Example 86 with ServerException
use of org.forgerock.oauth2.core.exceptions.ServerException in project OpenAM by OpenRock.
the class OAuth2UserApplications method deleteInstance.
/**
* Allows users to revoke an OAuth2 application. This will remove their consent and revoke any access and refresh
* tokens with a matching client id.
* @param context The request context.
* @param resourceId The id of the OAuth2 client.
* @return A promise of the removed application.
*/
@Delete
public Promise<ResourceResponse, ResourceException> deleteInstance(Context context, String resourceId) {
String userId = contextHelper.getUserId(context);
String realm = contextHelper.getRealm(context);
debug.message("Revoking access to OAuth2 client {} for user {}", resourceId, userId);
try {
oAuth2ProviderSettingsFactory.get(context).revokeConsent(userId, resourceId);
QueryFilter<CoreTokenField> queryFilter = and(getQueryFilter(userId, realm), equalTo(CLIENT_ID.getField(), resourceId));
JsonValue tokens = tokenStore.query(queryFilter);
if (tokens.asCollection().isEmpty()) {
return new org.forgerock.json.resource.NotFoundException().asPromise();
}
for (JsonValue token : tokens) {
String tokenId = getAttributeValue(token, ID.getOAuthField());
debug.message("Removing OAuth2 token {} with client {} for user {}", tokenId, resourceId, userId);
tokenStore.delete(tokenId);
}
return getResourceResponse(context, resourceId, tokens).asPromise();
} catch (CoreTokenException | InvalidClientException | NotFoundException | ServerException e) {
debug.message("Failed to revoke access to OAuth2 client {} for user {}", resourceId, userId, e);
return new InternalServerErrorException(e).asPromise();
} catch (InternalServerErrorException e) {
debug.message("Failed to revoke access to OAuth2 client {} for user {}", resourceId, userId, e);
return e.asPromise();
}
}
Also used :
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
JsonValue(org.forgerock.json.JsonValue)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
NotFoundException(org.forgerock.oauth2.core.exceptions.NotFoundException)
CoreTokenField(org.forgerock.openam.tokens.CoreTokenField)
InvalidClientException(org.forgerock.oauth2.core.exceptions.InvalidClientException)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
Delete(org.forgerock.json.resource.annotations.Delete)
Example 87 with ServerException
use of org.forgerock.oauth2.core.exceptions.ServerException in project OpenAM by OpenRock.
the class OAuth2UserApplications method getResourceResponse.
private ResourceResponse getResourceResponse(Context context, String clientId, Iterable<JsonValue> tokens) throws NotFoundException, InvalidClientException, ServerException, InternalServerErrorException {
String realm = getAttributeValue(tokens.iterator().next(), REALM.getOAuthField());
OAuth2ProviderSettings oAuth2ProviderSettings = oAuth2ProviderSettingsFactory.get(context);
ClientRegistration clientRegistration = clientRegistrationStore.get(clientId, realm, context);
Map<String, String> scopeDescriptions = clientRegistration.getScopeDescriptions(getLocale(context));
Map<String, String> scopes = new HashMap<>();
for (JsonValue token : tokens) {
for (String scope : token.get(SCOPE.getOAuthField()).asSet(String.class)) {
if (scopeDescriptions.containsKey(scope)) {
scopes.put(scope, scopeDescriptions.get(scope));
} else {
scopes.put(scope, scope);
}
}
}
String displayName = clientRegistration.getDisplayName(getLocale(context));
String expiryDateTime = calculateExpiryDateTime(tokens, oAuth2ProviderSettings);
JsonValue content = json(object(field("_id", clientId), field("name", displayName), field("scopes", scopes), field("expiryDateTime", expiryDateTime)));
return Responses.newResourceResponse(clientId, String.valueOf(content.getObject().hashCode()), content);
}
Also used :
ClientRegistration(org.forgerock.oauth2.core.ClientRegistration)
HashMap(java.util.HashMap)
JsonValue(org.forgerock.json.JsonValue)
OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings)
Example 88 with ServerException
use of org.forgerock.oauth2.core.exceptions.ServerException in project OpenAM by OpenRock.
the class TokenResponseType method createToken.
