Example 56 with NotFoundException
use of org.forgerock.oauth2.core.exceptions.NotFoundException in project OpenAM by OpenRock.
the class PermissionRequestEndpoint method registerPermissionRequest.
/**
* Registers the permission that the client requires for it to be able to access a protected resource.
*
* @param entity The permission request JSON body.
* @return A JSON object containing the permission ticket.
* @throws UmaException If the JSON request body is invalid or the requested resource set does not exist.
*/
@Post
public Representation registerPermissionRequest(JsonRepresentation entity) throws UmaException, NotFoundException, ServerException {
JsonValue permissionRequest = json(toMap(entity));
String resourceSetId = getResourceSetId(permissionRequest);
OAuth2Request oAuth2Request = requestFactory.create(getRequest());
String clientId = getClientId(oAuth2Request);
OAuth2ProviderSettings providerSettings = providerSettingsFactory.get(oAuth2Request);
String resourceOwnerId = getResourceOwnerId(oAuth2Request);
ResourceSetDescription resourceSetDescription = getResourceSet(resourceSetId, resourceOwnerId, providerSettings);
Set<String> scopes = validateScopes(permissionRequest, resourceSetDescription);
for (PermissionRequestFilter filter : extensionFilterManager.getFilters(PermissionRequestFilter.class)) {
filter.onPermissionRequest(resourceSetDescription, scopes, clientId);
}
String ticket = umaProviderSettingsFactory.get(getRequest()).getUmaTokenStore().createPermissionTicket(resourceSetId, scopes, clientId).getId();
return setResponse(201, Collections.<String, Object>singletonMap("ticket", ticket));
}
Also used :
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
PermissionRequestFilter(org.forgerock.openam.uma.extensions.PermissionRequestFilter)
JsonValue(org.forgerock.json.JsonValue)
OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings)
ResourceSetDescription(org.forgerock.oauth2.resources.ResourceSetDescription)
Post(org.restlet.resource.Post)
Example 57 with NotFoundException
use of org.forgerock.oauth2.core.exceptions.NotFoundException in project OpenAM by OpenRock.
the class IdTokenClaimGatherer method getRequestingPartyId.
@Override
public String getRequestingPartyId(OAuth2Request oAuth2Request, AccessToken authorizationApiToken, JsonValue claimToken) {
try {
SignedJwt idToken = jwtReconstruction.reconstructJwt(claimToken.asString(), SignedJwt.class);
OAuth2ProviderSettings oAuth2ProviderSettings = oauth2ProviderSettingsFactory.get(oAuth2Request);
OAuth2Uris oAuth2Uris = oAuth2UrisFactory.get(oAuth2Request);
byte[] clientSecret = clientRegistrationStore.get(authorizationApiToken.getClientId(), oAuth2Request).getClientSecret().getBytes(Utils.CHARSET);
KeyPair keyPair = oAuth2ProviderSettings.getServerKeyPair();
if (!idToken.getClaimsSet().getIssuer().equals(oAuth2Uris.getIssuer())) {
logger.warn("Issuer of id token, {0}, does not match issuer of authorization server, {1}.", idToken.getClaimsSet().getIssuer(), oAuth2Uris.getIssuer());
return null;
}
if (!verify(clientSecret, keyPair, idToken)) {
logger.warn("Signature of id token is invalid.");
return null;
}
return idToken.getClaimsSet().getSubject();
} catch (InvalidClientException e) {
logger.error("Failed to find client", e);
return null;
} catch (NotFoundException | ServerException e) {
logger.error("Failed to find OAuth2 settings", e);
return null;
}
}
Also used :
KeyPair(java.security.KeyPair)
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
OAuth2Uris(org.forgerock.oauth2.core.OAuth2Uris)
InvalidClientException(org.forgerock.oauth2.core.exceptions.InvalidClientException)
NotFoundException(org.forgerock.oauth2.core.exceptions.NotFoundException)
SignedJwt(org.forgerock.json.jose.jws.SignedJwt)
OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings)
Example 58 with NotFoundException
use of org.forgerock.oauth2.core.exceptions.NotFoundException in project OpenAM by OpenRock.
