Search in sources :

Example 76 with ResourceException

use of org.forgerock.json.resource.ResourceException in project OpenAM by OpenRock.

the class RestSTSPublishServiceRequestHandler method handleUpdate.

/*
      * A PUT to the url composed of the publish endpont + the sts instance id with a payload corresponding to a
      * RestSTSInstanceId (wrapped in invocation context information) will result in republishing the existing instance
      * (which is a delete followed by a create).
      */
public Promise<ResourceResponse, ResourceException> handleUpdate(Context context, UpdateRequest request) {
    String stsId = request.getResourcePath();
    String realm = getRealmFromResourceName(request.getResourcePath());
    if (!realmValidator.isRealm(realm)) {
        logger.warn("Update of rest STS instance state for instance " + stsId + " in realm " + realm + " rejected because realm does not exist");
        return new NotFoundException("The specified realm does not exist.").asPromise();
    }
    /*
        Insure that the instance is published before performing an update.
         */
    final boolean publishedToSMS;
    try {
        publishedToSMS = publisher.isInstancePersistedInSMS(stsId, realm);
    } catch (STSPublishException e) {
        logger.error("In RestSTSPublishServiceRequestHandler#handleUpdate, exception caught determining whether " + "instance persisted in SMS. Instance not updated. Exception: " + e, e);
        return e.asPromise();
    }
    final boolean publishedToCrest = publisher.isInstanceExposedInCrest(stsId);
    if (publishedToSMS) {
        if (!publishedToCrest) {
            /*
                Entering this branch would seem to be an error condition. It could possibly happen in a site deployment,
                where a rest sts instance is published to a different server than the current server, and the registered
                ServiceListener was not called when the ldap replication created the service entry on the current server.
                I will log a warning, and still publish the instance, just for robustness.
                 */
            logger.warn("The rest sts instance " + stsId + " in realm " + realm + " is present in the SMS, but " + "has not been hung off of the CREST router. This is an illegal state. The instance will be" + " republished.");
        }
        RestSTSInstanceConfig instanceConfig;
        try {
            instanceConfig = marshalInstanceConfigFromInvocation(request.getContent());
        } catch (BadRequestException e) {
            logger.error("In RestSTSPublishServiceRequestHandler#handleUpdate, exception caught marshalling " + "invocation state to RestSTSInstanceConfig. Instance not updated. The state: " + request.getContent() + "Exception: " + e, e);
            return e.asPromise();
        }
        Injector instanceInjector;
        try {
            instanceInjector = createInjector(instanceConfig);
        } catch (ResourceException e) {
            logger.error("In RestSTSPublishServiceRequestHandler#handleUpdate, exception caught creating an " + "Injector using the RestSTSInstanceConfig. The instance: " + instanceConfig.toJson() + "; Exception: " + e, e);
            return e.asPromise();
        }
        try {
            publisher.updateInstanceInSMS(stsId, realm, instanceConfig, instanceInjector.getInstance(RestSTS.class));
            return newResultPromise(newResourceResponse(instanceConfig.getDeploymentSubPath(), Integer.toString(instanceConfig.hashCode()), json(object(field(RESULT, SUCCESS)))));
        } catch (STSPublishException e) {
            logger.error("In RestSTSPublishServiceRequestHandler#handleUpdate, exception caught removing " + "rest sts instance " + instanceConfig.getDeploymentSubPath() + ". This means instance is" + "in indeterminate state, and has not been updated. The instance config: " + instanceConfig + "; Exception: " + e, e);
            return e.asPromise();
        }
    } else {
        //404 - realm and id not found in SMS
        return new NotFoundException("No rest sts instance with id " + stsId + " in realm " + realm).asPromise();
    }
}
Also used : RestSTSInstanceConfig(org.forgerock.openam.sts.rest.config.user.RestSTSInstanceConfig) Injector(com.google.inject.Injector) STSPublishException(org.forgerock.openam.sts.STSPublishException) NotFoundException(org.forgerock.json.resource.NotFoundException) BadRequestException(org.forgerock.json.resource.BadRequestException) ResourceException(org.forgerock.json.resource.ResourceException) RestSTS(org.forgerock.openam.sts.rest.RestSTS)

Example 77 with ResourceException

use of org.forgerock.json.resource.ResourceException in project OpenAM by OpenRock.

the class RestSTSPublishServiceRequestHandler method handleCreate.

