use of org.forgerock.json.resource.InternalServerErrorException in project OpenAM by OpenRock.
the class IdentityServicesImpl method search.
/**
* Searches the identity repository to find all identities that match the search criteria.
*
* @param crestQuery A CREST Query object which will contain either a _queryId or a _queryFilter.
* @param searchModifiers The search modifiers
* @param admin Your SSO token.
* @return a list of matching identifiers.
* @throws ResourceException
*/
public List<String> search(CrestQuery crestQuery, Map<String, Set<String>> searchModifiers, SSOToken admin) throws ResourceException {
List<String> rv = new ArrayList<>();
try {
String realm = "/";
String objectType = "User";
if (searchModifiers != null) {
realm = attractValues("realm", searchModifiers, "/");
objectType = attractValues("objecttype", searchModifiers, "User");
}
AMIdentityRepository repo = getRepo(admin, realm);
IdType idType = getIdType(objectType);
if (idType != null) {
List<AMIdentity> objList = fetchAMIdentities(idType, crestQuery, false, repo, searchModifiers);
if (objList != null && !objList.isEmpty()) {
List<String> names = getNames(realm, idType, objList);
if (!names.isEmpty()) {
for (String name : names) {
rv.add(name);
}
}
}
} else {
debug.error("IdentityServicesImpl:search unsupported IdType" + objectType);
throw new BadRequestException("search unsupported IdType: " + objectType);
}
} catch (IdRepoException e) {
debug.error("IdentityServicesImpl:search", e);
throw new InternalServerErrorException(e.getMessage());
} catch (SSOException e) {
debug.error("IdentityServicesImpl:search", e);
throw new InternalServerErrorException(e.getMessage());
} catch (ObjectNotFound e) {
debug.error("IdentityServicesImpl:search", e);
throw new NotFoundException(e.getMessage());
}
return rv;
}
use of org.forgerock.json.resource.InternalServerErrorException in project OpenAM by OpenRock.
the class ApplicationTypesResource method readInstance.
/**
* Reads the details of a single instance of an {@link ApplicationType} - the instance
* referred to by the passed-in resourceId.
*
* The user's {@link SecurityContext} must indicate they are a user with administrator-level access.
*
* @param context {@inheritDoc}
* @param resourceId {@inheritDoc}
* @param request {@inheritDoc}
*/
@Override
public Promise<ResourceResponse, ResourceException> readInstance(Context context, String resourceId, ReadRequest request) {
//auth
final Subject mySubject = getContextSubject(context);
if (mySubject == null) {
debug.error("ApplicationsTypesResource :: READ : Unknown Subject");
return new InternalServerErrorException().asPromise();
}
final String principalName = PrincipalRestUtils.getPrincipalNameFromSubject(mySubject);
final ApplicationType applType = typeManager.getApplicationType(mySubject, resourceId);
final ApplicationTypeWrapper wrap = new ApplicationTypeWrapper(applType);
if (applType == null) {
if (debug.errorEnabled()) {
debug.error("ApplicationTypesResource :: READ by " + principalName + ": Requested application type short name not found: " + resourceId);
}
return new NotFoundException().asPromise();
}
try {
final ResourceResponse resource = newResourceResponse(resourceId, String.valueOf(System.currentTimeMillis()), JsonValue.json(wrap.toJsonValue()));
return newResultPromise(resource);
} catch (IOException e) {
if (debug.errorEnabled()) {
debug.error("ApplicationTypesResource :: READ by " + principalName + ": Could not jsonify class associated with defined Type: " + resourceId, e);
}
return new InternalServerErrorException().asPromise();
}
}
use of org.forgerock.json.resource.InternalServerErrorException in project OpenAM by OpenRock.
the class ApplicationTypesResource method queryCollection.
/**
* Reads the details of all {@link ApplicationType}s in the system.
*
* The user's {@link SecurityContext} must indicate they are a user with administrator-level access.
