SubjectAttributesResource :: QUERY by " + principalName + " : Unable to query available " + "subject attribute names.");
return new InternalServerErrorException().asPromise();
}
for (String attr : attributes) {
handler.handleResource(newResourceResponse(attr, Long.toString(System.currentTimeMillis()), JsonValue.json(attr)));
}
return newResultPromise(newQueryResponse(null, CountPolicy.EXACT, 0));
}
Also used :
EntitlementException(com.sun.identity.entitlement.EntitlementException)
SubjectAttributesManager(com.sun.identity.entitlement.SubjectAttributesManager)
BadRequestException(org.forgerock.json.resource.BadRequestException)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
Subject(javax.security.auth.Subject)
Example 64 with InternalServerErrorException
use of org.forgerock.json.resource.InternalServerErrorException in project OpenAM by OpenRock.
the class OAuth2UserApplications method deleteInstance.
/**
* Allows users to revoke an OAuth2 application. This will remove their consent and revoke any access and refresh
* tokens with a matching client id.
* @param context The request context.
* @param resourceId The id of the OAuth2 client.
* @return A promise of the removed application.
*/
@Delete
public Promise<ResourceResponse, ResourceException> deleteInstance(Context context, String resourceId) {
String userId = contextHelper.getUserId(context);
String realm = contextHelper.getRealm(context);
debug.message("Revoking access to OAuth2 client {} for user {}", resourceId, userId);
try {
oAuth2ProviderSettingsFactory.get(context).revokeConsent(userId, resourceId);
QueryFilter<CoreTokenField> queryFilter = and(getQueryFilter(userId, realm), equalTo(CLIENT_ID.getField(), resourceId));
JsonValue tokens = tokenStore.query(queryFilter);
if (tokens.asCollection().isEmpty()) {
return new org.forgerock.json.resource.NotFoundException().asPromise();
}
for (JsonValue token : tokens) {
String tokenId = getAttributeValue(token, ID.getOAuthField());
debug.message("Removing OAuth2 token {} with client {} for user {}", tokenId, resourceId, userId);
tokenStore.delete(tokenId);
}
return getResourceResponse(context, resourceId, tokens).asPromise();
} catch (CoreTokenException | InvalidClientException | NotFoundException | ServerException e) {
debug.message("Failed to revoke access to OAuth2 client {} for user {}", resourceId, userId, e);
return new InternalServerErrorException(e).asPromise();
} catch (InternalServerErrorException e) {
debug.message("Failed to revoke access to OAuth2 client {} for user {}", resourceId, userId, e);
return e.asPromise();
}
}
Also used :
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
JsonValue(org.forgerock.json.JsonValue)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
NotFoundException(org.forgerock.oauth2.core.exceptions.NotFoundException)
CoreTokenField(org.forgerock.openam.tokens.CoreTokenField)
InvalidClientException(org.forgerock.oauth2.core.exceptions.InvalidClientException)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
Delete(org.forgerock.json.resource.annotations.Delete)
Example 65 with InternalServerErrorException
use of org.forgerock.json.resource.InternalServerErrorException in project OpenAM by OpenRock.
the class TokenResource method queryCollection.
