Search in sources :

Example 26 with InternalServerErrorException

use of org.forgerock.json.resource.InternalServerErrorException in project OpenAM by OpenRock.

the class IdentityServicesImpl method search.

/**
     * Searches the identity repository to find all identities that match the search criteria.
     *
     * @param crestQuery A CREST Query object which will contain either a _queryId or a _queryFilter.
     * @param searchModifiers The search modifiers
     * @param admin Your SSO token.
     * @return a list of matching identifiers.
     * @throws ResourceException
     */
public List<String> search(CrestQuery crestQuery, Map<String, Set<String>> searchModifiers, SSOToken admin) throws ResourceException {
    List<String> rv = new ArrayList<>();
    try {
        String realm = "/";
        String objectType = "User";
        if (searchModifiers != null) {
            realm = attractValues("realm", searchModifiers, "/");
            objectType = attractValues("objecttype", searchModifiers, "User");
        }
        AMIdentityRepository repo = getRepo(admin, realm);
        IdType idType = getIdType(objectType);
        if (idType != null) {
            List<AMIdentity> objList = fetchAMIdentities(idType, crestQuery, false, repo, searchModifiers);
            if (objList != null && !objList.isEmpty()) {
                List<String> names = getNames(realm, idType, objList);
                if (!names.isEmpty()) {
                    for (String name : names) {
                        rv.add(name);
                    }
                }
            }
        } else {
            debug.error("IdentityServicesImpl:search unsupported IdType" + objectType);
            throw new BadRequestException("search unsupported IdType: " + objectType);
        }
    } catch (IdRepoException e) {
        debug.error("IdentityServicesImpl:search", e);
        throw new InternalServerErrorException(e.getMessage());
    } catch (SSOException e) {
        debug.error("IdentityServicesImpl:search", e);
        throw new InternalServerErrorException(e.getMessage());
    } catch (ObjectNotFound e) {
        debug.error("IdentityServicesImpl:search", e);
        throw new NotFoundException(e.getMessage());
    }
    return rv;
}
Also used : ArrayList(java.util.ArrayList) IdRepoException(com.sun.identity.idm.IdRepoException) NotFoundException(org.forgerock.json.resource.NotFoundException) SSOException(com.iplanet.sso.SSOException) IdType(com.sun.identity.idm.IdType) ObjectNotFound(com.sun.identity.idsvcs.ObjectNotFound) AMIdentity(com.sun.identity.idm.AMIdentity) AMIdentityRepository(com.sun.identity.idm.AMIdentityRepository) BadRequestException(org.forgerock.json.resource.BadRequestException) InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)

Example 27 with InternalServerErrorException

use of org.forgerock.json.resource.InternalServerErrorException in project OpenAM by OpenRock.

the class ApplicationTypesResource method readInstance.

/**
     * Reads the details of a single instance of an {@link ApplicationType} - the instance
     * referred to by the passed-in resourceId.
     *
     * The user's {@link SecurityContext} must indicate they are a user with administrator-level access.
     *
     * @param context {@inheritDoc}
     * @param resourceId {@inheritDoc}
     * @param request {@inheritDoc}
     */
@Override
public Promise<ResourceResponse, ResourceException> readInstance(Context context, String resourceId, ReadRequest request) {
    //auth
    final Subject mySubject = getContextSubject(context);
    if (mySubject == null) {
        debug.error("ApplicationsTypesResource :: READ : Unknown Subject");
        return new InternalServerErrorException().asPromise();
    }
    final String principalName = PrincipalRestUtils.getPrincipalNameFromSubject(mySubject);
    final ApplicationType applType = typeManager.getApplicationType(mySubject, resourceId);
    final ApplicationTypeWrapper wrap = new ApplicationTypeWrapper(applType);
    if (applType == null) {
        if (debug.errorEnabled()) {
            debug.error("ApplicationTypesResource :: READ by " + principalName + ": Requested application type short name not found: " + resourceId);
        }
        return new NotFoundException().asPromise();
    }
    try {
        final ResourceResponse resource = newResourceResponse(resourceId, String.valueOf(System.currentTimeMillis()), JsonValue.json(wrap.toJsonValue()));
        return newResultPromise(resource);
    } catch (IOException e) {
        if (debug.errorEnabled()) {
            debug.error("ApplicationTypesResource :: READ by " + principalName + ": Could not jsonify class associated with defined Type: " + resourceId, e);
        }
        return new InternalServerErrorException().asPromise();
    }
}
Also used : ApplicationType(com.sun.identity.entitlement.ApplicationType) ApplicationTypeWrapper(org.forgerock.openam.entitlement.rest.wrappers.ApplicationTypeWrapper) Responses.newResourceResponse(org.forgerock.json.resource.Responses.newResourceResponse) ResourceResponse(org.forgerock.json.resource.ResourceResponse) InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException) NotFoundException(org.forgerock.json.resource.NotFoundException) IOException(java.io.IOException) Subject(javax.security.auth.Subject)

Example 28 with InternalServerErrorException

use of org.forgerock.json.resource.InternalServerErrorException in project OpenAM by OpenRock.

the class ApplicationTypesResource method queryCollection.

