Examples with ServerException org.forgerock.oauth2.core.exceptions.ServerException used on opensource projects

Example 76 with ServerException

use of org.forgerock.oauth2.core.exceptions.ServerException in project OpenAM by OpenRock.

the class OpenAMOAuth2ProviderSettings method getAcrMapping.

@Override
public Map<String, AuthenticationMethod> getAcrMapping() throws ServerException {
    try {
        final Map<String, String> map = getMapSetting(realm, OAuth2ProviderService.ACR_VALUE_MAPPING);
        final Map<String, AuthenticationMethod> methods = new HashMap<String, AuthenticationMethod>(map.size());
        for (Map.Entry<String, String> entry : map.entrySet()) {
            methods.put(entry.getKey(), new OpenAMAuthenticationMethod(entry.getValue(), AuthContext.IndexType.SERVICE));
        }
        return methods;
    } catch (SSOException e) {
        logger.message(e.getMessage());
        throw new ServerException(e);
    } catch (SMSException e) {
        logger.message(e.getMessage());
        throw new ServerException(e);
    }
}

Example 77 with ServerException

use of org.forgerock.oauth2.core.exceptions.ServerException in project OpenAM by OpenRock.

the class OpenAMOAuth2ProviderSettings method getScopeValidator.

private synchronized ScopeValidator getScopeValidator() throws ServerException {
    if (scopeValidator == null) {
        try {
            final String scopeValidatorClassName = getStringSettingValue(OAuth2ProviderService.SCOPE_PLUGIN_CLASS);
            if (isEmpty(scopeValidatorClassName)) {
                logger.message("Scope Validator class not set.");
                throw new ServerException("Scope Validator class not set.");
            }
            final Class<?> scopeValidatorClass = Class.forName(scopeValidatorClassName);
            if (Scope.class.isAssignableFrom(scopeValidatorClass)) {
                final Scope scopeClass = InjectorHolder.getInstance(scopeValidatorClass.asSubclass(Scope.class));
                return new LegacyScopeValidator(scopeClass);
            }
            scopeValidator = InjectorHolder.getInstance(scopeValidatorClass.asSubclass(ScopeValidator.class));
        } catch (ClassNotFoundException e) {
            logger.error(e.getMessage());
            throw new ServerException(e);
        }
    }
    return scopeValidator;
}

Example 78 with ServerException

use of org.forgerock.oauth2.core.exceptions.ServerException in project OpenAM by OpenRock.

the class OpenAMOAuth2ProviderSettings method validateRequestedClaims.

@Override
public String validateRequestedClaims(String requestedClaims) throws InvalidRequestException, ServerException {
    if (!getClaimsParameterSupported()) {
        return null;
    }
    if (StringUtils.isBlank(requestedClaims)) {
        return null;
    }
    final Set<String> claims = new HashSet<String>();
    try {
        JSONObject json = new JSONObject(requestedClaims);
        JSONObject userinfo = json.optJSONObject(OAuth2Constants.UserinfoEndpoint.USERINFO);
        JSONObject id_token = json.optJSONObject(OAuth2Constants.JWTTokenParams.ID_TOKEN);
        if (userinfo != null) {
            Iterator<String> it = userinfo.keys();
            while (it.hasNext()) {
                claims.add(it.next());
            }
        }
        if (id_token != null) {
            Iterator<String> it = id_token.keys();
            while (it.hasNext()) {
                claims.add(it.next());
            }
        }
    } catch (JSONException e) {
        throw new InvalidRequestException("Requested claims must be valid json.");
    }
    if (!getSupportedClaims().containsAll(claims)) {
        throw new InvalidRequestException("Requested claims must be allowed by the client's configuration");
    }
    return requestedClaims;
}

Example 79 with ServerException

use of org.forgerock.oauth2.core.exceptions.ServerException in project OpenAM by OpenRock.

the class OAuth2UserApplications method deleteInstance.

/**
     * Allows users to revoke an OAuth2 application. This will remove their consent and revoke any access and refresh
     * tokens with a matching client id.
     * @param context The request context.
     * @param resourceId The id of the OAuth2 client.
     * @return A promise of the removed application.
     */
@Delete
public Promise<ResourceResponse, ResourceException> deleteInstance(Context context, String resourceId) {
    String userId = contextHelper.getUserId(context);
    String realm = contextHelper.getRealm(context);
    debug.message("Revoking access to OAuth2 client {} for user {}", resourceId, userId);
    try {
        oAuth2ProviderSettingsFactory.get(context).revokeConsent(userId, resourceId);
        QueryFilter<CoreTokenField> queryFilter = and(getQueryFilter(userId, realm), equalTo(CLIENT_ID.getField(), resourceId));
        JsonValue tokens = tokenStore.query(queryFilter);
        if (tokens.asCollection().isEmpty()) {
            return new org.forgerock.json.resource.NotFoundException().asPromise();
        }
        for (JsonValue token : tokens) {
            String tokenId = getAttributeValue(token, ID.getOAuthField());
            debug.message("Removing OAuth2 token {} with client {} for user {}", tokenId, resourceId, userId);
            tokenStore.delete(tokenId);
        }
        return getResourceResponse(context, resourceId, tokens).asPromise();
    } catch (CoreTokenException | InvalidClientException | NotFoundException | ServerException e) {
        debug.message("Failed to revoke access to OAuth2 client {} for user {}", resourceId, userId, e);
        return new InternalServerErrorException(e).asPromise();
    } catch (InternalServerErrorException e) {
        debug.message("Failed to revoke access to OAuth2 client {} for user {}", resourceId, userId, e);
        return e.asPromise();
    }
}

Example 80 with ServerException

use of org.forgerock.oauth2.core.exceptions.ServerException in project OpenAM by OpenRock.

the class OAuth2UserApplications method getResourceResponse.

private ResourceResponse getResourceResponse(Context context, String clientId, Iterable<JsonValue> tokens) throws NotFoundException, InvalidClientException, ServerException, InternalServerErrorException {
    String realm = getAttributeValue(tokens.iterator().next(), REALM.getOAuthField());
    OAuth2ProviderSettings oAuth2ProviderSettings = oAuth2ProviderSettingsFactory.get(context);
    ClientRegistration clientRegistration = clientRegistrationStore.get(clientId, realm, context);
    Map<String, String> scopeDescriptions = clientRegistration.getScopeDescriptions(getLocale(context));
    Map<String, String> scopes = new HashMap<>();
    for (JsonValue token : tokens) {
        for (String scope : token.get(SCOPE.getOAuthField()).asSet(String.class)) {
            if (scopeDescriptions.containsKey(scope)) {
                scopes.put(scope, scopeDescriptions.get(scope));
            } else {
                scopes.put(scope, scope);
            }
        }
    }
    String displayName = clientRegistration.getDisplayName(getLocale(context));
    String expiryDateTime = calculateExpiryDateTime(tokens, oAuth2ProviderSettings);
    JsonValue content = json(object(field("_id", clientId), field("name", displayName), field("scopes", scopes), field("expiryDateTime", expiryDateTime)));
    return Responses.newResourceResponse(clientId, String.valueOf(content.getObject().hashCode()), content);
}