Search in sources :

Example 1 with OAuth2Exception

use of org.forgerock.oauth2.core.exceptions.OAuth2Exception in project OpenAM by OpenRock.

the class EndSession method endSession.

/**
     * Handles GET requests to the OpenId Connect end session endpoint for ending OpenId Connect user sessions.
     *
     * @return The OpenId Connect token of the session that has ended.
     * @throws OAuth2RestletException If an error occurs whilst ending the users session.
     */
@Get
public Representation endSession() throws OAuth2RestletException {
    final OAuth2Request request = requestFactory.create(getRequest());
    final String idToken = request.getParameter(OAuth2Constants.Params.END_SESSION_ID_TOKEN_HINT);
    final String redirectUri = request.getParameter(OAuth2Constants.Params.POST_LOGOUT_REDIRECT_URI);
    try {
        openIDConnectEndSession.endSession(idToken);
        if (StringUtils.isNotEmpty(redirectUri)) {
            return handleRedirect(request, idToken, redirectUri);
        }
    } catch (OAuth2Exception e) {
        throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), null);
    }
    return null;
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) OAuth2RestletException(org.forgerock.oauth2.restlet.OAuth2RestletException) OAuth2Exception(org.forgerock.oauth2.core.exceptions.OAuth2Exception) Get(org.restlet.resource.Get)

Example 2 with OAuth2Exception

use of org.forgerock.oauth2.core.exceptions.OAuth2Exception in project OpenAM by OpenRock.

the class ConnectClientRegistration method createClient.

/**
     * Handles POST requests to the OpenId Connect client registration endpoint for creating OpenId Connect client
     * registrations.
     *
     * @param entity The representation of the client registration details.
     * @return The representation of the client registration details as created in the store.
     * @throws OAuth2RestletException If an error occurs whilst processing the client registration.
     */
@Post
public Representation createClient(Representation entity) throws OAuth2RestletException {
    final OAuth2Request request = requestFactory.create(getRequest());
    final ChallengeResponse authHeader = getRequest().getChallengeResponse();
    final String accessToken = authHeader != null ? authHeader.getRawValue() : null;
    try {
        final String deploymentUrl = getRequest().getHostRef().toString() + "/" + getRequest().getResourceRef().getSegments().get(0);
        final JsonValue registration = clientRegistrationService.createRegistration(accessToken, deploymentUrl, request);
        setStatus(Status.SUCCESS_CREATED);
        return jacksonRepresentationFactory.create(registration.asMap());
    } catch (OAuth2Exception e) {
        throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), null);
    }
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) OAuth2RestletException(org.forgerock.oauth2.restlet.OAuth2RestletException) JsonValue(org.forgerock.json.JsonValue) OAuth2Exception(org.forgerock.oauth2.core.exceptions.OAuth2Exception) ChallengeResponse(org.restlet.data.ChallengeResponse) Post(org.restlet.resource.Post)

Example 3 with OAuth2Exception

use of org.forgerock.oauth2.core.exceptions.OAuth2Exception in project OpenAM by OpenRock.

the class OpenIDConnectProviderConfiguration method getConfiguration.

/**
     * Gets the OpenId configuration for the OpenId Connect provider.
     *
     * @param request The OAuth2 request.
     * @return A JsonValue representation of the OpenId configuration.
     * @throws UnsupportedResponseTypeException If the requested response type is not supported by either the client
     *          or the OAuth2 provider.
     * @throws ServerException If any internal server error occurs.
     */
public JsonValue getConfiguration(OAuth2Request request) throws OAuth2Exception {
    final OAuth2ProviderSettings providerSettings = providerSettingsFactory.get(request);
    final OAuth2Uris uris = urisFactory.get(request);
    if (!providerSettings.exists() || providerSettings.getSupportedScopes() == null || !providerSettings.getSupportedScopes().contains("openid")) {
        throw new NotFoundException("Invalid URL");
    }
    final Map<String, Object> configuration = new HashMap<>();
    configuration.put("version", providerSettings.getOpenIDConnectVersion());
    configuration.put("issuer", uris.getIssuer());
    configuration.put("authorization_endpoint", uris.getAuthorizationEndpoint());
    configuration.put("token_endpoint", uris.getTokenEndpoint());
    configuration.put("userinfo_endpoint", uris.getUserInfoEndpoint());
    configuration.put("check_session_iframe", uris.getCheckSessionEndpoint());
    configuration.put("end_session_endpoint", uris.getEndSessionEndpoint());
    configuration.put("jwks_uri", uris.getJWKSUri());
    configuration.put("registration_endpoint", uris.getClientRegistrationEndpoint());
    configuration.put("claims_supported", providerSettings.getSupportedClaims());
    configuration.put("scopes_supported", providerSettings.getSupportedScopes());
    configuration.put("response_types_supported", getResponseTypes(providerSettings.getAllowedResponseTypes().keySet()));
    configuration.put("subject_types_supported", providerSettings.getSupportedSubjectTypes());
    configuration.put("id_token_signing_alg_values_supported", providerSettings.getSupportedIDTokenSigningAlgorithms());
    configuration.put("acr_values_supported", providerSettings.getAcrMapping().keySet());
    configuration.put("claims_parameter_supported", providerSettings.getClaimsParameterSupported());
    configuration.put("token_endpoint_auth_methods_supported", providerSettings.getEndpointAuthMethodsSupported());
    return new JsonValue(configuration);
}
Also used : OAuth2Uris(org.forgerock.oauth2.core.OAuth2Uris) HashMap(java.util.HashMap) JsonValue(org.forgerock.json.JsonValue) NotFoundException(org.forgerock.oauth2.core.exceptions.NotFoundException) OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings)