@Override
public Promise<QueryResponse, ResourceException> queryCollection(Context context, QueryRequest queryRequest, QueryResourceHandler handler) {
try {
JsonValue response;
Collection<QueryFilter<CoreTokenField>> query = new ArrayList<QueryFilter<CoreTokenField>>();
//get uid of submitter
AMIdentity uid;
try {
uid = getUid(context);
if (!uid.equals(adminUserId)) {
query.add(QueryFilter.equalTo(USERNAME_FIELD, uid.getName()));
query.add(QueryFilter.equalTo(REALM_FIELD, DNMapper.orgNameToRealmName(uid.getRealm())));
}
} catch (Exception e) {
if (debug.errorEnabled()) {
debug.error("TokenResource :: QUERY : Unable to query collection as no UID discovered " + "for requesting user.");
}
return new PermanentException(401, "Unauthorized", e).asPromise();
}
String id = queryRequest.getQueryId();
String queryString;
if (id.equals("access_token")) {
queryString = "tokenName=access_token";
} else {
queryString = id;
}
String[] constraints = queryString.split(",");
boolean userNamePresent = false;
for (String constraint : constraints) {
String[] params = constraint.split("=");
if (params.length == 2) {
if (OAuthTokenField.USER_NAME.getOAuthField().equals(params[0])) {
userNamePresent = true;
}
query.add(QueryFilter.equalTo(getOAuth2TokenField(params[0]), params[1]));
}
}
if (adminUserId.equals(uid)) {
if (!userNamePresent) {
return new BadRequestException("userName field MUST be set in _queryId").asPromise();
}
} else if (userNamePresent) {
return new BadRequestException("userName field MUST NOT be set in _queryId").asPromise();
}
response = tokenStore.query(QueryFilter.and(query));
return handleResponse(handler, response, context);
} catch (UnauthorizedClientException e) {
debug.error("TokenResource :: QUERY : Unable to query collection as the client is not authorized.", e);
return new PermanentException(401, e.getMessage(), e).asPromise();
} catch (CoreTokenException e) {
debug.error("TokenResource :: QUERY : Unable to query collection as the token store is not available.", e);
return new ServiceUnavailableException(e.getMessage(), e).asPromise();
} catch (InternalServerErrorException e) {
debug.error("TokenResource :: QUERY : Unable to query collection as writing the response failed.", e);
return e.asPromise();
} catch (NotFoundException e) {
debug.error("TokenResource :: QUERY : Unable to query collection as realm does not have OAuth 2 provider.", e);
return e.asPromise();
}
}
Also used :
JsonValue(org.forgerock.json.JsonValue)
ArrayList(java.util.ArrayList)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
NotFoundException(org.forgerock.json.resource.NotFoundException)
CoreTokenField(org.forgerock.openam.tokens.CoreTokenField)
ServiceUnavailableException(org.forgerock.json.resource.ServiceUnavailableException)
PermanentException(org.forgerock.json.resource.PermanentException)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
ServiceUnavailableException(org.forgerock.json.resource.ServiceUnavailableException)
UnauthorizedClientException(org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)
SSOException(com.iplanet.sso.SSOException)
NotFoundException(org.forgerock.json.resource.NotFoundException)
BadRequestException(org.forgerock.json.resource.BadRequestException)
IdRepoException(com.sun.identity.idm.IdRepoException)
SMSException(com.sun.identity.sm.SMSException)
ResourceException(org.forgerock.json.resource.ResourceException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
QueryFilter(org.forgerock.util.query.QueryFilter)
AMIdentity(com.sun.identity.idm.AMIdentity)
PermanentException(org.forgerock.json.resource.PermanentException)
UnauthorizedClientException(org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)
BadRequestException(org.forgerock.json.resource.BadRequestException)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
Aggregations
InternalServerErrorException (org.forgerock.json.resource.InternalServerErrorException)70
SSOException (com.iplanet.sso.SSOException)39
JsonValue (org.forgerock.json.JsonValue)33
SMSException (com.sun.identity.sm.SMSException)29
BadRequestException (org.forgerock.json.resource.BadRequestException)27
NotFoundException (org.forgerock.json.resource.NotFoundException)25
ResourceException (org.forgerock.json.resource.ResourceException)24
SSOToken (com.iplanet.sso.SSOToken)19
IdRepoException (com.sun.identity.idm.IdRepoException)18
Set (java.util.Set)15
ResourceResponse (org.forgerock.json.resource.ResourceResponse)15
CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)14
AMIdentity (com.sun.identity.idm.AMIdentity)13
ArrayList (java.util.ArrayList)11
HashSet (java.util.HashSet)11
ForbiddenException (org.forgerock.json.resource.ForbiddenException)11
ServiceConfig (com.sun.identity.sm.ServiceConfig)10
NotSupportedException (org.forgerock.json.resource.NotSupportedException)10
Responses.newResourceResponse (org.forgerock.json.resource.Responses.newResourceResponse)10
ServiceConfigManager (com.sun.identity.sm.ServiceConfigManager)9