the class PendingRequestEmailTemplate method getLocale.
private Locale getLocale(String username, String realm) {
try {
String localeAttributeName = settingsFactory.get(realm).getUserProfilePreferredLocaleAttribute();
if (localeAttributeName != null) {
AMIdentity identity = IdUtils.getIdentity(username, realm);
@SuppressWarnings("unchecked") Set<String> localeAttribute = identity.getAttribute(localeAttributeName);
if (localeAttribute != null && !localeAttribute.isEmpty()) {
return Locale.forLanguageTag(CollectionUtils.getFirstItem(localeAttribute, ""));
}
}
String defaultLocale = authServiceSettings.getStringSetting(realm, "iplanet-am-auth-locale");
if (defaultLocale != null) {
return Locale.forLanguageTag(defaultLocale);
}
} catch (SSOException | IdRepoException | ServerException | SMSException | NotFoundException e) {
debug.warning("Failed to get locale for user, " + username + ", in realm, " + realm, e);
}
return Locale.ROOT;
}
Also used :
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
SMSException(com.sun.identity.sm.SMSException)
AMIdentity(com.sun.identity.idm.AMIdentity)
IdRepoException(com.sun.identity.idm.IdRepoException)
NotFoundException(org.forgerock.oauth2.core.exceptions.NotFoundException)
SSOException(com.iplanet.sso.SSOException)
Example 59 with NotFoundException
use of org.forgerock.oauth2.core.exceptions.NotFoundException in project OpenAM by OpenRock.
the class UmaTokenStore method deleteRPT.
public void deleteRPT(String id) throws NotFoundException, ServerException {
try {
// check token is RPT
readRPT(id);
cts.delete(id);
} catch (CoreTokenException e) {
throw new ServerException("Could not delete token: " + id);
}
}
Also used :
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
Example 60 with NotFoundException
use of org.forgerock.oauth2.core.exceptions.NotFoundException in project OpenAM by OpenRock.
the class UmaTokenStore method readToken.
public UmaToken readToken(String ticketId, JavaBeanAdapter<? extends UmaToken> adapter) throws NotFoundException {
try {
Token token = cts.read(ticketId);
if (token == null) {
throw new NotFoundException("No valid ticket exists with ticketId");
}
UmaToken ticket = adapter.fromToken(token);
if (!realm.equals(ticket.getRealm())) {
throw new NotFoundException("No valid ticket exists with ticketId in the realm, " + realm);
}
return ticket;
} catch (CoreTokenException e) {
throw new NotFoundException("No valid ticket exists with ticketId");
}
}
Also used :
NotFoundException(org.forgerock.oauth2.core.exceptions.NotFoundException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
Token(org.forgerock.openam.cts.api.tokens.Token)
Aggregations
ServerException (org.forgerock.oauth2.core.exceptions.ServerException)44
OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)34
OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)28
NotFoundException (org.forgerock.oauth2.core.exceptions.NotFoundException)24
CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)21
JsonValue (org.forgerock.json.JsonValue)20
ResourceSetDescription (org.forgerock.oauth2.resources.ResourceSetDescription)13
AccessToken (org.forgerock.oauth2.core.AccessToken)12
ClientRegistration (org.forgerock.oauth2.core.ClientRegistration)11
InvalidGrantException (org.forgerock.oauth2.core.exceptions.InvalidGrantException)11
ResourceSetStore (org.forgerock.oauth2.resources.ResourceSetStore)11
Request (org.restlet.Request)11
SSOException (com.iplanet.sso.SSOException)10
HashSet (java.util.HashSet)10
AMIdentity (com.sun.identity.idm.AMIdentity)9
HashMap (java.util.HashMap)9
IdRepoException (com.sun.identity.idm.IdRepoException)8
OAuth2Uris (org.forgerock.oauth2.core.OAuth2Uris)8
InvalidClientException (org.forgerock.oauth2.core.exceptions.InvalidClientException)8
UnauthorizedClientException (org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)8
