Example 86 with NotFoundException
use of org.forgerock.oauth2.core.exceptions.NotFoundException in project OpenAM by OpenRock.
the class CheckSessionImpl method getClientRegistration.
/**
* Gets the Client's registration based from the audience set in the JWT.
*
* @param jwt The JWT.
* @return The Client's registration.
* @throws InvalidClientException If the client's registration is not found.
*/
private ClientRegistration getClientRegistration(Jwt jwt) throws InvalidClientException, NotFoundException {
List<String> clients = jwt.getClaimsSet().getAudience();
final String realm = (String) jwt.getClaimsSet().getClaim(REALM);
if (clients != null && !clients.isEmpty()) {
String client = clients.iterator().next();
ClientRegistration clientRegistration = clientRegistrationStore.get(client, new OAuth2Request() {
public <T> T getRequest() {
throw new UnsupportedOperationException();
}
public <T> T getParameter(String name) {
if (REALM.equals(name)) {
return (T) realm;
}
throw new UnsupportedOperationException();
}
public JsonValue getBody() {
throw new UnsupportedOperationException();
}
public Locale getLocale() {
throw new UnsupportedOperationException();
}
});
return clientRegistration;
}
return null;
}
Also used :
Locale(java.util.Locale)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
ClientRegistration(org.forgerock.oauth2.core.ClientRegistration)
JsonValue(org.forgerock.json.JsonValue)
Example 87 with NotFoundException
use of org.forgerock.oauth2.core.exceptions.NotFoundException in project OpenAM by OpenRock.
the class OAuth2AuditRefreshTokenContextProvider method retrieveRefreshTokenFromChallengeResponse.
private RefreshToken retrieveRefreshTokenFromChallengeResponse(Request request) {
RefreshToken refreshToken;
ChallengeResponse challengeResponse = request.getChallengeResponse();
if (challengeResponse == null) {
return null;
}
String bearerToken = challengeResponse.getRawValue();
if ("undefined".equals(bearerToken)) {
return null;
}
OAuth2Request oAuth2Request = requestFactory.create(request);
try {
refreshToken = tokenStore.readRefreshToken(oAuth2Request, bearerToken);
} catch (ServerException | InvalidGrantException | NotFoundException e) {
return null;
}
return refreshToken;
}
Also used :
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
RefreshToken(org.forgerock.oauth2.core.RefreshToken)
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
NotFoundException(org.forgerock.oauth2.core.exceptions.NotFoundException)
InvalidGrantException(org.forgerock.oauth2.core.exceptions.InvalidGrantException)
ChallengeResponse(org.restlet.data.ChallengeResponse)
Example 88 with NotFoundException
use of org.forgerock.oauth2.core.exceptions.NotFoundException in project OpenAM by OpenRock.
the class OAuth2AuditAccessTokenContextProvider method retrieveAccessTokenFromChallengeResponse.
private AccessToken retrieveAccessTokenFromChallengeResponse(Request request) {
AccessToken token;
ChallengeResponse challengeResponse = request.getChallengeResponse();
if (challengeResponse == null) {
return null;
}
String bearerToken = challengeResponse.getRawValue();
if ("undefined".equals(bearerToken)) {
return null;
}
OAuth2Request oAuth2Request = requestFactory.create(request);
try {
token = tokenStore.readAccessToken(oAuth2Request, bearerToken);
} catch (ServerException | InvalidGrantException | NotFoundException e) {
return null;
}
return token;
}
Also used :
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
AccessToken(org.forgerock.oauth2.core.AccessToken)
NotFoundException(org.forgerock.oauth2.core.exceptions.NotFoundException)
InvalidGrantException(org.forgerock.oauth2.core.exceptions.InvalidGrantException)
ChallengeResponse(org.restlet.data.ChallengeResponse)
Example 89 with NotFoundException
use of org.forgerock.oauth2.core.exceptions.NotFoundException in project OpenAM by OpenRock.
the class AuthorizationRequestEndpoint method requestAuthorization.
