Example 1 with TokenIdGenerationException
use of org.forgerock.openam.sts.TokenIdGenerationException in project OpenAM by OpenRock.
the class CTSTokenIdGeneratorImpl method generateSAML2AssertionId.
/**
* Note that this method must handle both the case where the assertion is encrypted, and unencrypted. In the unencrypted
* case, the ID attribute of the Assertion element can be used as the id. In the encrypted case no such ID is available,
* as the assertion is encrypted. For encrypted assertions, the encrypted assertion data, a base64 string at
* EncryptedAssertion->EncryptedData->CipherData->CipherValue, will be used as the input to generate a SHA-1 digest.
*/
private String generateSAML2AssertionId(String saml2Assertion) throws TokenIdGenerationException {
Element samlTokenElement = xmlUtilities.stringToDocumentConversion(saml2Assertion).getDocumentElement();
final String localName = samlTokenElement.getLocalName();
if (ASSERTION_LOCAL_NAME.equals(localName)) {
return generateIdentifierFromUnencryptedSAML2Assertion(samlTokenElement);
} else if (ENCRYPTED_ASSERTION_LOCAL_NAME.equals(localName)) {
return generateIdentifierFromEncryptedSAML2Assertion(samlTokenElement);
} else {
throw new TokenIdGenerationException(ResourceException.BAD_REQUEST, "Unexpected local name in to-be-validated SAML2 assertion: " + localName);
}
}
Also used :
TokenIdGenerationException(org.forgerock.openam.sts.TokenIdGenerationException)
Element(org.w3c.dom.Element)
Example 2 with TokenIdGenerationException
use of org.forgerock.openam.sts.TokenIdGenerationException in project OpenAM by OpenRock.
the class CTSTokenPersistenceImpl method persistToken.
@Override
public void persistToken(String stsId, TokenType tokenType, String tokenString, String subjectId, long issueInstantMillis, long tokenLifetimeSeconds) throws CTSTokenPersistenceException {
try {
final String tokenId = ctsTokenIdGenerator.generateTokenId(tokenType, tokenString);
final Token ctsToken = generateToken(stsId, tokenString.getBytes(AMSTSConstants.UTF_8_CHARSET_ID), tokenId, subjectId, issueInstantMillis, tokenLifetimeSeconds, tokenType);
ctsPersistentStore.create(ctsToken);
} catch (TokenIdGenerationException e) {
throw new CTSTokenPersistenceException(e.getCode(), "Exception caught generating id for CTS-persisted " + tokenType + " token: " + e.getMessage(), e);
} catch (UnsupportedEncodingException e) {
throw new CTSTokenPersistenceException(ResourceException.INTERNAL_ERROR, "Exception caught getting byte[] " + "representation of issued " + tokenType + " token for CTS persistence: " + e, e);
} catch (CoreTokenException e) {
throw new CTSTokenPersistenceException(ResourceException.INTERNAL_ERROR, "Exception caught persisting issued " + tokenType + " token in the CTS: " + e.getMessage(), e);
}
}
Also used :
TokenIdGenerationException(org.forgerock.openam.sts.TokenIdGenerationException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException)
Token(org.forgerock.openam.cts.api.tokens.Token)
PartialToken(org.forgerock.openam.sm.datalayer.api.query.PartialToken)
CTSTokenPersistenceException(org.forgerock.openam.sts.CTSTokenPersistenceException)
Aggregations
TokenIdGenerationException (org.forgerock.openam.sts.TokenIdGenerationException)2
UnsupportedEncodingException (java.io.UnsupportedEncodingException)1
Token (org.forgerock.openam.cts.api.tokens.Token)1
CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)1
PartialToken (org.forgerock.openam.sm.datalayer.api.query.PartialToken)1
CTSTokenPersistenceException (org.forgerock.openam.sts.CTSTokenPersistenceException)1
Element (org.w3c.dom.Element)1
