Example 11 with CoreTokenException
use of org.forgerock.openam.cts.exceptions.CoreTokenException in project OpenAM by OpenRock.
the class CtsTokenOperationsEntryImpl method getAverageDuration.
/**
* Returns the average (mean) duration of the length of a token type's lifetime
*
* @return the average (mean) length of time for all tokens of the supplied type since the epoch in seconds
*/
public Long getAverageDuration() {
long result;
try {
TokenType tokenType = Enums.getEnumFromOrdinal(TokenType.class, getTokenTableIndex().intValue() - 1);
result = ctsPersistenceOperationsMonitor.getAverageDuration(tokenType);
} catch (CoreTokenException e) {
String message = "CTS Persistence did not return a valid result.";
if (debug.messageEnabled()) {
debug.error(message, e);
}
throw new InvalidSNMPQueryException(message, e);
} catch (SnmpStatusException e) {
String message = "Unable to determine token type from supplied index.";
if (debug.messageEnabled()) {
debug.error(message, e);
}
throw new InvalidSNMPQueryException(message, e);
}
return result;
}
Also used :
SnmpStatusException(com.sun.management.snmp.SnmpStatusException)
TokenType(org.forgerock.openam.tokens.TokenType)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
Example 12 with CoreTokenException
use of org.forgerock.openam.cts.exceptions.CoreTokenException in project OpenAM by OpenRock.
the class CtsTokenOperationsEntryImpl method getTotalCount.
/**
* Returns the total number of current tokens of the type specified
* in the CTS at the current instant.
*
* @return a long of the number of tokens in the store, min. 0.
*/
@Override
public Long getTotalCount() {
final long result;
try {
TokenType tokenType = Enums.getEnumFromOrdinal(TokenType.class, getTokenTableIndex().intValue() - 1);
result = ctsPersistenceOperationsMonitor.getTotalCount(tokenType);
} catch (CoreTokenException e) {
String message = "CTS Persistence did not return a valid result.";
if (debug.messageEnabled()) {
debug.error(message, e);
}
throw new InvalidSNMPQueryException(message, e);
} catch (SnmpStatusException e) {
String message = "Unable to determine token type from supplied index.";
if (debug.messageEnabled()) {
debug.error(message, e);
}
throw new InvalidSNMPQueryException(message, e);
}
return result;
}
Also used :
SnmpStatusException(com.sun.management.snmp.SnmpStatusException)
TokenType(org.forgerock.openam.tokens.TokenType)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
Example 13 with CoreTokenException
use of org.forgerock.openam.cts.exceptions.CoreTokenException in project OpenAM by OpenRock.
the class OpenAMTokenStore method createDeviceCode.
/**
* {@inheritDoc}
*/
public DeviceCode createDeviceCode(Set<String> scope, ResourceOwner resourceOwner, String clientId, String nonce, String responseType, String state, String acrValues, String prompt, String uiLocales, String loginHint, Integer maxAge, String claims, OAuth2Request request, String codeChallenge, String codeChallengeMethod) throws ServerException, NotFoundException {
logger.message("DefaultOAuthTokenStoreImpl::Creating Authorization code");
final OAuth2ProviderSettings providerSettings = providerSettingsFactory.get(request);
final String deviceCode = UUID.randomUUID().toString();
final StringBuilder codeBuilder = new StringBuilder(CODE_LENGTH);
String userCode = null;
int i;
for (i = 0; i < NUM_RETRIES; i++) {
for (int k = 0; k < CODE_LENGTH; k++) {
codeBuilder.append(ALPHABET.charAt(secureRandom.nextInt(ALPHABET.length())));
}
try {
readDeviceCode(codeBuilder.toString(), request);
codeBuilder.delete(0, codeBuilder.length());
// code can be found - try again
} catch (InvalidGrantException e) {
// Good, it doesn't exist yet.
userCode = codeBuilder.toString();
break;
} catch (ServerException e) {
logger.message("Could not query CTS, assume duplicate to be safe", e);
}
}
if (i == NUM_RETRIES) {
throw new ServerException("Could not generate a unique user code");
}
long expiryTime = System.currentTimeMillis() + (1000 * providerSettings.getDeviceCodeLifetime());
String resourceOwnerId = resourceOwner == null ? null : resourceOwner.getId();
final DeviceCode code = new DeviceCode(deviceCode, userCode, resourceOwnerId, clientId, nonce, responseType, state, acrValues, prompt, uiLocales, loginHint, maxAge, claims, expiryTime, scope, realmNormaliser.normalise(request.<String>getParameter(REALM)), codeChallenge, codeChallengeMethod);
// Store in CTS
try {
tokenStore.create(code);
if (auditLogger.isAuditLogEnabled()) {
String[] obs = { "CREATED_DEVICE_CODE", code.toString() };
auditLogger.logAccessMessage("CREATED_DEVICE_CODE", obs, null);
}
} catch (CoreTokenException e) {
if (auditLogger.isAuditLogEnabled()) {
String[] obs = { "FAILED_CREATE_DEVICE_CODE", code.toString() };
auditLogger.logErrorMessage("FAILED_CREATE_DEVICE_CODE", obs, null);
}
logger.error("Unable to create device code " + code, e);
throw new ServerException("Could not create token in CTS");
}
request.setToken(DeviceCode.class, code);
return code;
}
Also used :
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
DeviceCode(org.forgerock.oauth2.core.DeviceCode)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings)
InvalidGrantException(org.forgerock.oauth2.core.exceptions.InvalidGrantException)
Example 14 with CoreTokenException
use of org.forgerock.openam.cts.exceptions.CoreTokenException in project OpenAM by OpenRock.
the class OpenAMTokenStore method createAuthorizationCode.