public CoreToken createToken(Token accessToken, Map<String, Object> data) throws NotFoundException {
final String tokenType = (String) data.get(OAuth2Constants.CoreTokenParams.TOKEN_TYPE);
final Set<String> scope = (Set<String>) data.get(OAuth2Constants.CoreTokenParams.SCOPE);
final OAuth2Request request = requestFactory.create(Request.getCurrent());
final ResourceOwner resourceOwner = ownerAuthenticator.authenticate(request, true);
final String clientId = (String) data.get(OAuth2Constants.CoreTokenParams.CLIENT_ID);
final String redirectUri = (String) data.get(OAuth2Constants.CoreTokenParams.REDIRECT_URI);
final String codeChallenge = (String) data.get(OAuth2Constants.Custom.CODE_CHALLENGE);
final String codeChallengeMethod = (String) data.get(OAuth2Constants.Custom.CODE_CHALLENGE_METHOD);
try {
final Map.Entry<String, Token> tokenEntry = handler.handle(tokenType, scope, resourceOwner, clientId, redirectUri, null, requestFactory.create(Request.getCurrent()), codeChallenge, codeChallengeMethod);
return new LegacyAccessTokenAdapter((AccessToken) tokenEntry.getValue());
} catch (ServerException e) {
throw OAuthProblemException.OAuthError.SERVER_ERROR.handle(Request.getCurrent(), e.getMessage());
}
}
Also used :
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
Set(java.util.Set)
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
LegacyAccessTokenAdapter(org.forgerock.openam.oauth2.legacy.LegacyAccessTokenAdapter)
ResourceOwner(org.forgerock.oauth2.core.ResourceOwner)
Token(org.forgerock.oauth2.core.Token)
CoreToken(org.forgerock.openam.oauth2.legacy.CoreToken)
AccessToken(org.forgerock.oauth2.core.AccessToken)
Map(java.util.Map)
Example 89 with ServerException
use of org.forgerock.oauth2.core.exceptions.ServerException in project OpenAM by OpenRock.
the class OpenAMOpenIDConnectProvider method destroySession.
/**
* {@inheritDoc}
*/
public void destroySession(String opsId) throws ServerException {
try {
final Token opsToken = cts.read(opsId);
if (opsToken == null) {
throw new CoreTokenException("Unable to find id_token");
}
JsonValue idTokenUserSessionToken = tokenAdapter.fromToken(opsToken);
cts.delete(opsId);
String sessionId = idTokenUserSessionToken.get(OAuth2Constants.JWTTokenParams.LEGACY_OPS).asSet(String.class).iterator().next();
// for some grant type, there is no OpenAM session associated with a id_token
if (sessionId != null) {
final SSOToken token = tokenManager.createSSOToken(sessionId);
tokenManager.destroyToken(token);
}
} catch (CoreTokenException e) {
logger.error("Unable to get id_token meta data", e);
throw new ServerException("Unable to get id_token meta data");
} catch (Exception e) {
logger.error("Unable to get SsoTokenManager", e);
throw new ServerException("Unable to get SsoTokenManager");
}
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
JsonValue(org.forgerock.json.JsonValue)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
Token(org.forgerock.openam.cts.api.tokens.Token)
SSOToken(com.iplanet.sso.SSOToken)
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
Example 90 with ServerException
use of org.forgerock.oauth2.core.exceptions.ServerException in project OpenAM by OpenRock.
the class OpenAMTokenStoreTest method shouldFailToReadAccessToken.
@Test(expectedExceptions = ServerException.class)
public void shouldFailToReadAccessToken() throws Exception {
//Given
doThrow(CoreTokenException.class).when(tokenStore).read("TOKEN_ID");
OAuth2Request request = oAuth2RequestFactory.create(this.request);
//When
openAMtokenStore.readAccessToken(request, "TOKEN_ID");
//Then
//Expected ServerException
}
Also used :
RestletOAuth2Request(org.forgerock.oauth2.restlet.RestletOAuth2Request)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
Test(org.testng.annotations.Test)
Aggregations
ServerException (org.forgerock.oauth2.core.exceptions.ServerException)60
OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)31
OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)25
JsonValue (org.forgerock.json.JsonValue)18
NotFoundException (org.forgerock.oauth2.core.exceptions.NotFoundException)18
CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)18
ResourceSetDescription (org.forgerock.oauth2.resources.ResourceSetDescription)14
HashMap (java.util.HashMap)13
AccessToken (org.forgerock.oauth2.core.AccessToken)13
HashSet (java.util.HashSet)12
InvalidGrantException (org.forgerock.oauth2.core.exceptions.InvalidGrantException)11
ResourceSetStore (org.forgerock.oauth2.resources.ResourceSetStore)11
SSOException (com.iplanet.sso.SSOException)9
Request (org.restlet.Request)9
InvalidClientException (org.forgerock.oauth2.core.exceptions.InvalidClientException)8
Map (java.util.Map)7
OAuth2Uris (org.forgerock.oauth2.core.OAuth2Uris)7
JSONObject (org.json.JSONObject)7
SMSException (com.sun.identity.sm.SMSException)6
ResourceOwner (org.forgerock.oauth2.core.ResourceOwner)6
