Search in sources :

Example 1 with OAuth2RestletException

use of org.forgerock.oauth2.restlet.OAuth2RestletException in project OpenAM by OpenRock.

the class ExceptionHandler method toOAuth2RestletException.

private OAuth2RestletException toOAuth2RestletException(Throwable throwable) {
    if (throwable instanceof OAuth2RestletException) {
        return (OAuth2RestletException) throwable;
    } else if (throwable.getCause() instanceof OAuth2RestletException) {
        return (OAuth2RestletException) throwable.getCause();
    } else if (throwable.getCause() instanceof OAuth2Exception) {
        final OAuth2Exception exception = (OAuth2Exception) throwable.getCause();
        return new OAuth2RestletException(exception.getStatusCode(), exception.getError(), exception.getMessage(), null);
    } else {
        final ServerException serverException = new ServerException(throwable);
        final OAuth2RestletException oauthException = new OAuth2RestletException(serverException.getStatusCode(), serverException.getError(), serverException.getMessage(), null);
        return oauthException;
    }
}
Also used : ServerException(org.forgerock.oauth2.core.exceptions.ServerException) OAuth2Exception(org.forgerock.oauth2.core.exceptions.OAuth2Exception)

Example 2 with OAuth2RestletException

use of org.forgerock.oauth2.restlet.OAuth2RestletException in project OpenAM by OpenRock.

the class EndSessionTest method shouldAttemptEndSessionAndFailRelativeRedirect.

@Test
public void shouldAttemptEndSessionAndFailRelativeRedirect() throws Exception {
    // given
    String requestedUri = "example.com";
    String registeredUri = "http://www.example.com";
    when(oAuth2Request.getParameter(OAuth2Constants.Params.POST_LOGOUT_REDIRECT_URI)).thenReturn(requestedUri);
    when(client.getPostLogoutRedirectUris()).thenReturn(Collections.singleton(new URI(registeredUri)));
    // when
    OAuth2RestletException exception = null;
    try {
        endSession.endSession();
    } catch (OAuth2RestletException e) {
        exception = e;
    }
    // then
    verify(openIDConnectEndSession, times(1)).endSession(any(String.class));
    assertThat(exception).isNotNull();
    assertThat(exception.getError()).isEqualTo("relative_redirect_uri");
}
Also used : OAuth2RestletException(org.forgerock.oauth2.restlet.OAuth2RestletException) URI(java.net.URI) Test(org.testng.annotations.Test)

Example 3 with OAuth2RestletException

use of org.forgerock.oauth2.restlet.OAuth2RestletException in project OpenAM by OpenRock.

the class EndSession method endSession.

/**
     * Handles GET requests to the OpenId Connect end session endpoint for ending OpenId Connect user sessions.
     *
     * @return The OpenId Connect token of the session that has ended.
     * @throws OAuth2RestletException If an error occurs whilst ending the users session.
     */
@Get
public Representation endSession() throws OAuth2RestletException {
    final OAuth2Request request = requestFactory.create(getRequest());
    final String idToken = request.getParameter(OAuth2Constants.Params.END_SESSION_ID_TOKEN_HINT);
    final String redirectUri = request.getParameter(OAuth2Constants.Params.POST_LOGOUT_REDIRECT_URI);
    try {
        openIDConnectEndSession.endSession(idToken);
        if (StringUtils.isNotEmpty(redirectUri)) {
            return handleRedirect(request, idToken, redirectUri);
        }
    } catch (OAuth2Exception e) {
        throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), null);
    }
    return null;
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) OAuth2RestletException(org.forgerock.oauth2.restlet.OAuth2RestletException) OAuth2Exception(org.forgerock.oauth2.core.exceptions.OAuth2Exception) Get(org.restlet.resource.Get)

Example 4 with OAuth2RestletException

use of org.forgerock.oauth2.restlet.OAuth2RestletException in project OpenAM by OpenRock.

the class ConnectClientRegistration method createClient.

/**
     * Handles POST requests to the OpenId Connect client registration endpoint for creating OpenId Connect client
     * registrations.
     *
     * @param entity The representation of the client registration details.
     * @return The representation of the client registration details as created in the store.
     * @throws OAuth2RestletException If an error occurs whilst processing the client registration.
     */
@Post
public Representation createClient(Representation entity) throws OAuth2RestletException {
    final OAuth2Request request = requestFactory.create(getRequest());
    final ChallengeResponse authHeader = getRequest().getChallengeResponse();
    final String accessToken = authHeader != null ? authHeader.getRawValue() : null;
    try {
        final String deploymentUrl = getRequest().getHostRef().toString() + "/" + getRequest().getResourceRef().getSegments().get(0);
        final JsonValue registration = clientRegistrationService.createRegistration(accessToken, deploymentUrl, request);
        setStatus(Status.SUCCESS_CREATED);
        return jacksonRepresentationFactory.create(registration.asMap());
    } catch (OAuth2Exception e) {
        throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), null);
    }
}
Also used : OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) OAuth2RestletException(org.forgerock.oauth2.restlet.OAuth2RestletException) JsonValue(org.forgerock.json.JsonValue) OAuth2Exception(org.forgerock.oauth2.core.exceptions.OAuth2Exception) ChallengeResponse(org.restlet.data.ChallengeResponse) Post(org.restlet.resource.Post)

Example 5 with OAuth2RestletException

use of org.forgerock.oauth2.restlet.OAuth2RestletException in project OpenAM by OpenRock.

the class DeviceCodeResource method issueCode.