@Post
public Representation requestAuthorization(JsonRepresentation entity) throws BadRequestException, UmaException, EntitlementException, ServerException, NotFoundException {
UmaProviderSettings umaProviderSettings = umaProviderSettingsFactory.get(this.getRequest());
final OAuth2Request oauth2Request = requestFactory.create(getRequest());
OAuth2ProviderSettings oauth2ProviderSettings = oauth2ProviderSettingsFactory.get(oauth2Request);
OAuth2Uris oAuth2Uris = oAuth2UrisFactory.get(oauth2Request);
final UmaTokenStore umaTokenStore = umaProviderSettings.getUmaTokenStore();
String realm = oauth2Request.getParameter("realm");
JsonValue requestBody = json(toMap(entity));
PermissionTicket permissionTicket = getPermissionTicket(umaTokenStore, requestBody);
validatePermissionTicketHolder(umaTokenStore, permissionTicket);
final String resourceSetId = permissionTicket.getResourceSetId();
final Request request = getRequest();
final String resourceOwnerId = getResourceOwnerId(oauth2ProviderSettings, resourceSetId);
AMIdentity resourceOwner = createIdentity(resourceOwnerId, realm);
String requestingPartyId = null;
try {
requestingPartyId = getRequestingPartyId(umaProviderSettings, oAuth2Uris, requestBody);
} finally {
auditLogger.log(resourceSetId, resourceOwner, UmaAuditType.REQUEST, request, requestingPartyId == null ? getAuthorisationApiToken().getResourceOwnerId() : requestingPartyId);
}
if (isEntitled(umaProviderSettings, oauth2ProviderSettings, permissionTicket, requestingPartyId)) {
getResponse().setStatus(new Status(200));
auditLogger.log(resourceSetId, resourceOwner, UmaAuditType.GRANTED, request, requestingPartyId);
return createJsonRpt(umaTokenStore, permissionTicket);
} else {
try {
if (verifyPendingRequestDoesNotAlreadyExist(resourceSetId, resourceOwnerId, permissionTicket.getRealm(), requestingPartyId, permissionTicket.getScopes())) {
auditLogger.log(resourceSetId, resourceOwner, UmaAuditType.DENIED, request, requestingPartyId);
throw new UmaException(403, UmaConstants.NOT_AUTHORISED_ERROR_CODE, "The client is not authorised to access the requested resource set");
} else {
pendingRequestsService.createPendingRequest(ServletUtils.getRequest(getRequest()), resourceSetId, auditLogger.getResourceName(resourceSetId, request), resourceOwnerId, requestingPartyId, permissionTicket.getRealm(), permissionTicket.getScopes());
auditLogger.log(resourceSetId, resourceOwner, UmaAuditType.REQUEST_SUBMITTED, request, requestingPartyId);
}
} catch (org.forgerock.openam.sm.datalayer.store.ServerException e) {
logger.error("Failed to create pending request", e);
throw new UmaException(403, UmaConstants.NOT_AUTHORISED_ERROR_CODE, "Failed to create pending request");
}
throw newRequestSubmittedException();
}
}
Also used :
Status(org.restlet.data.Status)
OAuth2Uris(org.forgerock.oauth2.core.OAuth2Uris)
JsonValue(org.forgerock.json.JsonValue)
UmaPendingRequest(org.forgerock.openam.sm.datalayer.impl.uma.UmaPendingRequest)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
Request(org.restlet.Request)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
AMIdentity(com.sun.identity.idm.AMIdentity)
OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings)
Post(org.restlet.resource.Post)
Example 90 with NotFoundException
use of org.forgerock.oauth2.core.exceptions.NotFoundException in project OpenAM by OpenRock.
the class UmaPolicyApplicationListener method identityDeleted.
/**
* Deletes, (based on configuration), the resource servers policy application, policies and
* resource sets.
*
* @param universalId {@inheritDoc}
*/
@Override
public void identityDeleted(String universalId) {
try {
AMIdentity identity = getIdentity(universalId);
if (!isAgentIdentity(identity)) {
return;
}
removeApplication(identity.getRealm(), identity.getName());
} catch (IdRepoException e) {
logger.error("Failed to get identity", e);
} catch (NotFoundException e) {
logger.error("Failed to get UMA Provider settings", e);
} catch (ServerException e) {
logger.error("Failed to get UMA Provider settings", e);
}
}
Also used :
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
AMIdentity(com.sun.identity.idm.AMIdentity)
IdRepoException(com.sun.identity.idm.IdRepoException)
NotFoundException(org.forgerock.oauth2.core.exceptions.NotFoundException)
DenyOverride(com.sun.identity.entitlement.DenyOverride)
Aggregations
ServerException (org.forgerock.oauth2.core.exceptions.ServerException)44
OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)34
OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)28
NotFoundException (org.forgerock.oauth2.core.exceptions.NotFoundException)24
CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)21
JsonValue (org.forgerock.json.JsonValue)20
ResourceSetDescription (org.forgerock.oauth2.resources.ResourceSetDescription)13
AccessToken (org.forgerock.oauth2.core.AccessToken)12
ClientRegistration (org.forgerock.oauth2.core.ClientRegistration)11
InvalidGrantException (org.forgerock.oauth2.core.exceptions.InvalidGrantException)11
ResourceSetStore (org.forgerock.oauth2.resources.ResourceSetStore)11
Request (org.restlet.Request)11
SSOException (com.iplanet.sso.SSOException)10
HashSet (java.util.HashSet)10
AMIdentity (com.sun.identity.idm.AMIdentity)9
HashMap (java.util.HashMap)9
IdRepoException (com.sun.identity.idm.IdRepoException)8
OAuth2Uris (org.forgerock.oauth2.core.OAuth2Uris)8
InvalidClientException (org.forgerock.oauth2.core.exceptions.InvalidClientException)8
UnauthorizedClientException (org.forgerock.oauth2.core.exceptions.UnauthorizedClientException)8
