Search in sources :

Example 46 with ServerException

use of org.forgerock.oauth2.core.exceptions.ServerException in project OpenAM by OpenRock.

the class ClaimsParameterValidatorTest method shouldErrorValidatingJson.

@Test(expectedExceptions = BadRequestException.class)
public void shouldErrorValidatingJson() throws NotFoundException, BadRequestException, RedirectUriMismatchException, InvalidScopeException, InvalidRequestException, InvalidClientException, ServerException, UnsupportedResponseTypeException {
    //given
    OAuth2Request mockRequest = mock(OAuth2Request.class);
    OAuth2ProviderSettings mockProviderSettings = mock(OAuth2ProviderSettings.class);
    String responseTypes = "id_token";
    given(mockProviderSettingsFactory.get(mockRequest)).willReturn(mockProviderSettings);
    given(mockProviderSettings.getClaimsParameterSupported()).willReturn(true);
    given(mockRequest.getParameter(OAuth2Constants.Custom.CLAIMS)).willReturn(invalidClaimsString);
    given(mockRequest.getParameter(OAuth2Constants.Params.RESPONSE_TYPE)).willReturn(responseTypes);
    //when
    claimsParameterValidator.validateRequest(mockRequest);
//then
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 47 with ServerException

use of org.forgerock.oauth2.core.exceptions.ServerException in project OpenAM by OpenRock.

the class ClaimsParameterValidatorTest method shouldErrorValidatingResponseType.

@Test(expectedExceptions = BadRequestException.class)
public void shouldErrorValidatingResponseType() throws NotFoundException, BadRequestException, RedirectUriMismatchException, InvalidScopeException, InvalidRequestException, InvalidClientException, ServerException, UnsupportedResponseTypeException {
    //given
    OAuth2Request mockRequest = mock(OAuth2Request.class);
    OAuth2ProviderSettings mockProviderSettings = mock(OAuth2ProviderSettings.class);
    String responseTypes = "id_token";
    given(mockProviderSettingsFactory.get(mockRequest)).willReturn(mockProviderSettings);
    given(mockProviderSettings.getClaimsParameterSupported()).willReturn(true);
    given(mockRequest.getParameter(OAuth2Constants.Custom.CLAIMS)).willReturn(validClaimsString);
    given(mockRequest.getParameter(OAuth2Constants.Params.RESPONSE_TYPE)).willReturn(responseTypes);
    //when
    claimsParameterValidator.validateRequest(mockRequest);
//then
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings) Test(org.testng.annotations.Test) BeforeTest(org.testng.annotations.BeforeTest)

Example 48 with ServerException

use of org.forgerock.oauth2.core.exceptions.ServerException in project OpenAM by OpenRock.

the class AuthorizationRequestEndpoint method requestAuthorization.

@Post
public Representation requestAuthorization(JsonRepresentation entity) throws BadRequestException, UmaException, EntitlementException, ServerException, NotFoundException {
    UmaProviderSettings umaProviderSettings = umaProviderSettingsFactory.get(this.getRequest());
    final OAuth2Request oauth2Request = requestFactory.create(getRequest());
    OAuth2ProviderSettings oauth2ProviderSettings = oauth2ProviderSettingsFactory.get(oauth2Request);
    OAuth2Uris oAuth2Uris = oAuth2UrisFactory.get(oauth2Request);
    final UmaTokenStore umaTokenStore = umaProviderSettings.getUmaTokenStore();
    String realm = oauth2Request.getParameter("realm");
    JsonValue requestBody = json(toMap(entity));
    PermissionTicket permissionTicket = getPermissionTicket(umaTokenStore, requestBody);
    validatePermissionTicketHolder(umaTokenStore, permissionTicket);
    final String resourceSetId = permissionTicket.getResourceSetId();
    final Request request = getRequest();
    final String resourceOwnerId = getResourceOwnerId(oauth2ProviderSettings, resourceSetId);
    AMIdentity resourceOwner = createIdentity(resourceOwnerId, realm);
    String requestingPartyId = null;
    try {
        requestingPartyId = getRequestingPartyId(umaProviderSettings, oAuth2Uris, requestBody);
    } finally {
        auditLogger.log(resourceSetId, resourceOwner, UmaAuditType.REQUEST, request, requestingPartyId == null ? getAuthorisationApiToken().getResourceOwnerId() : requestingPartyId);
    }
    if (isEntitled(umaProviderSettings, oauth2ProviderSettings, permissionTicket, requestingPartyId)) {
        getResponse().setStatus(new Status(200));
        auditLogger.log(resourceSetId, resourceOwner, UmaAuditType.GRANTED, request, requestingPartyId);
        return createJsonRpt(umaTokenStore, permissionTicket);
    } else {
        try {
            if (verifyPendingRequestDoesNotAlreadyExist(resourceSetId, resourceOwnerId, permissionTicket.getRealm(), requestingPartyId, permissionTicket.getScopes())) {
                auditLogger.log(resourceSetId, resourceOwner, UmaAuditType.DENIED, request, requestingPartyId);
                throw new UmaException(403, UmaConstants.NOT_AUTHORISED_ERROR_CODE, "The client is not authorised to access the requested resource set");
            } else {
                pendingRequestsService.createPendingRequest(ServletUtils.getRequest(getRequest()), resourceSetId, auditLogger.getResourceName(resourceSetId, request), resourceOwnerId, requestingPartyId, permissionTicket.getRealm(), permissionTicket.getScopes());
                auditLogger.log(resourceSetId, resourceOwner, UmaAuditType.REQUEST_SUBMITTED, request, requestingPartyId);
            }
        } catch (org.forgerock.openam.sm.datalayer.store.ServerException e) {
            logger.error("Failed to create pending request", e);
            throw new UmaException(403, UmaConstants.NOT_AUTHORISED_ERROR_CODE, "Failed to create pending request");
        }
        throw newRequestSubmittedException();
    }
}
Also used : Status(org.restlet.data.Status) OAuth2Uris(org.forgerock.oauth2.core.OAuth2Uris) JsonValue(org.forgerock.json.JsonValue) UmaPendingRequest(org.forgerock.openam.sm.datalayer.impl.uma.UmaPendingRequest) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) AMIdentity(com.sun.identity.idm.AMIdentity) OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings) Post(org.restlet.resource.Post)

Example 49 with ServerException

use of org.forgerock.oauth2.core.exceptions.ServerException in project OpenAM by OpenRock.

the class UmaPolicyApplicationListener method identityDeleted.

