use of org.forgerock.oauth2.core.exceptions.OAuth2Exception in project OpenAM by OpenRock.
the class EndSession method endSession.
/**
* Handles GET requests to the OpenId Connect end session endpoint for ending OpenId Connect user sessions.
*
* @return The OpenId Connect token of the session that has ended.
* @throws OAuth2RestletException If an error occurs whilst ending the users session.
*/
@Get
public Representation endSession() throws OAuth2RestletException {
final OAuth2Request request = requestFactory.create(getRequest());
final String idToken = request.getParameter(OAuth2Constants.Params.END_SESSION_ID_TOKEN_HINT);
final String redirectUri = request.getParameter(OAuth2Constants.Params.POST_LOGOUT_REDIRECT_URI);
try {
openIDConnectEndSession.endSession(idToken);
if (StringUtils.isNotEmpty(redirectUri)) {
return handleRedirect(request, idToken, redirectUri);
}
} catch (OAuth2Exception e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), null);
}
return null;
}
use of org.forgerock.oauth2.core.exceptions.OAuth2Exception in project OpenAM by OpenRock.
the class ConnectClientRegistration method createClient.
/**
* Handles POST requests to the OpenId Connect client registration endpoint for creating OpenId Connect client
* registrations.
*
* @param entity The representation of the client registration details.
* @return The representation of the client registration details as created in the store.
* @throws OAuth2RestletException If an error occurs whilst processing the client registration.
*/
@Post
public Representation createClient(Representation entity) throws OAuth2RestletException {
final OAuth2Request request = requestFactory.create(getRequest());
final ChallengeResponse authHeader = getRequest().getChallengeResponse();
final String accessToken = authHeader != null ? authHeader.getRawValue() : null;
try {
final String deploymentUrl = getRequest().getHostRef().toString() + "/" + getRequest().getResourceRef().getSegments().get(0);
final JsonValue registration = clientRegistrationService.createRegistration(accessToken, deploymentUrl, request);
setStatus(Status.SUCCESS_CREATED);
return jacksonRepresentationFactory.create(registration.asMap());
} catch (OAuth2Exception e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), null);
}
}
use of org.forgerock.oauth2.core.exceptions.OAuth2Exception in project OpenAM by OpenRock.
the class OpenIDConnectProviderConfiguration method getConfiguration.
/**
* Gets the OpenId configuration for the OpenId Connect provider.
*
* @param request The OAuth2 request.
* @return A JsonValue representation of the OpenId configuration.
* @throws UnsupportedResponseTypeException If the requested response type is not supported by either the client
* or the OAuth2 provider.
* @throws ServerException If any internal server error occurs.
*/
public JsonValue getConfiguration(OAuth2Request request) throws OAuth2Exception {
final OAuth2ProviderSettings providerSettings = providerSettingsFactory.get(request);
final OAuth2Uris uris = urisFactory.get(request);
if (!providerSettings.exists() || providerSettings.getSupportedScopes() == null || !providerSettings.getSupportedScopes().contains("openid")) {
throw new NotFoundException("Invalid URL");
}
final Map<String, Object> configuration = new HashMap<>();
configuration.put("version", providerSettings.getOpenIDConnectVersion());
configuration.put("issuer", uris.getIssuer());
configuration.put("authorization_endpoint", uris.getAuthorizationEndpoint());
configuration.put("token_endpoint", uris.getTokenEndpoint());
configuration.put("userinfo_endpoint", uris.getUserInfoEndpoint());
configuration.put("check_session_iframe", uris.getCheckSessionEndpoint());
configuration.put("end_session_endpoint", uris.getEndSessionEndpoint());
configuration.put("jwks_uri", uris.getJWKSUri());
configuration.put("registration_endpoint", uris.getClientRegistrationEndpoint());
configuration.put("claims_supported", providerSettings.getSupportedClaims());
configuration.put("scopes_supported", providerSettings.getSupportedScopes());
configuration.put("response_types_supported", getResponseTypes(providerSettings.getAllowedResponseTypes().keySet()));
configuration.put("subject_types_supported", providerSettings.getSupportedSubjectTypes());
configuration.put("id_token_signing_alg_values_supported", providerSettings.getSupportedIDTokenSigningAlgorithms());
configuration.put("acr_values_supported", providerSettings.getAcrMapping().keySet());
configuration.put("claims_parameter_supported", providerSettings.getClaimsParameterSupported());
configuration.put("token_endpoint_auth_methods_supported", providerSettings.getEndpointAuthMethodsSupported());
return new JsonValue(configuration);
}
use of org.forgerock.oauth2.core.exceptions.OAuth2Exception in project OpenAM by OpenRock.
the class ResourceSetRegistrationExceptionFilter method afterHandle.
/**
* Checks if an error response is being returned and translates the error into the format described by the
* specification, https://tools.ietf.org/html/draft-hardjono-oauth-resource-reg-04#section-3.
*
* @param request The request to handle.
* @param response The response to update.
*/
@Override
protected void afterHandle(Request request, Response response) {
if (response.getStatus().isError() && response.getEntity() == null) {
if (405 == response.getStatus().getCode()) {
response.setEntity(jacksonRepresentationFactory.create(UNSUPPORTED_METHOD_TYPE));
} else if (412 == response.getStatus().getCode()) {
response.setEntity(jacksonRepresentationFactory.create(PRECONDITION_FAILED));
} else if (response.getStatus().getThrowable() instanceof OAuth2Exception) {
OAuth2Exception exception = (OAuth2Exception) response.getStatus().getThrowable();
setExceptionResponse(response, exception.getStatusCode(), exception.getError());
} else {
setExceptionResponse(response, 500, "server_error");
}
}
}
use of org.forgerock.oauth2.core.exceptions.OAuth2Exception in project OpenAM by OpenRock.
the class ExceptionHandler method toOAuth2RestletException.
private OAuth2RestletException toOAuth2RestletException(Throwable throwable) {
if (throwable instanceof OAuth2RestletException) {
return (OAuth2RestletException) throwable;
} else if (throwable.getCause() instanceof OAuth2RestletException) {
return (OAuth2RestletException) throwable.getCause();
} else if (throwable.getCause() instanceof OAuth2Exception) {
final OAuth2Exception exception = (OAuth2Exception) throwable.getCause();
return new OAuth2RestletException(exception.getStatusCode(), exception.getError(), exception.getMessage(), null);
} else {
final ServerException serverException = new ServerException(throwable);
final OAuth2RestletException oauthException = new OAuth2RestletException(serverException.getStatusCode(), serverException.getError(), serverException.getMessage(), null);
return oauthException;
}
}
Aggregations