Example 51 with CoreTokenException
use of org.forgerock.openam.cts.exceptions.CoreTokenException in project OpenAM by OpenRock.
the class IdentityResourceV2 method anonymousUpdate.
/**
* Perform an anonymous update of a user's password using the provided token.
*
* The token must match a token placed in the CTS in order for the request
* to proceed.
*
* @param context Non null
* @param request Non null
* @param realm Non null
*/
private Promise<ActionResponse, ResourceException> anonymousUpdate(final Context context, final ActionRequest request, final String realm) {
final String tokenID;
String confirmationId;
String username;
String nwpassword;
final JsonValue jVal = request.getContent();
try {
tokenID = jVal.get(TOKEN_ID).asString();
jVal.remove(TOKEN_ID);
confirmationId = jVal.get(CONFIRMATION_ID).asString();
jVal.remove(CONFIRMATION_ID);
username = jVal.get(USERNAME).asString();
nwpassword = jVal.get("userpassword").asString();
if (username == null || username.isEmpty()) {
throw new BadRequestException("username not provided");
}
if (nwpassword == null || username.isEmpty()) {
throw new BadRequestException("new password not provided");
}
validateToken(tokenID, realm, username, confirmationId);
// update Identity
SSOToken admin = RestUtils.getToken();
// Update instance with new password value
return updateInstance(admin, jVal, realm).thenAsync(new AsyncFunction<ActionResponse, ActionResponse, ResourceException>() {
@Override
public Promise<ActionResponse, ResourceException> apply(ActionResponse response) {
// Only remove the token if the update was successful, errors will be set in the handler.
try {
// Even though the generated token will eventually timeout, delete it after a successful read
// so that the reset password request cannot be made again using the same token.
CTSHolder.getCTS().deleteAsync(tokenID);
} catch (DeleteFailedException e) {
// reading and deleting, the token has expired.
if (debug.messageEnabled()) {
debug.message("Deleting token " + tokenID + " after a successful " + "read failed due to " + e.getMessage(), e);
}
} catch (CoreTokenException cte) {
// For any unexpected CTS error
debug.error("Error performing anonymousUpdate", cte);
return new InternalServerErrorException(cte.getMessage(), cte).asPromise();
}
return newResultPromise(response);
}
});
} catch (BadRequestException bre) {
// For any malformed request.
debug.warning("Bad request received for anonymousUpdate ", bre);
return bre.asPromise();
} catch (ResourceException re) {
debug.warning("Error performing anonymousUpdate", re);
return re.asPromise();
} catch (CoreTokenException cte) {
// For any unexpected CTS error
debug.error("Error performing anonymousUpdate", cte);
return new InternalServerErrorException(cte).asPromise();
}
}
Also used :
Promises.newResultPromise(org.forgerock.util.promise.Promises.newResultPromise)
Promise(org.forgerock.util.promise.Promise)
SSOToken(com.iplanet.sso.SSOToken)
DeleteFailedException(org.forgerock.openam.cts.exceptions.DeleteFailedException)
JsonValue(org.forgerock.json.JsonValue)
BadRequestException(org.forgerock.json.resource.BadRequestException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
ResourceException(org.forgerock.json.resource.ResourceException)
ActionResponse(org.forgerock.json.resource.ActionResponse)
Responses.newActionResponse(org.forgerock.json.resource.Responses.newActionResponse)
Example 52 with CoreTokenException
use of org.forgerock.openam.cts.exceptions.CoreTokenException in project OpenAM by OpenRock.
the class IdentityResourceV2 method confirmationIdCheck.