Example 4 with OAuth2Exception

use of org.forgerock.oauth2.core.exceptions.OAuth2Exception in project OpenAM by OpenRock.

the class ResourceSetRegistrationExceptionFilter method afterHandle.

/**
     * Checks if an error response is being returned and translates the error into the format described by the
     * specification, https://tools.ietf.org/html/draft-hardjono-oauth-resource-reg-04#section-3.
     *
     * @param request The request to handle.
     * @param response The response to update.
     */
@Override
protected void afterHandle(Request request, Response response) {
    if (response.getStatus().isError() && response.getEntity() == null) {
        if (405 == response.getStatus().getCode()) {
            response.setEntity(jacksonRepresentationFactory.create(UNSUPPORTED_METHOD_TYPE));
        } else if (412 == response.getStatus().getCode()) {
            response.setEntity(jacksonRepresentationFactory.create(PRECONDITION_FAILED));
        } else if (response.getStatus().getThrowable() instanceof OAuth2Exception) {
            OAuth2Exception exception = (OAuth2Exception) response.getStatus().getThrowable();
            setExceptionResponse(response, exception.getStatusCode(), exception.getError());
        } else {
            setExceptionResponse(response, 500, "server_error");
        }
    }
}
Also used : OAuth2Exception(org.forgerock.oauth2.core.exceptions.OAuth2Exception)

Example 5 with OAuth2Exception

use of org.forgerock.oauth2.core.exceptions.OAuth2Exception in project OpenAM by OpenRock.

the class ExceptionHandler method toOAuth2RestletException.

private OAuth2RestletException toOAuth2RestletException(Throwable throwable) {
    if (throwable instanceof OAuth2RestletException) {
        return (OAuth2RestletException) throwable;
    } else if (throwable.getCause() instanceof OAuth2RestletException) {
        return (OAuth2RestletException) throwable.getCause();
    } else if (throwable.getCause() instanceof OAuth2Exception) {
        final OAuth2Exception exception = (OAuth2Exception) throwable.getCause();
        return new OAuth2RestletException(exception.getStatusCode(), exception.getError(), exception.getMessage(), null);
    } else {
        final ServerException serverException = new ServerException(throwable);
        final OAuth2RestletException oauthException = new OAuth2RestletException(serverException.getStatusCode(), serverException.getError(), serverException.getMessage(), null);
        return oauthException;
    }
}
Also used : ServerException(org.forgerock.oauth2.core.exceptions.ServerException) OAuth2Exception(org.forgerock.oauth2.core.exceptions.OAuth2Exception)

Aggregations

OAuth2Exception (org.forgerock.oauth2.core.exceptions.OAuth2Exception)14 OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)10 JsonValue (org.forgerock.json.JsonValue)6 Get (org.restlet.resource.Get)6 OAuth2RestletException (org.forgerock.oauth2.restlet.OAuth2RestletException)5 InvalidClientException (org.forgerock.oauth2.core.exceptions.InvalidClientException)4 Post (org.restlet.resource.Post)4 OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)3 RedirectUriMismatchException (org.forgerock.oauth2.core.exceptions.RedirectUriMismatchException)3 ResourceOwnerAuthenticationRequired (org.forgerock.oauth2.core.exceptions.ResourceOwnerAuthenticationRequired)3 ServerException (org.forgerock.oauth2.core.exceptions.ServerException)3 HashMap (java.util.HashMap)2 AuthorizationToken (org.forgerock.oauth2.core.AuthorizationToken)2 DeviceCode (org.forgerock.oauth2.core.DeviceCode)2 ResourceOwner (org.forgerock.oauth2.core.ResourceOwner)2 ResourceOwnerConsentRequired (org.forgerock.oauth2.core.exceptions.ResourceOwnerConsentRequired)2 Request (org.restlet.Request)2 JsonRepresentation (org.restlet.ext.json.JsonRepresentation)2 Representation (org.restlet.representation.Representation)2 SignatureException (java.security.SignatureException)1