/**
     * Deletes, (based on configuration), the resource servers policy application, policies and
     * resource sets.
     *
     * @param universalId {@inheritDoc}
     */
@Override
public void identityDeleted(String universalId) {
    try {
        AMIdentity identity = getIdentity(universalId);
        if (!isAgentIdentity(identity)) {
            return;
        }
        removeApplication(identity.getRealm(), identity.getName());
    } catch (IdRepoException e) {
        logger.error("Failed to get identity", e);
    } catch (NotFoundException e) {
        logger.error("Failed to get UMA Provider settings", e);
    } catch (ServerException e) {
        logger.error("Failed to get UMA Provider settings", e);
    }
}
Also used : ServerException(org.forgerock.oauth2.core.exceptions.ServerException) AMIdentity(com.sun.identity.idm.AMIdentity) IdRepoException(com.sun.identity.idm.IdRepoException) NotFoundException(org.forgerock.oauth2.core.exceptions.NotFoundException) DenyOverride(com.sun.identity.entitlement.DenyOverride)

Example 50 with ServerException

use of org.forgerock.oauth2.core.exceptions.ServerException in project OpenAM by OpenRock.

the class ResourceSetService method combine.

private Collection<ResourceSetDescription> combine(Context context, ResourceSetWithPolicyQuery resourceSetWithPolicyQuery, Collection<ResourceSetDescription> resourceSets, Collection<UmaPolicy> policies, boolean augmentWithPolicies, String resourceOwnerId) throws org.forgerock.oauth2.core.exceptions.NotFoundException, ServerException {
    Map<String, ResourceSetDescription> resourceSetsById = new HashMap<String, ResourceSetDescription>();
    Map<String, UmaPolicy> policiesById = new HashMap<String, UmaPolicy>();
    for (ResourceSetDescription resourceSet : resourceSets) {
        resourceSetsById.put(resourceSet.getId(), resourceSet);
    }
    for (UmaPolicy policy : policies) {
        policiesById.put(policy.getId(), policy);
    }
    if (AggregateQuery.Operator.AND.equals(resourceSetWithPolicyQuery.getOperator())) {
        resourceSetsById.keySet().retainAll(policiesById.keySet());
        if (augmentWithPolicies) {
            for (ResourceSetDescription resourceSet : resourceSetsById.values()) {
                resourceSet.setPolicy(policiesById.get(resourceSet.getId()).asJson());
            }
        }
    } else if (AggregateQuery.Operator.OR.equals(resourceSetWithPolicyQuery.getOperator())) {
        if (augmentWithPolicies) {
            for (ResourceSetDescription resourceSet : resourceSetsById.values()) {
                augmentWithPolicy(context, resourceSet.getId(), resourceSet);
            }
        }
        for (Map.Entry<String, UmaPolicy> entry : policiesById.entrySet()) {
            ResourceSetDescription resourceSet;
            if (resourceSetsById.containsKey(entry.getKey())) {
                resourceSet = resourceSetsById.get(entry.getKey());
            } else {
                RealmContext realmContext = context.asContext(RealmContext.class);
                resourceSet = resourceSetStoreFactory.create(realmContext.getResolvedRealm()).read(entry.getKey(), resourceOwnerId);
            }
            if (augmentWithPolicies) {
                resourceSet.setPolicy(entry.getValue().asJson());
            }
            resourceSetsById.put(entry.getKey(), resourceSet);
        }
    }
    return resourceSetsById.values();
}
Also used : RealmContext(org.forgerock.openam.rest.RealmContext) HashMap(java.util.HashMap) UmaPolicy(org.forgerock.openam.uma.UmaPolicy) ResourceSetDescription(org.forgerock.oauth2.resources.ResourceSetDescription)

Aggregations

ServerException (org.forgerock.oauth2.core.exceptions.ServerException)60 OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)31 OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)25 JsonValue (org.forgerock.json.JsonValue)18 NotFoundException (org.forgerock.oauth2.core.exceptions.NotFoundException)18 CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)18 ResourceSetDescription (org.forgerock.oauth2.resources.ResourceSetDescription)14 HashMap (java.util.HashMap)13 AccessToken (org.forgerock.oauth2.core.AccessToken)13 HashSet (java.util.HashSet)12 InvalidGrantException (org.forgerock.oauth2.core.exceptions.InvalidGrantException)11 ResourceSetStore (org.forgerock.oauth2.resources.ResourceSetStore)11 SSOException (com.iplanet.sso.SSOException)9 Request (org.restlet.Request)9 InvalidClientException (org.forgerock.oauth2.core.exceptions.InvalidClientException)8 Map (java.util.Map)7 OAuth2Uris (org.forgerock.oauth2.core.OAuth2Uris)7 JSONObject (org.json.JSONObject)7 SMSException (com.sun.identity.sm.SMSException)6 ResourceOwner (org.forgerock.oauth2.core.ResourceOwner)6