*
* @param context {@inheritDoc}
* @param request {@inheritDoc}
* @param handler {@inheritDoc}
*/
@Override
public Promise<QueryResponse, ResourceException> queryCollection(Context context, QueryRequest request, QueryResourceHandler handler) {
//auth
final Subject mySubject = getContextSubject(context);
if (mySubject == null) {
debug.error("ApplicationsTypesResource :: QUERY : Unknown Subject");
return new InternalServerErrorException().asPromise();
}
final String principalName = PrincipalRestUtils.getPrincipalNameFromSubject(mySubject);
//select
final Set<String> appTypeNames = typeManager.getApplicationTypeNames(mySubject);
List<ApplicationTypeWrapper> appTypes = new LinkedList<>();
for (String appTypeName : appTypeNames) {
final ApplicationType type = typeManager.getApplicationType(mySubject, appTypeName);
final ApplicationTypeWrapper wrap = new ApplicationTypeWrapper(type);
if (type != null) {
appTypes.add(wrap);
} else {
if (debug.warningEnabled()) {
debug.warning("ApplicationTypesResource :: QUERY by " + principalName + ": ApplicationType was not found: " + appTypeName);
}
}
}
final List<ResourceResponse> applicationsList = getResourceResponses(appTypes);
QueryResponsePresentation.enableDeprecatedRemainingQueryResponse(request);
return QueryResponsePresentation.perform(handler, request, applicationsList);
}
use of org.forgerock.json.resource.InternalServerErrorException in project OpenAM by OpenRock.
the class IdentityResourceExceptionMappingHandler method handleError.
@Override
public ResourceException handleError(IdRepoException idRepoException) {
int code = Integer.valueOf(idRepoException.getErrorCode());
ResultCode ldapResultCode = ResultCode.valueOf(idRepoException.getLdapErrorIntCode());
if (idRepoException instanceof PasswordPolicyException) {
//Convert the error code for the LDAP code
if (ldapResultCode == ResultCode.INVALID_CREDENTIALS) {
idRepoException = new PasswordPolicyException(ldapResultCode, IdRepoErrorCode.OLD_PASSWORD_INCORRECT, idRepoException.getMessageArgs());
}
if (ldapResultCode == ResultCode.INSUFFICIENT_ACCESS_RIGHTS) {
return new ForbiddenException(idRepoException);
}
if (ldapResultCode == ResultCode.CONSTRAINT_VIOLATION) {
idRepoException = new PasswordPolicyException(idRepoException.getConstraintViolationDetails());
}
return new BadRequestException(idRepoException.getMessage());
}
//compute LDAP error
if (ldapResultCode == ResultCode.NO_SUCH_OBJECT) {
return new NotFoundException(idRepoException);
}
if (ldapResultCode == ResultCode.NOT_ALLOWED_ON_RDN) {
return new ForbiddenException(idRepoException);
}
// Compute error code
switch(code) {
case GENERAL_OBJECT_NOT_FOUND:
return new NotFoundException(idRepoException);
case GENERAL_ACCESS_DENIED:
return new ForbiddenException(idRepoException);
default:
return new InternalServerErrorException(idRepoException);
}
}
use of org.forgerock.json.resource.InternalServerErrorException in project OpenAM by OpenRock.
the class TokenGenerationService method createInstance.
@Override
public Promise<ResourceResponse, ResourceException> createInstance(Context context, CreateRequest request) {
TokenGenerationServiceInvocationState invocationState;
try {
invocationState = TokenGenerationServiceInvocationState.fromJson(request.getContent());
} catch (Exception e) {
logger.error("Exception caught marshalling json into TokenGenerationServiceInvocationState instance: " + e);
return new BadRequestException(e.getMessage(), e).asPromise();
}
SSOToken subjectToken;
try {
subjectToken = validateAssertionSubjectSession(invocationState);
} catch (ForbiddenException e) {
return e.asPromise();
}
STSInstanceState stsInstanceState;
try {
stsInstanceState = getSTSInstanceState(invocationState);
} catch (ResourceException e) {
return e.asPromise();
}
if (TokenType.SAML2.equals(invocationState.getTokenType())) {
try {
final String assertion = saml2TokenGeneration.generate(subjectToken, stsInstanceState, invocationState);
return newResultPromise(issuedTokenResource(assertion));
} catch (TokenCreationException e) {
logger.error("Exception caught generating saml2 token: " + e, e);
return e.asPromise();
} catch (Exception e) {
logger.error("Exception caught generating saml2 token: " + e, e);
return new InternalServerErrorException(e.toString(), e).asPromise();
}
} else if (TokenType.OPENIDCONNECT.equals(invocationState.getTokenType())) {
try {
final String assertion = openIdConnectTokenGeneration.generate(subjectToken, stsInstanceState, invocationState);
return newResultPromise(issuedTokenResource(assertion));
} catch (TokenCreationException e) {
logger.error("Exception caught generating OpenIdConnect token: " + e, e);
return e.asPromise();
} catch (Exception e) {
logger.error("Exception caught generating OpenIdConnect token: " + e, e);
return new InternalServerErrorException(e.toString(), e).asPromise();
}
} else {
String message = "Bad request: unexpected token type:" + invocationState.getTokenType();
logger.error(message);
return new BadRequestException(message).asPromise();
}
}
Aggregations