use of org.forgerock.oauth2.restlet.OAuth2RestletException in project OpenAM by OpenRock.
the class ExceptionHandler method toOAuth2RestletException.
private OAuth2RestletException toOAuth2RestletException(Throwable throwable) {
if (throwable instanceof OAuth2RestletException) {
return (OAuth2RestletException) throwable;
} else if (throwable.getCause() instanceof OAuth2RestletException) {
return (OAuth2RestletException) throwable.getCause();
} else if (throwable.getCause() instanceof OAuth2Exception) {
final OAuth2Exception exception = (OAuth2Exception) throwable.getCause();
return new OAuth2RestletException(exception.getStatusCode(), exception.getError(), exception.getMessage(), null);
} else {
final ServerException serverException = new ServerException(throwable);
final OAuth2RestletException oauthException = new OAuth2RestletException(serverException.getStatusCode(), serverException.getError(), serverException.getMessage(), null);
return oauthException;
}
}
use of org.forgerock.oauth2.restlet.OAuth2RestletException in project OpenAM by OpenRock.
the class EndSessionTest method shouldAttemptEndSessionAndFailRelativeRedirect.
@Test
public void shouldAttemptEndSessionAndFailRelativeRedirect() throws Exception {
// given
String requestedUri = "example.com";
String registeredUri = "http://www.example.com";
when(oAuth2Request.getParameter(OAuth2Constants.Params.POST_LOGOUT_REDIRECT_URI)).thenReturn(requestedUri);
when(client.getPostLogoutRedirectUris()).thenReturn(Collections.singleton(new URI(registeredUri)));
// when
OAuth2RestletException exception = null;
try {
endSession.endSession();
} catch (OAuth2RestletException e) {
exception = e;
}
// then
verify(openIDConnectEndSession, times(1)).endSession(any(String.class));
assertThat(exception).isNotNull();
assertThat(exception.getError()).isEqualTo("relative_redirect_uri");
}
use of org.forgerock.oauth2.restlet.OAuth2RestletException in project OpenAM by OpenRock.
the class EndSession method endSession.
/**
* Handles GET requests to the OpenId Connect end session endpoint for ending OpenId Connect user sessions.
*
* @return The OpenId Connect token of the session that has ended.
* @throws OAuth2RestletException If an error occurs whilst ending the users session.
*/
@Get
public Representation endSession() throws OAuth2RestletException {
final OAuth2Request request = requestFactory.create(getRequest());
final String idToken = request.getParameter(OAuth2Constants.Params.END_SESSION_ID_TOKEN_HINT);
final String redirectUri = request.getParameter(OAuth2Constants.Params.POST_LOGOUT_REDIRECT_URI);
try {
openIDConnectEndSession.endSession(idToken);
if (StringUtils.isNotEmpty(redirectUri)) {
return handleRedirect(request, idToken, redirectUri);
}
} catch (OAuth2Exception e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), null);
}
return null;
}
use of org.forgerock.oauth2.restlet.OAuth2RestletException in project OpenAM by OpenRock.
the class ConnectClientRegistration method createClient.
/**
* Handles POST requests to the OpenId Connect client registration endpoint for creating OpenId Connect client
* registrations.
*
* @param entity The representation of the client registration details.
* @return The representation of the client registration details as created in the store.
* @throws OAuth2RestletException If an error occurs whilst processing the client registration.
*/
@Post
public Representation createClient(Representation entity) throws OAuth2RestletException {
final OAuth2Request request = requestFactory.create(getRequest());
final ChallengeResponse authHeader = getRequest().getChallengeResponse();
final String accessToken = authHeader != null ? authHeader.getRawValue() : null;
try {
final String deploymentUrl = getRequest().getHostRef().toString() + "/" + getRequest().getResourceRef().getSegments().get(0);
final JsonValue registration = clientRegistrationService.createRegistration(accessToken, deploymentUrl, request);
setStatus(Status.SUCCESS_CREATED);
return jacksonRepresentationFactory.create(registration.asMap());
} catch (OAuth2Exception e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), null);
}
}
use of org.forgerock.oauth2.restlet.OAuth2RestletException in project OpenAM by OpenRock.
the class DeviceCodeResource method issueCode.
@Post
public Representation issueCode(Representation body) throws OAuth2RestletException {
final Request restletRequest = getRequest();
OAuth2Request request = requestFactory.create(restletRequest);
String state = request.getParameter(STATE);
// Client ID, Response Type and Scope are required, all other parameters are optional
String clientId = request.getParameter(CLIENT_ID);
String scope = request.getParameter(SCOPE);
String responseType = request.getParameter(RESPONSE_TYPE);
try {
if (isEmpty(clientId) || isEmpty(scope) || isEmpty(responseType)) {
throw new OAuth2RestletException(400, "bad_request", "client_id, scope and response_type are required parameters", state);
} else {
// check client_id exists
clientRegistrationStore.get(clientId, request);
}
if (scope == null) {
scope = "";
}
final String maxAge = request.getParameter(MAX_AGE);
DeviceCode code = tokenStore.createDeviceCode(oAuth2Utils.split(scope, " "), null, clientId, request.<String>getParameter(NONCE), request.<String>getParameter(RESPONSE_TYPE), request.<String>getParameter(STATE), request.<String>getParameter(ACR_VALUES), request.<String>getParameter(PROMPT), request.<String>getParameter(UI_LOCALES), request.<String>getParameter(LOGIN_HINT), maxAge == null ? null : Integer.valueOf(maxAge), request.<String>getParameter(CLAIMS), request, request.<String>getParameter(CODE_CHALLENGE), request.<String>getParameter(CODE_CHALLENGE_METHOD));
Map<String, Object> result = new HashMap<>();
OAuth2ProviderSettings providerSettings = providerSettingsFactory.get(request);
result.put(DEVICE_CODE, code.getDeviceCode());
result.put(USER_CODE, code.getUserCode());
result.put(EXPIRES_IN, providerSettings.getDeviceCodeLifetime());
result.put(INTERVAL, providerSettings.getDeviceCodePollInterval());
String verificationUrl = providerSettings.getVerificationUrl();
if (StringUtils.isBlank(verificationUrl)) {
final HttpServletRequest servletRequest = ServletUtils.getRequest(restletRequest);
final String realm = request.getParameter(OAuth2Constants.Custom.REALM);
verificationUrl = baseURLProviderFactory.get(realm).getRootURL(servletRequest) + "/oauth2/device/user";
}
result.put(VERIFICATION_URL, verificationUrl);
return jacksonRepresentationFactory.create(result);
} catch (OAuth2Exception e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), state);
}
}
Aggregations