Example 6 with OAuth2RestletException
use of org.forgerock.oauth2.restlet.OAuth2RestletException in project OpenAM by OpenRock.
the class DeviceCodeVerificationResource method verify.
/**
* Handles POST requests to the OAuth2 device/user endpoint.
*/
@Post
public Representation verify(Representation body) throws ServerException, NotFoundException, InvalidGrantException, OAuth2RestletException {
final Request restletRequest = getRequest();
OAuth2Request request = requestFactory.create(restletRequest);
DeviceCode deviceCode;
try {
deviceCode = tokenStore.readDeviceCode(request.<String>getParameter(OAuth2Constants.DeviceCode.USER_CODE), request);
} catch (InvalidGrantException e) {
return getTemplateRepresentation(FORM, request, "not_found");
}
if (deviceCode == null || deviceCode.isIssued()) {
return getTemplateRepresentation(FORM, request, "not_found");
}
addRequestParamsFromDeviceCode(restletRequest, deviceCode);
try {
final String decision = request.getParameter("decision");
if (StringUtils.isNotEmpty(decision)) {
final boolean consentGiven = "allow".equalsIgnoreCase(decision);
final boolean saveConsent = "on".equalsIgnoreCase(request.<String>getParameter("save_consent"));
if (saveConsent) {
saveConsent(request);
}
if (consentGiven) {
ResourceOwner resourceOwner = resourceOwnerSessionValidator.validate(request);
deviceCode.setResourceOwnerId(resourceOwner.getId());
deviceCode.setAuthorized(true);
tokenStore.updateDeviceCode(deviceCode, request);
} else {
tokenStore.deleteDeviceCode(deviceCode.getClientId(), deviceCode.getDeviceCode(), request);
}
} else {
authorizationService.authorize(request);
}
} catch (IllegalArgumentException e) {
if (e.getMessage().contains("client_id")) {
throw new OAuth2RestletException(400, "invalid_request", e.getMessage(), request.<String>getParameter("state"));
}
throw new OAuth2RestletException(400, "invalid_request", e.getMessage(), request.<String>getParameter("redirect_uri"), request.<String>getParameter("state"));
} catch (ResourceOwnerAuthenticationRequired e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), e.getRedirectUri().toString(), null);
} catch (ResourceOwnerConsentRequired e) {
return representation.getRepresentation(getContext(), request, "authorize.ftl", getDataModel(e, request));
} catch (InvalidClientException | RedirectUriMismatchException e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("state"));
} catch (OAuth2Exception e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("redirect_uri"), request.<String>getParameter("state"), e.getParameterLocation());
}
return getTemplateRepresentation(THANKS_PAGE, request, null);
}
Also used :
ResourceOwnerAuthenticationRequired(org.forgerock.oauth2.core.exceptions.ResourceOwnerAuthenticationRequired)
RedirectUriMismatchException(org.forgerock.oauth2.core.exceptions.RedirectUriMismatchException)
ResourceOwner(org.forgerock.oauth2.core.ResourceOwner)
ResourceOwnerConsentRequired(org.forgerock.oauth2.core.exceptions.ResourceOwnerConsentRequired)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
Request(org.restlet.Request)
InvalidGrantException(org.forgerock.oauth2.core.exceptions.InvalidGrantException)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
InvalidClientException(org.forgerock.oauth2.core.exceptions.InvalidClientException)
DeviceCode(org.forgerock.oauth2.core.DeviceCode)
OAuth2Exception(org.forgerock.oauth2.core.exceptions.OAuth2Exception)
Post(org.restlet.resource.Post)
Example 7 with OAuth2RestletException
use of org.forgerock.oauth2.restlet.OAuth2RestletException in project OpenAM by OpenRock.
the class ExceptionHandler method handle.
/**
* Handles any exception that is thrown when processing a OAuth2 request.
*
* @param throwable The throwable.
* @param context The Restlet context.
* @param request The Restlet request.
* @param response The Restlet response.
