Example 21 with PermanentException
use of org.forgerock.json.resource.PermanentException in project OpenAM by OpenRock.
the class TokenResource method readInstance.
@Override
public Promise<ResourceResponse, ResourceException> readInstance(Context context, String resourceId, ReadRequest request) {
try {
AMIdentity uid = getUid(context);
JsonValue response;
ResourceResponse resource;
try {
response = tokenStore.read(resourceId);
} catch (CoreTokenException e) {
if (debug.errorEnabled()) {
debug.error("TokenResource :: READ : No token found with ID, " + resourceId);
}
throw new NotFoundException("Could not find valid token with given ID", e);
}
if (response == null) {
if (debug.errorEnabled()) {
debug.error("TokenResource :: READ : No token found with ID, " + resourceId);
}
throw new NotFoundException("Could not find valid token with given ID");
}
JsonValue expireTimeValue = response.get(OAuth2Constants.CoreTokenParams.EXPIRE_TIME);
long expireTime;
if (expireTimeValue.isNumber()) {
expireTime = expireTimeValue.asLong();
} else {
Set<String> expireTimeSet = (Set<String>) expireTimeValue.getObject();
expireTime = Long.parseLong(expireTimeSet.iterator().next());
}
if (System.currentTimeMillis() > expireTime) {
throw new NotFoundException("Could not find valid token with given ID");
}
String grantType = getAttributeValue(response, GRANT_TYPE);
if (grantType != null && grantType.equalsIgnoreCase(OAuth2Constants.TokenEndpoint.CLIENT_CREDENTIALS)) {
resource = newResourceResponse(OAuth2Constants.Params.ID, String.valueOf(System.currentTimeMillis()), response);
return newResultPromise(resource);
} else {
String realm = getAttributeValue(response, REALM);
String username = getAttributeValue(response, USERNAME);
if (username == null || username.isEmpty()) {
if (debug.errorEnabled()) {
debug.error("TokenResource :: READ : No token found with ID, " + resourceId);
}
throw new NotFoundException("Could not find valid token with given ID");
}
AMIdentity uid2 = identityManager.getResourceOwnerIdentity(username, realm);
if (uid.equals(adminUserId) || uid.equals(uid2)) {
resource = newResourceResponse(OAuth2Constants.Params.ID, String.valueOf(System.currentTimeMillis()), response);
return newResultPromise(resource);
} else {
if (debug.errorEnabled()) {
debug.error("TokenResource :: READ : Only the resource owner or an administrator may perform " + "a read on the token with ID, " + resourceId + ".");
}
throw new PermanentException(401, "Unauthorized", null);
}
}
} catch (ResourceException e) {
return e.asPromise();
} catch (SSOException e) {
debug.error("TokenResource :: READ : Unable to query collection as the IdRepo " + "failed to return a valid user.", e);
return new PermanentException(401, "Unauthorized", e).asPromise();
} catch (IdRepoException e) {
debug.error("TokenResource :: READ : Unable to query collection as the IdRepo " + "failed to return a valid user.", e);
return new PermanentException(401, "Unauthorized", e).asPromise();
} catch (UnauthorizedClientException e) {
debug.error("TokenResource :: READ : Unable to query collection as the client is not authorized.", e);
return new PermanentException(401, "Unauthorized", e).asPromise();
}
}
Also used :
Set(java.util.Set)
JsonValue(org.forgerock.json.JsonValue)
IdRepoException(com.sun.identity.idm.IdRepoException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
NotFoundException(org.forgerock.json.resource.NotFoundException)
SSOException(com.iplanet.sso.SSOException)
ResourceResponse(org.forgerock.json.resource.ResourceResponse)
AMIdentity(com.sun.identity.idm.AMIdentity)
PermanentException(org.forgerock.json.resource.PermanentException)
UnauthorizedClientException(org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)
ResourceException(org.forgerock.json.resource.ResourceException)
Aggregations
PermanentException (org.forgerock.json.resource.PermanentException)21
SSOException (com.iplanet.sso.SSOException)19
ResourceException (org.forgerock.json.resource.ResourceException)17
BadRequestException (org.forgerock.json.resource.BadRequestException)16
InternalServerErrorException (org.forgerock.json.resource.InternalServerErrorException)16
NotFoundException (org.forgerock.json.resource.NotFoundException)16
SMSException (com.sun.identity.sm.SMSException)15
IdRepoException (com.sun.identity.idm.IdRepoException)14
JsonValue (org.forgerock.json.JsonValue)14
ForbiddenException (org.forgerock.json.resource.ForbiddenException)14
RealmContext (org.forgerock.openam.rest.RealmContext)13
ConflictException (org.forgerock.json.resource.ConflictException)12
ResourceResponse (org.forgerock.json.resource.ResourceResponse)10
CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)9
NotSupportedException (org.forgerock.json.resource.NotSupportedException)8
IdentityDetails (com.sun.identity.idsvcs.IdentityDetails)7
ObjectNotFound (com.sun.identity.idsvcs.ObjectNotFound)7
TokenExpired (com.sun.identity.idsvcs.TokenExpired)7
OrganizationConfigManager (com.sun.identity.sm.OrganizationConfigManager)7
SSOToken (com.iplanet.sso.SSOToken)6
