Example 1 with DeleteFailedException
use of org.forgerock.openam.cts.exceptions.DeleteFailedException in project OpenAM by OpenRock.
the class CTSPersistentStoreImpl method delete.
@Override
public int delete(Map<CoreTokenField, Object> query) throws DeleteFailedException {
TokenFilterBuilder.FilterAttributeBuilder builder = new TokenFilterBuilder().returnAttribute(CoreTokenField.TOKEN_ID).and();
for (Map.Entry<CoreTokenField, Object> entry : query.entrySet()) {
CoreTokenField key = entry.getKey();
Object value = entry.getValue();
builder = builder.withAttribute(key, value);
}
TokenFilter filter = builder.build();
Collection<String> failures = new ArrayList<String>();
try {
Collection<PartialToken> partialTokens = attributeQuery(filter);
debug("Found {0} partial Tokens for deletion", Integer.toString(partialTokens.size()));
for (PartialToken token : partialTokens) {
String tokenId = token.getValue(CoreTokenField.TOKEN_ID);
try {
delete(tokenId);
} catch (CoreTokenException e) {
failures.add(tokenId);
}
}
if (!failures.isEmpty()) {
error("Failed to delete {0} tokens.\n{1}", Integer.toString(failures.size()), StringUtils.join(failures, ","));
}
return partialTokens.size() - failures.size();
} catch (CoreTokenException e) {
throw new DeleteFailedException("Failed to delete Tokens", e);
}
}
Also used :
PartialToken(org.forgerock.openam.sm.datalayer.api.query.PartialToken)
ArrayList(java.util.ArrayList)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
CoreTokenField(org.forgerock.openam.tokens.CoreTokenField)
DeleteFailedException(org.forgerock.openam.cts.exceptions.DeleteFailedException)
TokenFilterBuilder(org.forgerock.openam.cts.api.filter.TokenFilterBuilder)
Map(java.util.Map)
TokenFilter(org.forgerock.openam.cts.api.filter.TokenFilter)
Example 2 with DeleteFailedException
use of org.forgerock.openam.cts.exceptions.DeleteFailedException in project OpenAM by OpenRock.
the class IdentityResourceV2 method anonymousCreate.
private Promise<ActionResponse, ResourceException> anonymousCreate(final Context context, final ActionRequest request, final String realm, RestSecurity restSecurity) {
final JsonValue jVal = request.getContent();
String tokenID = null;
String confirmationId;
String email;
try {
if (!restSecurity.isSelfRegistration()) {
throw new BadRequestException("Self-registration disabled");
}
tokenID = jVal.get(TOKEN_ID).asString();
jVal.remove(TOKEN_ID);
confirmationId = jVal.get(CONFIRMATION_ID).asString();
jVal.remove(CONFIRMATION_ID);
email = jVal.get(EMAIL).asString();
if (email == null || email.isEmpty()) {
throw new BadRequestException("Email not provided");
}
// Convert to IDRepo Attribute schema
jVal.put("mail", email);
if (confirmationId == null || confirmationId.isEmpty()) {
throw new BadRequestException("confirmationId not provided");
}
if (tokenID == null || tokenID.isEmpty()) {
throw new BadRequestException("tokenId not provided");
}
validateToken(tokenID, realm, email, confirmationId);
// create an Identity
SSOToken admin = RestUtils.getToken();
final String finalTokenID = tokenID;
return createInstance(admin, jVal, realm).thenAsync(new AsyncFunction<ActionResponse, ActionResponse, ResourceException>() {
@Override
public Promise<ActionResponse, ResourceException> apply(ActionResponse response) {
// Only remove the token if the create was successful, errors will be set in the handler.
try {
// Even though the generated token will eventually timeout, delete it after a successful read
// so that the completed registration request cannot be made again using the same token.
CTSHolder.getCTS().deleteAsync(finalTokenID);
} catch (DeleteFailedException e) {
// reading and deleting, the token has expired.