/**
     * Reads the details of all {@link ApplicationType}s in the system.
     *
     * The user's {@link SecurityContext} must indicate they are a user with administrator-level access.
     *
     * @param context {@inheritDoc}
     * @param request {@inheritDoc}
     * @param handler {@inheritDoc}
     */
@Override
public Promise<QueryResponse, ResourceException> queryCollection(Context context, QueryRequest request, QueryResourceHandler handler) {
    //auth
    final Subject mySubject = getContextSubject(context);
    if (mySubject == null) {
        debug.error("ApplicationsTypesResource :: QUERY : Unknown Subject");
        return new InternalServerErrorException().asPromise();
    }
    final String principalName = PrincipalRestUtils.getPrincipalNameFromSubject(mySubject);
    //select
    final Set<String> appTypeNames = typeManager.getApplicationTypeNames(mySubject);
    List<ApplicationTypeWrapper> appTypes = new LinkedList<>();
    for (String appTypeName : appTypeNames) {
        final ApplicationType type = typeManager.getApplicationType(mySubject, appTypeName);
        final ApplicationTypeWrapper wrap = new ApplicationTypeWrapper(type);
        if (type != null) {
            appTypes.add(wrap);
        } else {
            if (debug.warningEnabled()) {
                debug.warning("ApplicationTypesResource :: QUERY by " + principalName + ": ApplicationType was not found: " + appTypeName);
            }
        }
    }
    final List<ResourceResponse> applicationsList = getResourceResponses(appTypes);
    QueryResponsePresentation.enableDeprecatedRemainingQueryResponse(request);
    return QueryResponsePresentation.perform(handler, request, applicationsList);
}
Also used : ApplicationType(com.sun.identity.entitlement.ApplicationType) ApplicationTypeWrapper(org.forgerock.openam.entitlement.rest.wrappers.ApplicationTypeWrapper) Responses.newResourceResponse(org.forgerock.json.resource.Responses.newResourceResponse) ResourceResponse(org.forgerock.json.resource.ResourceResponse) InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException) Subject(javax.security.auth.Subject) LinkedList(java.util.LinkedList)

Example 29 with InternalServerErrorException

use of org.forgerock.json.resource.InternalServerErrorException in project OpenAM by OpenRock.

the class IdentityResourceExceptionMappingHandler method handleError.

@Override
public ResourceException handleError(IdRepoException idRepoException) {
    int code = Integer.valueOf(idRepoException.getErrorCode());
    ResultCode ldapResultCode = ResultCode.valueOf(idRepoException.getLdapErrorIntCode());
    if (idRepoException instanceof PasswordPolicyException) {
        //Convert the error code for the LDAP code
        if (ldapResultCode == ResultCode.INVALID_CREDENTIALS) {
            idRepoException = new PasswordPolicyException(ldapResultCode, IdRepoErrorCode.OLD_PASSWORD_INCORRECT, idRepoException.getMessageArgs());
        }
        if (ldapResultCode == ResultCode.INSUFFICIENT_ACCESS_RIGHTS) {
            return new ForbiddenException(idRepoException);
        }
        if (ldapResultCode == ResultCode.CONSTRAINT_VIOLATION) {
            idRepoException = new PasswordPolicyException(idRepoException.getConstraintViolationDetails());
        }
        return new BadRequestException(idRepoException.getMessage());
    }
    //compute LDAP error
    if (ldapResultCode == ResultCode.NO_SUCH_OBJECT) {
        return new NotFoundException(idRepoException);
    }
    if (ldapResultCode == ResultCode.NOT_ALLOWED_ON_RDN) {
        return new ForbiddenException(idRepoException);
    }
    // Compute error code
    switch(code) {
        case GENERAL_OBJECT_NOT_FOUND:
            return new NotFoundException(idRepoException);
        case GENERAL_ACCESS_DENIED:
            return new ForbiddenException(idRepoException);
        default:
            return new InternalServerErrorException(idRepoException);
    }
}
Also used : ForbiddenException(org.forgerock.json.resource.ForbiddenException) PasswordPolicyException(com.sun.identity.idm.PasswordPolicyException) BadRequestException(org.forgerock.json.resource.BadRequestException) NotFoundException(org.forgerock.json.resource.NotFoundException) InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException) ResultCode(org.forgerock.opendj.ldap.ResultCode)

Example 30 with InternalServerErrorException

use of org.forgerock.json.resource.InternalServerErrorException in project OpenAM by OpenRock.

the class TokenGenerationService method createInstance.