@Post
public Representation issueCode(Representation body) throws OAuth2RestletException {
    final Request restletRequest = getRequest();
    OAuth2Request request = requestFactory.create(restletRequest);
    String state = request.getParameter(STATE);
    // Client ID, Response Type and Scope are required, all other parameters are optional
    String clientId = request.getParameter(CLIENT_ID);
    String scope = request.getParameter(SCOPE);
    String responseType = request.getParameter(RESPONSE_TYPE);
    try {
        if (isEmpty(clientId) || isEmpty(scope) || isEmpty(responseType)) {
            throw new OAuth2RestletException(400, "bad_request", "client_id, scope and response_type are required parameters", state);
        } else {
            // check client_id exists
            clientRegistrationStore.get(clientId, request);
        }
        if (scope == null) {
            scope = "";
        }
        final String maxAge = request.getParameter(MAX_AGE);
        DeviceCode code = tokenStore.createDeviceCode(oAuth2Utils.split(scope, " "), null, clientId, request.<String>getParameter(NONCE), request.<String>getParameter(RESPONSE_TYPE), request.<String>getParameter(STATE), request.<String>getParameter(ACR_VALUES), request.<String>getParameter(PROMPT), request.<String>getParameter(UI_LOCALES), request.<String>getParameter(LOGIN_HINT), maxAge == null ? null : Integer.valueOf(maxAge), request.<String>getParameter(CLAIMS), request, request.<String>getParameter(CODE_CHALLENGE), request.<String>getParameter(CODE_CHALLENGE_METHOD));
        Map<String, Object> result = new HashMap<>();
        OAuth2ProviderSettings providerSettings = providerSettingsFactory.get(request);
        result.put(DEVICE_CODE, code.getDeviceCode());
        result.put(USER_CODE, code.getUserCode());
        result.put(EXPIRES_IN, providerSettings.getDeviceCodeLifetime());
        result.put(INTERVAL, providerSettings.getDeviceCodePollInterval());
        String verificationUrl = providerSettings.getVerificationUrl();
        if (StringUtils.isBlank(verificationUrl)) {
            final HttpServletRequest servletRequest = ServletUtils.getRequest(restletRequest);
            final String realm = request.getParameter(OAuth2Constants.Custom.REALM);
            verificationUrl = baseURLProviderFactory.get(realm).getRootURL(servletRequest) + "/oauth2/device/user";
        }
        result.put(VERIFICATION_URL, verificationUrl);
        return jacksonRepresentationFactory.create(result);
    } catch (OAuth2Exception e) {
        throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), state);
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) HashMap(java.util.HashMap) HttpServletRequest(javax.servlet.http.HttpServletRequest) Request(org.restlet.Request) OAuth2Request(org.forgerock.oauth2.core.OAuth2Request) DeviceCode(org.forgerock.oauth2.core.OAuth2Constants.DeviceCode) DeviceCode(org.forgerock.oauth2.core.DeviceCode) OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings) OAuth2Exception(org.forgerock.oauth2.core.exceptions.OAuth2Exception) Post(org.restlet.resource.Post)

Aggregations

OAuth2Exception (org.forgerock.oauth2.core.exceptions.OAuth2Exception)11 OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)10 OAuth2RestletException (org.forgerock.oauth2.restlet.OAuth2RestletException)7 Get (org.restlet.resource.Get)6 JsonValue (org.forgerock.json.JsonValue)4 Post (org.restlet.resource.Post)4 InvalidClientException (org.forgerock.oauth2.core.exceptions.InvalidClientException)3 RedirectUriMismatchException (org.forgerock.oauth2.core.exceptions.RedirectUriMismatchException)3 ResourceOwnerAuthenticationRequired (org.forgerock.oauth2.core.exceptions.ResourceOwnerAuthenticationRequired)3 URI (java.net.URI)2 AuthorizationToken (org.forgerock.oauth2.core.AuthorizationToken)2 DeviceCode (org.forgerock.oauth2.core.DeviceCode)2 ResourceOwnerConsentRequired (org.forgerock.oauth2.core.exceptions.ResourceOwnerConsentRequired)2 ServerException (org.forgerock.oauth2.core.exceptions.ServerException)2 Request (org.restlet.Request)2 JsonRepresentation (org.restlet.ext.json.JsonRepresentation)2 Representation (org.restlet.representation.Representation)2 Test (org.testng.annotations.Test)2 HashMap (java.util.HashMap)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1