if (debug.messageEnabled()) {
debug.message("IdentityResource.anonymousCreate: Deleting token " + finalTokenID + " after a successful read failed due to " + e.getMessage(), e);
}
} catch (CoreTokenException cte) {
// For any unexpected CTS error
debug.error("IdentityResource.anonymousCreate(): CTS Error : " + cte.getMessage());
return new InternalServerErrorException(cte.getMessage(), cte).asPromise();
}
return newResultPromise(response);
}
});
} catch (BadRequestException bre) {
debug.warning("IdentityResource.anonymousCreate() :: Invalid Parameter", bre);
return bre.asPromise();
} catch (ResourceException re) {
debug.warning("IdentityResource.anonymousCreate() :: Resource error", re);
return re.asPromise();
} catch (CoreTokenException cte) {
// For any unexpected CTS error
debug.error("IdentityResource.anonymousCreate() :: CTS error", cte);
return new InternalServerErrorException(cte).asPromise();
} catch (ServiceNotFoundException snfe) {
// Failure from RestSecurity
debug.error("IdentityResource.anonymousCreate() :: Internal error", snfe);
return new InternalServerErrorException(snfe).asPromise();
}
}
Also used :
SSOToken(com.iplanet.sso.SSOToken)
JsonValue(org.forgerock.json.JsonValue)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
ActionResponse(org.forgerock.json.resource.ActionResponse)
Responses.newActionResponse(org.forgerock.json.resource.Responses.newActionResponse)
Promises.newResultPromise(org.forgerock.util.promise.Promises.newResultPromise)
Promise(org.forgerock.util.promise.Promise)
DeleteFailedException(org.forgerock.openam.cts.exceptions.DeleteFailedException)
ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException)
BadRequestException(org.forgerock.json.resource.BadRequestException)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
ResourceException(org.forgerock.json.resource.ResourceException)
Example 3 with DeleteFailedException
use of org.forgerock.openam.cts.exceptions.DeleteFailedException in project OpenAM by OpenRock.
the class IdentityResourceV1 method anonymousCreate.
private Promise<ActionResponse, ResourceException> anonymousCreate(final Context context, final ActionRequest request, final String realm, RestSecurity restSecurity) {
final JsonValue jVal = request.getContent();
String confirmationId;
String email;
try {
if (!restSecurity.isSelfRegistration()) {
throw new BadRequestException("Self-registration disabled");
}
final String tokenID = jVal.get(TOKEN_ID).asString();
jVal.remove(TOKEN_ID);
confirmationId = jVal.get(CONFIRMATION_ID).asString();
jVal.remove(CONFIRMATION_ID);
email = jVal.get(EMAIL).asString();
if (email == null || email.isEmpty()) {
throw new BadRequestException("Email not provided");
}
// Convert to IDRepo Attribute schema
jVal.put("mail", email);
if (confirmationId == null || confirmationId.isEmpty()) {
throw new BadRequestException("confirmationId not provided");
}
if (tokenID == null || tokenID.isEmpty()) {
throw new BadRequestException("tokenId not provided");
}
validateToken(tokenID, realm, email, confirmationId);
// create an Identity
SSOToken admin = RestUtils.getToken();
return createInstance(admin, jVal, realm).thenAsync(new AsyncFunction<ActionResponse, ActionResponse, ResourceException>() {
@Override
public Promise<ActionResponse, ResourceException> apply(ActionResponse response) {
// Only remove the token if the create was successful, errors will be set in the handler.
try {
// Even though the generated token will eventually timeout, delete it after a successful read
// so that the completed registration request cannot be made again using the same token.
CTSHolder.getCTS().deleteAsync(tokenID);
} catch (DeleteFailedException e) {
// reading and deleting, the token has expired.
if (debug.messageEnabled()) {
debug.message("IdentityResource.anonymousCreate: Deleting token {} after a" + " successful read failed.", tokenID, e);
}
} catch (CoreTokenException cte) {
// For any unexpected CTS error
debug.error("IdentityResource.anonymousCreate(): CTS Error", cte);
return new InternalServerErrorException(cte.getMessage(), cte).asPromise();
}
return newResultPromise(response);
}
});
} catch (BadRequestException bre) {
debug.warning("IdentityResource.anonymousCreate() :: Invalid Parameter", bre);
return bre.asPromise();
} catch (ResourceException re) {
debug.warning("IdentityResource.anonymousCreate() :: Resource error", re);
return re.asPromise();
} catch (CoreTokenException cte) {
// For any unexpected CTS error
debug.error("IdentityResource.anonymousCreate() :: CTS error", cte);
return new InternalServerErrorException(cte).asPromise();
} catch (ServiceNotFoundException snfe) {
// Failure from RestSecurity
debug.error("IdentityResource.anonymousCreate() :: Internal error", snfe);
return new InternalServerErrorException(snfe).asPromise();
}
}
Also used :
IdentityRestUtils.getSSOToken(org.forgerock.openam.core.rest.IdentityRestUtils.getSSOToken)
SSOToken(com.iplanet.sso.SSOToken)
IdentityRestUtils.identityDetailsToJsonValue(org.forgerock.openam.core.rest.IdentityRestUtils.identityDetailsToJsonValue)
JsonValue(org.forgerock.json.JsonValue)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
ActionResponse(org.forgerock.json.resource.ActionResponse)
Promises.newResultPromise(org.forgerock.util.promise.Promises.newResultPromise)
Promise(org.forgerock.util.promise.Promise)
DeleteFailedException(org.forgerock.openam.cts.exceptions.DeleteFailedException)
ServiceNotFoundException(com.sun.identity.sm.ServiceNotFoundException)
BadRequestException(org.forgerock.json.resource.BadRequestException)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
ResourceException(org.forgerock.json.resource.ResourceException)
Example 4 with DeleteFailedException
use of org.forgerock.openam.cts.exceptions.DeleteFailedException in project OpenAM by OpenRock.