/**
* {@inheritDoc}
*/
public AuthorizationCode createAuthorizationCode(Set<String> scope, ResourceOwner resourceOwner, String clientId, String redirectUri, String nonce, OAuth2Request request, String codeChallenge, String codeChallengeMethod) throws ServerException, NotFoundException {
logger.message("DefaultOAuthTokenStoreImpl::Creating Authorization code");
OpenIdConnectClientRegistration clientRegistration = getClientRegistration(clientId, request);
final OAuth2ProviderSettings providerSettings = providerSettingsFactory.get(request);
final String code = UUID.randomUUID().toString();
long expiryTime = 0;
if (clientRegistration == null) {
expiryTime = providerSettings.getAuthorizationCodeLifetime() + System.currentTimeMillis();
} else {
expiryTime = clientRegistration.getAuthorizationCodeLifeTime(providerSettings) + System.currentTimeMillis();
}
final String ssoTokenId = getSsoTokenId(request);
final OpenAMAuthorizationCode authorizationCode = new OpenAMAuthorizationCode(code, resourceOwner.getId(), clientId, redirectUri, scope, getClaimsFromRequest(request), expiryTime, nonce, realmNormaliser.normalise(request.<String>getParameter(REALM)), getAuthModulesFromSSOToken(request), getAuthenticationContextClassReferenceFromRequest(request), ssoTokenId, codeChallenge, codeChallengeMethod);
// Store in CTS
try {
tokenStore.create(authorizationCode);
if (auditLogger.isAuditLogEnabled()) {
String[] obs = { "CREATED_AUTHORIZATION_CODE", authorizationCode.toString() };
auditLogger.logAccessMessage("CREATED_AUTHORIZATION_CODE", obs, null);
}
} catch (CoreTokenException e) {
if (auditLogger.isAuditLogEnabled()) {
String[] obs = { "FAILED_CREATE_AUTHORIZATION_CODE", authorizationCode.toString() };
auditLogger.logErrorMessage("FAILED_CREATE_AUTHORIZATION_CODE", obs, null);
}
logger.error("Unable to create authorization code " + authorizationCode.getTokenInfo(), e);
throw new ServerException("Could not create token in CTS");
}
request.setToken(AuthorizationCode.class, authorizationCode);
return authorizationCode;
}
Also used :
OpenIdConnectClientRegistration(org.forgerock.openidconnect.OpenIdConnectClientRegistration)
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings)
Example 15 with CoreTokenException
use of org.forgerock.openam.cts.exceptions.CoreTokenException in project OpenAM by OpenRock.
the class OpenAMTokenStore method readRefreshToken.
/**
* {@inheritDoc}
*/
public RefreshToken readRefreshToken(OAuth2Request request, String tokenId) throws ServerException, InvalidGrantException, NotFoundException {
RefreshToken loaded = request.getToken(RefreshToken.class);
if (loaded != null) {
return loaded;
}
logger.message("Read refresh token");
JsonValue token;
try {
token = tokenStore.read(tokenId);
} catch (CoreTokenException e) {
logger.error("Unable to read refresh token corresponding to id: " + tokenId, e);
throw new ServerException("Could not read token in CTS: " + e.getMessage());
}
if (token == null) {
logger.error("Unable to read refresh token corresponding to id: " + tokenId);
throw new InvalidGrantException("grant is invalid");
}
OpenAMRefreshToken refreshToken = new OpenAMRefreshToken(token);
validateTokenRealm(refreshToken.getRealm(), request);
request.setToken(RefreshToken.class, refreshToken);
return refreshToken;
}
Also used :
RefreshToken(org.forgerock.oauth2.core.RefreshToken)
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
JsonValue(org.forgerock.json.JsonValue)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
InvalidGrantException(org.forgerock.oauth2.core.exceptions.InvalidGrantException)
Aggregations
CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)59
JsonValue (org.forgerock.json.JsonValue)21
ServerException (org.forgerock.oauth2.core.exceptions.ServerException)19
Token (org.forgerock.openam.cts.api.tokens.Token)14
Test (org.testng.annotations.Test)11
InternalServerErrorException (org.forgerock.json.resource.InternalServerErrorException)10
ResourceException (org.forgerock.json.resource.ResourceException)9
PartialToken (org.forgerock.openam.sm.datalayer.api.query.PartialToken)9
BadRequestException (org.forgerock.json.resource.BadRequestException)8
ArrayList (java.util.ArrayList)7
ResourceResponse (org.forgerock.json.resource.ResourceResponse)7
SSOException (com.iplanet.sso.SSOException)6
SSOToken (com.iplanet.sso.SSOToken)6
IdRepoException (com.sun.identity.idm.IdRepoException)6
HashMap (java.util.HashMap)5
Responses.newResourceResponse (org.forgerock.json.resource.Responses.newResourceResponse)5
OAuth2ProviderSettings (org.forgerock.oauth2.core.OAuth2ProviderSettings)5
TokenFilter (org.forgerock.openam.cts.api.filter.TokenFilter)5
TokenFilterBuilder (org.forgerock.openam.cts.api.filter.TokenFilterBuilder)5
DeleteFailedException (org.forgerock.openam.cts.exceptions.DeleteFailedException)5