/*
     This method will be invoked by either a programmatic client, in which case a RestSTSInstanceConfig has emitted
     properly-formatted json, or from the RestSecurityTokenServiceViewBean, in which case the configuration state is
     in the sms-centric Map<String, Set<String>> format. This method needs to be able to handle both invocation types,
     and marshal the invocation state in to a RestSTSInstanceConfig instance either way. It also needs to return an accurate
     error message, so that in the case of RestSecurityTokenServiceViewBean invocation, the user can make appropriate
      corrections to the configuration state.
      */
public Promise<ResourceResponse, ResourceException> handleCreate(Context context, CreateRequest request) {
    final RestSTSInstanceConfig instanceConfig;
    try {
        instanceConfig = marshalInstanceConfigFromInvocation(request.getContent());
    } catch (BadRequestException e) {
        return e.asPromise();
    }
    if (!realmValidator.isRealm(instanceConfig.getDeploymentConfig().getRealm())) {
        logger.warn("Publish of Rest STS instance " + instanceConfig.getDeploymentSubPath() + " to realm " + instanceConfig.getDeploymentConfig().getRealm() + " rejected because realm does not exist.");
        return new NotFoundException("The specified realm does not exist.").asPromise();
    }
    Injector instanceInjector;
    try {
        instanceInjector = createInjector(instanceConfig);
    } catch (ResourceException e) {
        return e.asPromise();
    }
    return publishInstance(instanceConfig, instanceInjector);
}
Also used : RestSTSInstanceConfig(org.forgerock.openam.sts.rest.config.user.RestSTSInstanceConfig) Injector(com.google.inject.Injector) BadRequestException(org.forgerock.json.resource.BadRequestException) NotFoundException(org.forgerock.json.resource.NotFoundException) ResourceException(org.forgerock.json.resource.ResourceException)

Example 78 with ResourceException

use of org.forgerock.json.resource.ResourceException in project OpenAM by OpenRock.

the class RestSTSPublishServiceListener method handleInstanceCreation.

private void handleInstanceCreation(String normalizedServiceComponent, String orgName, String serviceComponent) {
    final String logIdentifier = "RestSTSPublishServiceListener#handleInstanceCreation";
    if (StringUtils.isBlank(normalizedServiceComponent)) {
        logger.warn("In RestSTSPublishServiceListener#handleInstanceCreation, the normalized name of the rest-sts service for " + "which the creation event was received is blank. The un-normalized name: " + serviceComponent + ". This happens " + "the first time a rest-sts instance is published in a newly-created realm, as the first step in this creation " + "is the addition of a new service configuration object for this subrealm, which also triggers the invocation " + "of this listener. If this message is appearing after the first creation of a rest-sts instance in a new realm, " + "then something is wrong.");
        return;
    }
    if (!instancePublisher.isInstanceExposedInCrest(normalizedServiceComponent)) {
        String realm = DNMapper.orgNameToRealmName(orgName);
        RestSTSInstanceConfig createdInstance;
        try {
            createdInstance = restSTSInstanceConfigStore.getSTSInstanceConfig(normalizedServiceComponent, realm);
        } catch (STSPublishException e) {
            logger.error(logIdentifier + ":could not obtain newly created rest-sts instance " + serviceComponent + " from SMS. " + "This means this instance will not be hung off of the CREST router. Exception: " + e);
            return;
        }
        Injector instanceInjector;
        try {
            instanceInjector = createInjector(createdInstance);
        } catch (ResourceException e) {
            logger.error(logIdentifier + ":could not create injector corresponding to newly created rest-sts " + "instance " + serviceComponent + ". The instanceConfig " + createdInstance.toJson() + "\nThis means this instance will not be hung off of the CREST router. Exception: " + e);
            return;
        }
        try {
            instancePublisher.publishInstance(createdInstance, instanceInjector.getInstance(RestSTS.class), REPUBLISH_INSTANCE);
            logger.info(logIdentifier + ": Successfully hung rest-sts instance " + createdInstance.getDeploymentSubPath() + " published at another server in the site deployment off of CREST router.");
        } catch (ResourceException e) {
            logger.error(logIdentifier + ":could not create injector corresponding to newly created rest-sts " + "instance " + serviceComponent + ". The instanceConfig " + createdInstance.toJson() + "\nThis means this instance will not be hung off of the CREST router. Exception: " + e);
        }
    }
}
Also used : RestSTSInstanceConfig(org.forgerock.openam.sts.rest.config.user.RestSTSInstanceConfig) Injector(com.google.inject.Injector) STSPublishException(org.forgerock.openam.sts.STSPublishException) ResourceException(org.forgerock.json.resource.ResourceException) RestSTS(org.forgerock.openam.sts.rest.RestSTS)