/**
* Will validate confirmationId is correct
* @param request Request from client to confirm registration
*/
private Promise<ActionResponse, ResourceException> confirmationIdCheck(final ActionRequest request, final String realm) {
final String METHOD = "IdentityResource.confirmationIdCheck";
final JsonValue jVal = request.getContent();
String tokenID = "";
String confirmationId;
String email;
String username;
//email or username value used to create confirmationId
String hashComponent = null;
String hashComponentAttr = null;
JsonValue result = new JsonValue(new LinkedHashMap<String, Object>(1));
try {
tokenID = jVal.get(TOKEN_ID).asString();
confirmationId = jVal.get(CONFIRMATION_ID).asString();
email = jVal.get(EMAIL).asString();
username = jVal.get(USERNAME).asString();
if (StringUtils.isBlank(confirmationId)) {
if (debug.errorEnabled()) {
debug.error("{} :: Bad Request - confirmationId not found in request.", METHOD);
}
throw new BadRequestException("confirmationId not provided");
}
if (StringUtils.isBlank(email) && !StringUtils.isBlank(username)) {
hashComponent = username;
hashComponentAttr = USERNAME;
}
if (!StringUtils.isBlank(email) && StringUtils.isBlank(username)) {
hashComponent = email;
hashComponentAttr = EMAIL;
}
if (StringUtils.isBlank(hashComponent)) {
if (debug.errorEnabled()) {
debug.error("{} :: Bad Request - hashComponent not found in request.", METHOD);
}
throw new BadRequestException("Required information not provided");
}
if (StringUtils.isBlank(tokenID)) {
if (debug.errorEnabled()) {
debug.error("{} :: Bad Request - tokenID not found in request.", METHOD);
}
throw new BadRequestException("tokenId not provided");
}
validateToken(tokenID, realm, hashComponent, confirmationId);
// build resource
result.put(hashComponentAttr, hashComponent);
result.put(TOKEN_ID, tokenID);
result.put(CONFIRMATION_ID, confirmationId);
if (debug.messageEnabled()) {
debug.message("{} :: Confirmed for token '{}' with confirmation '{}'", METHOD, tokenID, confirmationId);
}
return newResultPromise(newActionResponse(result));
} catch (BadRequestException bre) {
debug.warning("{} :: Cannot confirm registration/forgotPassword for : {}", METHOD, hashComponent, bre);
return bre.asPromise();
} catch (ResourceException re) {
debug.warning("{} :: Resource error for : {}", METHOD, hashComponent, re);
return re.asPromise();
} catch (CoreTokenException cte) {
debug.error("{} :: CTE error for : {}", METHOD, hashComponent, cte);
return new InternalServerErrorException(cte).asPromise();
}
}
Also used :
JsonValue(org.forgerock.json.JsonValue)
BadRequestException(org.forgerock.json.resource.BadRequestException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
ResourceException(org.forgerock.json.resource.ResourceException)
Example 53 with CoreTokenException
use of org.forgerock.openam.cts.exceptions.CoreTokenException in project OpenAM by OpenRock.
the class IdentityResourceV1 method anonymousUpdate.
/**
* Perform an anonymous update of a user's password using the provided token.
*
* The token must match a token placed in the CTS in order for the request
* to proceed.
*
* @param context Non null
* @param request Non null
* @param realm Non null
*/
private Promise<ActionResponse, ResourceException> anonymousUpdate(final Context context, final ActionRequest request, final String realm) {
final String tokenID;
String confirmationId;
String username;
String nwpassword;
final JsonValue jVal = request.getContent();
try {
tokenID = jVal.get(TOKEN_ID).asString();
jVal.remove(TOKEN_ID);
confirmationId = jVal.get(CONFIRMATION_ID).asString();
jVal.remove(CONFIRMATION_ID);
username = jVal.get(USERNAME).asString();
nwpassword = jVal.get("userpassword").asString();
if (username == null || username.isEmpty()) {
throw new BadRequestException("username not provided");
}
if (nwpassword == null || username.isEmpty()) {
throw new BadRequestException("new password not provided");
}
validateToken(tokenID, realm, username, confirmationId);
// update Identity
SSOToken admin = RestUtils.getToken();
// Update instance with new password value
return updateInstance(admin, jVal, realm).thenAsync(new AsyncFunction<ActionResponse, ActionResponse, ResourceException>() {
@Override
public Promise<ActionResponse, ResourceException> apply(ActionResponse response) {
// Only remove the token if the update was successful, errors will be set in the handler.
try {
// Even though the generated token will eventually timeout, delete it after a successful read
// so that the reset password request cannot be made again using the same token.
CTSHolder.getCTS().deleteAsync(tokenID);
} catch (DeleteFailedException e) {
// reading and deleting, the token has expired.
if (debug.messageEnabled()) {
debug.message("Deleting token " + tokenID + " after a successful " + "read failed due to " + e.getMessage(), e);
}
} catch (CoreTokenException cte) {
// For any unexpected CTS error
debug.error("Error performing anonymousUpdate", cte);
return new InternalServerErrorException(cte.getMessage(), cte).asPromise();
}
return newResultPromise(response);
}
});
} catch (BadRequestException bre) {
// For any malformed request.
