Search in sources :

Example 1 with TokenIdGenerationException

use of org.forgerock.openam.sts.TokenIdGenerationException in project OpenAM by OpenRock.

the class CTSTokenIdGeneratorImpl method generateSAML2AssertionId.

/**
     * Note that this method must handle both the case where the assertion is encrypted, and unencrypted. In the unencrypted
     * case, the ID attribute of the Assertion element can be used as the id. In the encrypted case no such ID is available,
     * as the assertion is encrypted. For encrypted assertions, the encrypted assertion data, a base64 string at
     * EncryptedAssertion->EncryptedData->CipherData->CipherValue, will be used as the input to generate a SHA-1 digest.
     */
private String generateSAML2AssertionId(String saml2Assertion) throws TokenIdGenerationException {
    Element samlTokenElement = xmlUtilities.stringToDocumentConversion(saml2Assertion).getDocumentElement();
    final String localName = samlTokenElement.getLocalName();
    if (ASSERTION_LOCAL_NAME.equals(localName)) {
        return generateIdentifierFromUnencryptedSAML2Assertion(samlTokenElement);
    } else if (ENCRYPTED_ASSERTION_LOCAL_NAME.equals(localName)) {
        return generateIdentifierFromEncryptedSAML2Assertion(samlTokenElement);
    } else {
        throw new TokenIdGenerationException(ResourceException.BAD_REQUEST, "Unexpected local name in to-be-validated SAML2 assertion: " + localName);
    }
}
Also used : TokenIdGenerationException(org.forgerock.openam.sts.TokenIdGenerationException) Element(org.w3c.dom.Element)

Example 2 with TokenIdGenerationException

use of org.forgerock.openam.sts.TokenIdGenerationException in project OpenAM by OpenRock.

the class CTSTokenPersistenceImpl method persistToken.

@Override
public void persistToken(String stsId, TokenType tokenType, String tokenString, String subjectId, long issueInstantMillis, long tokenLifetimeSeconds) throws CTSTokenPersistenceException {
    try {
        final String tokenId = ctsTokenIdGenerator.generateTokenId(tokenType, tokenString);
        final Token ctsToken = generateToken(stsId, tokenString.getBytes(AMSTSConstants.UTF_8_CHARSET_ID), tokenId, subjectId, issueInstantMillis, tokenLifetimeSeconds, tokenType);
        ctsPersistentStore.create(ctsToken);
    } catch (TokenIdGenerationException e) {
        throw new CTSTokenPersistenceException(e.getCode(), "Exception caught generating id for CTS-persisted " + tokenType + "  token: " + e.getMessage(), e);
    } catch (UnsupportedEncodingException e) {
        throw new CTSTokenPersistenceException(ResourceException.INTERNAL_ERROR, "Exception caught getting byte[] " + "representation of issued " + tokenType + " token for CTS persistence: " + e, e);
    } catch (CoreTokenException e) {
        throw new CTSTokenPersistenceException(ResourceException.INTERNAL_ERROR, "Exception caught persisting issued " + tokenType + " token in the CTS: " + e.getMessage(), e);
    }
}
Also used : TokenIdGenerationException(org.forgerock.openam.sts.TokenIdGenerationException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) CoreTokenException(org.forgerock.openam.cts.exceptions.CoreTokenException) Token(org.forgerock.openam.cts.api.tokens.Token) PartialToken(org.forgerock.openam.sm.datalayer.api.query.PartialToken) CTSTokenPersistenceException(org.forgerock.openam.sts.CTSTokenPersistenceException)

Aggregations

TokenIdGenerationException (org.forgerock.openam.sts.TokenIdGenerationException)2 UnsupportedEncodingException (java.io.UnsupportedEncodingException)1 Token (org.forgerock.openam.cts.api.tokens.Token)1 CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)1 PartialToken (org.forgerock.openam.sm.datalayer.api.query.PartialToken)1 CTSTokenPersistenceException (org.forgerock.openam.sts.CTSTokenPersistenceException)1 Element (org.w3c.dom.Element)1