Example 79 with ResourceException

use of org.forgerock.json.resource.ResourceException in project OpenAM by OpenRock.

the class PolicyV1Filter method filterCreate.

/**
     * The policy json will not have any resource type defined. Create retrieves the policy's associated application
     * and uses the applications associated resource type for the policy.
     *
     * @param context
     *         the filter chain context
     * @param request
     *         the create request
     * @param next
     *         a request handler representing the remainder of the filter chain
     */
@Override
public Promise<ResourceResponse, ResourceException> filterCreate(Context context, CreateRequest request, RequestHandler next) {
    try {
        final JsonValue jsonValue = request.getContent();
        final Subject callingSubject = contextHelper.getSubject(context);
        final String realm = contextHelper.getRealm(context);
        retrieveResourceType(jsonValue, callingSubject, realm);
    } catch (EntitlementException eE) {
        debug.error("Error filtering policy create CREST request", eE);
        return resourceErrorHandler.handleError(context, request, eE).asPromise();
    } catch (ResourceException rE) {
        debug.error("Error filtering policy create CREST request", rE);
        return rE.asPromise();
    }
    return transform(next.handleCreate(context, request));
}
Also used : EntitlementException(com.sun.identity.entitlement.EntitlementException) JsonValue(org.forgerock.json.JsonValue) ResourceException(org.forgerock.json.resource.ResourceException) Subject(javax.security.auth.Subject)

Example 80 with ResourceException

use of org.forgerock.json.resource.ResourceException in project OpenAM by OpenRock.

the class JSONRestStatusServiceTest method shouldReturnThrowableJsonValueIfResourceException.

@Test
public void shouldReturnThrowableJsonValueIfResourceException() throws IOException {
    //Given
    Request request = mock(Request.class);
    Response response = mock(Response.class);
    ResourceException exception = ResourceException.newResourceException(401);
    exception.setDetail(json(object(field("bing", "bong"))));
    Status status = new Status(exception.getCode(), exception);
    //When
    Representation representation = restStatusService.toRepresentation(status, request, response);
    //Then
    assertTrue(representation.getText().contains("\"bing\":\"bong\""));
}
Also used : Response(org.restlet.Response) Status(org.restlet.data.Status) Request(org.restlet.Request) ResourceException(org.forgerock.json.resource.ResourceException) Representation(org.restlet.representation.Representation) Test(org.testng.annotations.Test)

Aggregations

ResourceException (org.forgerock.json.resource.ResourceException)323 Test (org.testng.annotations.Test)233 ResourceResponse (org.forgerock.json.resource.ResourceResponse)179 JsonValue (org.forgerock.json.JsonValue)145 Context (org.forgerock.services.context.Context)145 RealmContext (org.forgerock.openam.rest.RealmContext)110 SSOTokenContext (org.forgerock.openam.rest.resource.SSOTokenContext)71 Subject (javax.security.auth.Subject)58 ClientContext (org.forgerock.services.context.ClientContext)56 NotFoundException (org.forgerock.json.resource.NotFoundException)47 BadRequestException (org.forgerock.json.resource.BadRequestException)44 QueryResponse (org.forgerock.json.resource.QueryResponse)43 HashSet (java.util.HashSet)42 InternalServerErrorException (org.forgerock.json.resource.InternalServerErrorException)42 CreateRequest (org.forgerock.json.resource.CreateRequest)40 SSOException (com.iplanet.sso.SSOException)38 ActionResponse (org.forgerock.json.resource.ActionResponse)37 SubjectContext (org.forgerock.openam.rest.resource.SubjectContext)37 Matchers.anyString (org.mockito.Matchers.anyString)37 ArrayList (java.util.ArrayList)35