*/
public void handle(Throwable throwable, Context context, Request request, Response response) {
if (throwable.getCause() instanceof OAuth2RestletException) {
final OAuth2RestletException e = (OAuth2RestletException) throwable.getCause();
handle(e, context, request, response);
} else {
final ServerException serverException = new ServerException(throwable);
final OAuth2RestletException exception = new OAuth2RestletException(serverException.getStatusCode(), serverException.getError(), serverException.getMessage(), null);
handle(exception, context, request, response);
}
}
Also used :
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
Example 8 with OAuth2RestletException
use of org.forgerock.oauth2.restlet.OAuth2RestletException in project OpenAM by OpenRock.
the class AuthorizeResource method authorize.
/**
* Handles GET requests to the OAuth2 authorize endpoint.
* <br/>
* This method will be called when a client has requested a resource owner grants it authorization to access a
* resource.
*
* @return The body to be sent in the response to the user agent.
* @throws OAuth2RestletException If a OAuth2 error occurs whilst processing the authorization request.
*/
@Get
public Representation authorize() throws OAuth2RestletException {
final OAuth2Request request = requestFactory.create(getRequest());
for (AuthorizeRequestHook hook : hooks) {
hook.beforeAuthorizeHandling(request, getRequest(), getResponse());
}
try {
final AuthorizationToken authorizationToken = authorizationService.authorize(request);
final String redirectUri = getQueryValue("redirect_uri");
Representation response = representation.toRepresentation(getContext(), getRequest(), getResponse(), authorizationToken, redirectUri);
for (AuthorizeRequestHook hook : hooks) {
hook.afterAuthorizeSuccess(request, getRequest(), getResponse());
}
return response;
} catch (IllegalArgumentException e) {
if (e.getMessage().contains("client_id")) {
throw new OAuth2RestletException(400, "invalid_request", e.getMessage(), request.<String>getParameter("state"));
}
throw new OAuth2RestletException(400, "invalid_request", e.getMessage(), request.<String>getParameter("redirect_uri"), request.<String>getParameter("state"));
} catch (ResourceOwnerAuthenticationRequired e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), e.getRedirectUri().toString(), null);
} catch (ResourceOwnerConsentRequired e) {
return representation.getRepresentation(getContext(), request, "authorize.ftl", getDataModel(e, request));
} catch (InvalidClientException e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("state"));
} catch (RedirectUriMismatchException e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("state"));
} catch (OAuth2Exception e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("redirect_uri"), request.<String>getParameter("state"), e.getParameterLocation());
}
}
Also used :
ResourceOwnerAuthenticationRequired(org.forgerock.oauth2.core.exceptions.ResourceOwnerAuthenticationRequired)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
AuthorizationToken(org.forgerock.oauth2.core.AuthorizationToken)
RedirectUriMismatchException(org.forgerock.oauth2.core.exceptions.RedirectUriMismatchException)
ResourceOwnerConsentRequired(org.forgerock.oauth2.core.exceptions.ResourceOwnerConsentRequired)
InvalidClientException(org.forgerock.oauth2.core.exceptions.InvalidClientException)
Representation(org.restlet.representation.Representation)
OAuth2Exception(org.forgerock.oauth2.core.exceptions.OAuth2Exception)
Get(org.restlet.resource.Get)
Example 9 with OAuth2RestletException
use of org.forgerock.oauth2.restlet.OAuth2RestletException in project OpenAM by OpenRock.
the class AuthorizeResource method authorize.
/**
* Handles POST requests to the OAuth2 authorize endpoint.
* <br/>
* This method will be called when a user has given their consent for an authorization request.
*
* @param entity The entity on the request.
* @return The body to be sent in the response to the user agent.
* @throws OAuth2RestletException If a OAuth2 error occurs whilst processing the authorization request.