the class IdentityResourceV2 method anonymousUpdate.
/**
* Perform an anonymous update of a user's password using the provided token.
*
* The token must match a token placed in the CTS in order for the request
* to proceed.
*
* @param context Non null
* @param request Non null
* @param realm Non null
*/
private Promise<ActionResponse, ResourceException> anonymousUpdate(final Context context, final ActionRequest request, final String realm) {
final String tokenID;
String confirmationId;
String username;
String nwpassword;
final JsonValue jVal = request.getContent();
try {
tokenID = jVal.get(TOKEN_ID).asString();
jVal.remove(TOKEN_ID);
confirmationId = jVal.get(CONFIRMATION_ID).asString();
jVal.remove(CONFIRMATION_ID);
username = jVal.get(USERNAME).asString();
nwpassword = jVal.get("userpassword").asString();
if (username == null || username.isEmpty()) {
throw new BadRequestException("username not provided");
}
if (nwpassword == null || username.isEmpty()) {
throw new BadRequestException("new password not provided");
}
validateToken(tokenID, realm, username, confirmationId);
// update Identity
SSOToken admin = RestUtils.getToken();
// Update instance with new password value
return updateInstance(admin, jVal, realm).thenAsync(new AsyncFunction<ActionResponse, ActionResponse, ResourceException>() {
@Override
public Promise<ActionResponse, ResourceException> apply(ActionResponse response) {
// Only remove the token if the update was successful, errors will be set in the handler.
try {
// Even though the generated token will eventually timeout, delete it after a successful read
// so that the reset password request cannot be made again using the same token.
CTSHolder.getCTS().deleteAsync(tokenID);
} catch (DeleteFailedException e) {
// reading and deleting, the token has expired.
if (debug.messageEnabled()) {
debug.message("Deleting token " + tokenID + " after a successful " + "read failed due to " + e.getMessage(), e);
}
} catch (CoreTokenException cte) {
// For any unexpected CTS error
debug.error("Error performing anonymousUpdate", cte);
return new InternalServerErrorException(cte.getMessage(), cte).asPromise();
}
return newResultPromise(response);
}
});
} catch (BadRequestException bre) {
// For any malformed request.
debug.warning("Bad request received for anonymousUpdate ", bre);
return bre.asPromise();
} catch (ResourceException re) {
debug.warning("Error performing anonymousUpdate", re);
return re.asPromise();
} catch (CoreTokenException cte) {
// For any unexpected CTS error
debug.error("Error performing anonymousUpdate", cte);
return new InternalServerErrorException(cte).asPromise();
}
}
Also used :
Promises.newResultPromise(org.forgerock.util.promise.Promises.newResultPromise)
Promise(org.forgerock.util.promise.Promise)
SSOToken(com.iplanet.sso.SSOToken)
DeleteFailedException(org.forgerock.openam.cts.exceptions.DeleteFailedException)
JsonValue(org.forgerock.json.JsonValue)
BadRequestException(org.forgerock.json.resource.BadRequestException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
ResourceException(org.forgerock.json.resource.ResourceException)
ActionResponse(org.forgerock.json.resource.ActionResponse)
Responses.newActionResponse(org.forgerock.json.resource.Responses.newActionResponse)
Example 5 with DeleteFailedException
use of org.forgerock.openam.cts.exceptions.DeleteFailedException in project OpenAM by OpenRock.
the class IdentityResourceV1 method anonymousUpdate.
/**
* Perform an anonymous update of a user's password using the provided token.
*
* The token must match a token placed in the CTS in order for the request
* to proceed.