debug.warning("Bad request received for anonymousUpdate " + bre.getMessage());
return bre.asPromise();
} catch (ResourceException re) {
debug.warning("Error performing anonymousUpdate", re);
return re.asPromise();
} catch (CoreTokenException cte) {
// For any unexpected CTS error
debug.error("Error performing anonymousUpdate", cte);
return new InternalServerErrorException(cte).asPromise();
}
}
Also used :
Promises.newResultPromise(org.forgerock.util.promise.Promises.newResultPromise)
Promise(org.forgerock.util.promise.Promise)
IdentityRestUtils.getSSOToken(org.forgerock.openam.core.rest.IdentityRestUtils.getSSOToken)
SSOToken(com.iplanet.sso.SSOToken)
DeleteFailedException(org.forgerock.openam.cts.exceptions.DeleteFailedException)
IdentityRestUtils.identityDetailsToJsonValue(org.forgerock.openam.core.rest.IdentityRestUtils.identityDetailsToJsonValue)
JsonValue(org.forgerock.json.JsonValue)
BadRequestException(org.forgerock.json.resource.BadRequestException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
ResourceException(org.forgerock.json.resource.ResourceException)
ActionResponse(org.forgerock.json.resource.ActionResponse)
Example 54 with CoreTokenException
use of org.forgerock.openam.cts.exceptions.CoreTokenException in project OpenAM by OpenRock.
the class AsyncResultHandler method getResults.
/**
* Blocking call to wait for the results of processing.
*
* @return {@inheritDoc}
* @throws CoreTokenException {@inheritDoc}
*/
@SuppressWarnings("unchecked")
public T getResults() throws CoreTokenException {
try {
Object value = syncQueue.poll(config.getQueueTimeout(), TimeUnit.SECONDS);
if (value == null) {
throw new CoreTokenException("Timed out whilst waiting for result");
}
// In case the value was null
if (value.equals(NULL_SIGNAL)) {
debug("Results: <null>");
return null;
}
// In case there was an error
if (value instanceof CoreTokenException) {
throw (CoreTokenException) value;
}
if (value instanceof Exception) {
final Exception ex = (Exception) value;
throw new CoreTokenException(ex.getMessage(), ex);
}
debug("Results: {0}", value.toString());
return (T) value;
} catch (InterruptedException e) {
Thread.currentThread().interrupt();
throw new CoreTokenException("Interrupted whilst waiting for a async operation", e);
}
}
Also used :
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
Example 55 with CoreTokenException
use of org.forgerock.openam.cts.exceptions.CoreTokenException in project OpenAM by OpenRock.
the class SAML2CTSPersistentStore method saveSAML2Token.
/**
* {@inheritDoc}
*/
@Override
public void saveSAML2Token(String primaryKey, String secondaryKey, Object samlObj, long expirationTime) throws SAML2TokenRepositoryException {
// Save the SAML2 Token.
try {
// Perform the Save of the Token to the Token Repository.
SAMLToken samlToken = new SAMLToken(primaryKey, secondaryKey, expirationTime, samlObj);
Token token = tokenAdapter.toToken(samlToken);
persistentStore.createAsync(token);
} catch (CoreTokenException e) {
debug.error("SAML2CTSPersistentStore.saveSAML2Token(): failed to save SAML2 " + "token using primary key:" + primaryKey, e);
throw new SAML2TokenRepositoryException(e.getMessage(), e);
}
}
Also used :
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
SAMLToken(org.forgerock.openam.cts.api.tokens.SAMLToken)
Token(org.forgerock.openam.cts.api.tokens.Token)
SAML2TokenRepositoryException(org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException)
SAMLToken(org.forgerock.openam.cts.api.tokens.SAMLToken)
Aggregations
CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)59
JsonValue (org.forgerock.json.JsonValue)21
ServerException (org.forgerock.oauth2.core.exceptions.ServerException)19
Token (org.forgerock.openam.cts.api.tokens.Token)14
Test (org.testng.annotations.Test)11
InternalServerErrorException (org.forgerock.json.resource.InternalServerErrorException)10
ResourceException (org.forgerock.json.resource.ResourceException)9
PartialToken (org.forgerock.openam.sm.datalayer.api.query.PartialToken)9
BadRequestException (org.forgerock.json.resource.BadRequestException)8
ArrayList (java.util.ArrayList)7
ResourceResponse (org.forgerock.json.resource.ResourceResponse)7
SSOException (com.iplanet.sso.SSOException)6
SSOToken (com.iplanet.sso.SSOToken)6
IdRepoException (com.sun.identity.idm.IdRepoException)6
HashMap (java.util.HashMap)5
Responses.newResourceResponse (org.forgerock.json.resource.Responses.newResourceResponse)5
OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)5
TokenFilter (org.forgerock.openam.cts.api.filter.TokenFilter)5
TokenFilterBuilder (org.forgerock.openam.cts.api.filter.TokenFilterBuilder)5
DeleteFailedException (org.forgerock.openam.cts.exceptions.DeleteFailedException)5