*/
@Post
public Representation authorize(Representation entity) throws OAuth2RestletException {
final OAuth2Request request = requestFactory.create(getRequest());
for (AuthorizeRequestHook hook : hooks) {
hook.beforeAuthorizeHandling(request, getRequest(), getResponse());
}
final boolean consentGiven = "allow".equalsIgnoreCase(request.<String>getParameter("decision"));
final boolean saveConsent = "on".equalsIgnoreCase(request.<String>getParameter("save_consent"));
try {
final AuthorizationToken authorizationToken = authorizationService.authorize(request, consentGiven, saveConsent);
final String redirectUri = request.getParameter("redirect_uri");
Representation response = representation.toRepresentation(getContext(), getRequest(), getResponse(), authorizationToken, redirectUri);
for (AuthorizeRequestHook hook : hooks) {
hook.afterAuthorizeSuccess(request, getRequest(), getResponse());
}
return response;
} catch (ResourceOwnerAuthenticationRequired e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), e.getRedirectUri().toString(), null);
} catch (InvalidClientException e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("state"));
} catch (RedirectUriMismatchException e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("state"));
} catch (OAuth2Exception e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), request.<String>getParameter("redirect_uri"), request.<String>getParameter("state"), e.getParameterLocation());
}
}
Also used :
ResourceOwnerAuthenticationRequired(org.forgerock.oauth2.core.exceptions.ResourceOwnerAuthenticationRequired)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
AuthorizationToken(org.forgerock.oauth2.core.AuthorizationToken)
RedirectUriMismatchException(org.forgerock.oauth2.core.exceptions.RedirectUriMismatchException)
InvalidClientException(org.forgerock.oauth2.core.exceptions.InvalidClientException)
Representation(org.restlet.representation.Representation)
OAuth2Exception(org.forgerock.oauth2.core.exceptions.OAuth2Exception)
Post(org.restlet.resource.Post)
Example 10 with OAuth2RestletException
use of org.forgerock.oauth2.restlet.OAuth2RestletException in project OpenAM by OpenRock.
the class ValidationServerResource method validate.
/**
* Handles GET requests to the OAuth2 tokeninfo endpoint for retrieving information about the provided token.
*
* @return The body to be sent in the response to the user agent.
* @throws OAuth2RestletException
*/
@Get
public Representation validate() throws OAuth2RestletException {
logger.trace("In Validator resource");
final OAuth2Request request = requestFactory.create(getRequest());
try {
final JsonValue tokenInfo = tokenInfoService.getTokenInfo(request);
// Sets the no-store Cache-Control header
getResponse().getCacheDirectives().add(CacheDirective.noCache());
getResponse().getCacheDirectives().add(CacheDirective.noStore());
return jacksonRepresentationFactory.create(tokenInfo.asMap());
} catch (OAuth2Exception e) {
throw new OAuth2RestletException(e.getStatusCode(), e.getError(), e.getMessage(), null);
}
}
Also used :
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
JsonValue(org.forgerock.json.JsonValue)
OAuth2Exception(org.forgerock.oauth2.core.exceptions.OAuth2Exception)
Get(org.restlet.resource.Get)
Aggregations
OAuth2Exception (org.forgerock.oauth2.core.exceptions.OAuth2Exception)11
OAuth2Request (org.forgerock.oauth2.core.OAuth2Request)10
OAuth2RestletException (org.forgerock.oauth2.restlet.OAuth2RestletException)7
Get (org.restlet.resource.Get)6
JsonValue (org.forgerock.json.JsonValue)4
Post (org.restlet.resource.Post)4
InvalidClientException (org.forgerock.oauth2.core.exceptions.InvalidClientException)3
RedirectUriMismatchException (org.forgerock.oauth2.core.exceptions.RedirectUriMismatchException)3
ResourceOwnerAuthenticationRequired (org.forgerock.oauth2.core.exceptions.ResourceOwnerAuthenticationRequired)3
URI (java.net.URI)2
AuthorizationToken (org.forgerock.oauth2.core.AuthorizationToken)2
DeviceCode (org.forgerock.oauth2.core.DeviceCode)2
ResourceOwnerConsentRequired (org.forgerock.oauth2.core.exceptions.ResourceOwnerConsentRequired)2
ServerException (org.forgerock.oauth2.core.exceptions.ServerException)2
Request (org.restlet.Request)2
JsonRepresentation (org.restlet.ext.json.JsonRepresentation)2
Representation (org.restlet.representation.Representation)2
Test (org.testng.annotations.Test)2
HashMap (java.util.HashMap)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