@Override
public Promise<ResourceResponse, ResourceException> createInstance(Context context, CreateRequest request) {
    TokenGenerationServiceInvocationState invocationState;
    try {
        invocationState = TokenGenerationServiceInvocationState.fromJson(request.getContent());
    } catch (Exception e) {
        logger.error("Exception caught marshalling json into TokenGenerationServiceInvocationState instance: " + e);
        return new BadRequestException(e.getMessage(), e).asPromise();
    }
    SSOToken subjectToken;
    try {
        subjectToken = validateAssertionSubjectSession(invocationState);
    } catch (ForbiddenException e) {
        return e.asPromise();
    }
    STSInstanceState stsInstanceState;
    try {
        stsInstanceState = getSTSInstanceState(invocationState);
    } catch (ResourceException e) {
        return e.asPromise();
    }
    if (TokenType.SAML2.equals(invocationState.getTokenType())) {
        try {
            final String assertion = saml2TokenGeneration.generate(subjectToken, stsInstanceState, invocationState);
            return newResultPromise(issuedTokenResource(assertion));
        } catch (TokenCreationException e) {
            logger.error("Exception caught generating saml2 token: " + e, e);
            return e.asPromise();
        } catch (Exception e) {
            logger.error("Exception caught generating saml2 token: " + e, e);
            return new InternalServerErrorException(e.toString(), e).asPromise();
        }
    } else if (TokenType.OPENIDCONNECT.equals(invocationState.getTokenType())) {
        try {
            final String assertion = openIdConnectTokenGeneration.generate(subjectToken, stsInstanceState, invocationState);
            return newResultPromise(issuedTokenResource(assertion));
        } catch (TokenCreationException e) {
            logger.error("Exception caught generating OpenIdConnect token: " + e, e);
            return e.asPromise();
        } catch (Exception e) {
            logger.error("Exception caught generating OpenIdConnect token: " + e, e);
            return new InternalServerErrorException(e.toString(), e).asPromise();
        }
    } else {
        String message = "Bad request: unexpected token type:" + invocationState.getTokenType();
        logger.error(message);
        return new BadRequestException(message).asPromise();
    }
}
Also used : TokenGenerationServiceInvocationState(org.forgerock.openam.sts.service.invocation.TokenGenerationServiceInvocationState) ForbiddenException(org.forgerock.json.resource.ForbiddenException) SSOToken(com.iplanet.sso.SSOToken) BadRequestException(org.forgerock.json.resource.BadRequestException) InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException) ResourceException(org.forgerock.json.resource.ResourceException) RestSTSInstanceState(org.forgerock.openam.sts.tokengeneration.state.RestSTSInstanceState) SoapSTSInstanceState(org.forgerock.openam.sts.tokengeneration.state.SoapSTSInstanceState) STSInstanceState(org.forgerock.openam.sts.tokengeneration.state.STSInstanceState) TokenCreationException(org.forgerock.openam.sts.TokenCreationException) CTSTokenPersistenceException(org.forgerock.openam.sts.CTSTokenPersistenceException) InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException) ForbiddenException(org.forgerock.json.resource.ForbiddenException) SSOException(com.iplanet.sso.SSOException) NotFoundException(org.forgerock.json.resource.NotFoundException) BadRequestException(org.forgerock.json.resource.BadRequestException) IdRepoException(com.sun.identity.idm.IdRepoException) TokenCreationException(org.forgerock.openam.sts.TokenCreationException) ResourceException(org.forgerock.json.resource.ResourceException) STSPublishException(org.forgerock.openam.sts.STSPublishException)

Aggregations

InternalServerErrorException (org.forgerock.json.resource.InternalServerErrorException)70 SSOException (com.iplanet.sso.SSOException)39 JsonValue (org.forgerock.json.JsonValue)33 SMSException (com.sun.identity.sm.SMSException)29 BadRequestException (org.forgerock.json.resource.BadRequestException)27 NotFoundException (org.forgerock.json.resource.NotFoundException)25 ResourceException (org.forgerock.json.resource.ResourceException)24 SSOToken (com.iplanet.sso.SSOToken)19 IdRepoException (com.sun.identity.idm.IdRepoException)18 Set (java.util.Set)15 ResourceResponse (org.forgerock.json.resource.ResourceResponse)15 CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)14 AMIdentity (com.sun.identity.idm.AMIdentity)13 ArrayList (java.util.ArrayList)11 HashSet (java.util.HashSet)11 ForbiddenException (org.forgerock.json.resource.ForbiddenException)11 ServiceConfig (com.sun.identity.sm.ServiceConfig)10 NotSupportedException (org.forgerock.json.resource.NotSupportedException)10 Responses.newResourceResponse (org.forgerock.json.resource.Responses.newResourceResponse)10 ServiceConfigManager (com.sun.identity.sm.ServiceConfigManager)9