*
* @param context Non null
* @param request Non null
* @param realm Non null
*/
private Promise<ActionResponse, ResourceException> anonymousUpdate(final Context context, final ActionRequest request, final String realm) {
final String tokenID;
String confirmationId;
String username;
String nwpassword;
final JsonValue jVal = request.getContent();
try {
tokenID = jVal.get(TOKEN_ID).asString();
jVal.remove(TOKEN_ID);
confirmationId = jVal.get(CONFIRMATION_ID).asString();
jVal.remove(CONFIRMATION_ID);
username = jVal.get(USERNAME).asString();
nwpassword = jVal.get("userpassword").asString();
if (username == null || username.isEmpty()) {
throw new BadRequestException("username not provided");
}
if (nwpassword == null || username.isEmpty()) {
throw new BadRequestException("new password not provided");
}
validateToken(tokenID, realm, username, confirmationId);
// update Identity
SSOToken admin = RestUtils.getToken();
// Update instance with new password value
return updateInstance(admin, jVal, realm).thenAsync(new AsyncFunction<ActionResponse, ActionResponse, ResourceException>() {
@Override
public Promise<ActionResponse, ResourceException> apply(ActionResponse response) {
// Only remove the token if the update was successful, errors will be set in the handler.
try {
// Even though the generated token will eventually timeout, delete it after a successful read
// so that the reset password request cannot be made again using the same token.
CTSHolder.getCTS().deleteAsync(tokenID);
} catch (DeleteFailedException e) {
// reading and deleting, the token has expired.
if (debug.messageEnabled()) {
debug.message("Deleting token " + tokenID + " after a successful " + "read failed due to " + e.getMessage(), e);
}
} catch (CoreTokenException cte) {
// For any unexpected CTS error
debug.error("Error performing anonymousUpdate", cte);
return new InternalServerErrorException(cte.getMessage(), cte).asPromise();
}
return newResultPromise(response);
}
});
} catch (BadRequestException bre) {
// For any malformed request.
debug.warning("Bad request received for anonymousUpdate " + bre.getMessage());
return bre.asPromise();
} catch (ResourceException re) {
debug.warning("Error performing anonymousUpdate", re);
return re.asPromise();
} catch (CoreTokenException cte) {
// For any unexpected CTS error
debug.error("Error performing anonymousUpdate", cte);
return new InternalServerErrorException(cte).asPromise();
}
}
Also used :
Promises.newResultPromise(org.forgerock.util.promise.Promises.newResultPromise)
Promise(org.forgerock.util.promise.Promise)
IdentityRestUtils.getSSOToken(org.forgerock.openam.core.rest.IdentityRestUtils.getSSOToken)
SSOToken(com.iplanet.sso.SSOToken)
DeleteFailedException(org.forgerock.openam.cts.exceptions.DeleteFailedException)
IdentityRestUtils.identityDetailsToJsonValue(org.forgerock.openam.core.rest.IdentityRestUtils.identityDetailsToJsonValue)
JsonValue(org.forgerock.json.JsonValue)
BadRequestException(org.forgerock.json.resource.BadRequestException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException)
ResourceException(org.forgerock.json.resource.ResourceException)
ActionResponse(org.forgerock.json.resource.ActionResponse)
Aggregations
CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)5
DeleteFailedException (org.forgerock.openam.cts.exceptions.DeleteFailedException)5
SSOToken (com.iplanet.sso.SSOToken)4
JsonValue (org.forgerock.json.JsonValue)4
ActionResponse (org.forgerock.json.resource.ActionResponse)4
BadRequestException (org.forgerock.json.resource.BadRequestException)4
InternalServerErrorException (org.forgerock.json.resource.InternalServerErrorException)4
ResourceException (org.forgerock.json.resource.ResourceException)4
Promise (org.forgerock.util.promise.Promise)4
Promises.newResultPromise (org.forgerock.util.promise.Promises.newResultPromise)4
ServiceNotFoundException (com.sun.identity.sm.ServiceNotFoundException)2
Responses.newActionResponse (org.forgerock.json.resource.Responses.newActionResponse)2
IdentityRestUtils.getSSOToken (org.forgerock.openam.core.rest.IdentityRestUtils.getSSOToken)2
IdentityRestUtils.identityDetailsToJsonValue (org.forgerock.openam.core.rest.IdentityRestUtils.identityDetailsToJsonValue)2
ArrayList (java.util.ArrayList)1
Map (java.util.Map)1
TokenFilter (org.forgerock.openam.cts.api.filter.TokenFilter)1
TokenFilterBuilder (org.forgerock.openam.cts.api.filter.TokenFilterBuilder)1
PartialToken (org.forgerock.openam.sm.datalayer.api.query.PartialToken)1
CoreTokenField (org.forgerock.openam.tokens.CoreTokenField)1
