Search in sources :

Example 6 with TokenMarshalException

use of org.forgerock.openam.sts.TokenMarshalException in project OpenAM by OpenRock.

the class SAML2TokenCreationState method fromJson.

public static SAML2TokenCreationState fromJson(JsonValue jsonValue) throws TokenMarshalException {
    String subjectConfirmationString = jsonValue.get(SUBJECT_CONFIRMATION).asString();
    if (subjectConfirmationString == null) {
        throw new TokenMarshalException(ResourceException.BAD_REQUEST, "Value corresponding to " + SUBJECT_CONFIRMATION + " key is null");
    }
    SAML2SubjectConfirmation saml2SubjectConfirmation;
    try {
        saml2SubjectConfirmation = SAML2SubjectConfirmation.valueOf(subjectConfirmationString);
    } catch (IllegalArgumentException e) {
        throw new TokenMarshalException(ResourceException.BAD_REQUEST, "Invalid subject confirmation type specified.");
    }
    SAML2TokenStateBuilder builder = SAML2TokenCreationState.builder().saml2SubjectConfirmation(saml2SubjectConfirmation);
    JsonValue jsonProofToken = jsonValue.get(PROOF_TOKEN_STATE);
    if (!jsonProofToken.isNull()) {
        builder.proofTokenState(ProofTokenState.fromJson(jsonProofToken));
    }
    return builder.build();
}
Also used : SAML2SubjectConfirmation(org.forgerock.openam.sts.token.SAML2SubjectConfirmation) TokenMarshalException(org.forgerock.openam.sts.TokenMarshalException) JsonValue(org.forgerock.json.JsonValue)

Example 7 with TokenMarshalException

use of org.forgerock.openam.sts.TokenMarshalException in project OpenAM by OpenRock.

the class TokenRequestMarshallerImpl method buildOpenIdConnectIssuedTokenValidatorParameters.

private RestIssuedTokenValidatorParameters<OpenIdConnectIdToken> buildOpenIdConnectIssuedTokenValidatorParameters(JsonValue receivedToken) throws TokenMarshalException {
    if (!receivedToken.get(AMSTSConstants.OPEN_ID_CONNECT_ID_TOKEN_KEY).isString()) {
        String message = "Exception: json representation of a to-be-validated OIDC token does not contain a " + AMSTSConstants.OPEN_ID_CONNECT_ID_TOKEN_KEY + " field containing the " + "to-be-validated token. The representation: " + receivedToken;
        throw new TokenMarshalException(ResourceException.BAD_REQUEST, message);
    } else {
        final String tokenValue = receivedToken.get(AMSTSConstants.OPEN_ID_CONNECT_ID_TOKEN_KEY).asString();
        final OpenIdConnectIdToken openIdConnectIdToken = new OpenIdConnectIdToken(tokenValue);
        return new RestIssuedTokenValidatorParameters<OpenIdConnectIdToken>() {

            @Override
            public OpenIdConnectIdToken getInputToken() {
                return openIdConnectIdToken;
            }
        };
    }
}
Also used : RestIssuedTokenValidatorParameters(org.forgerock.openam.sts.rest.token.validator.RestIssuedTokenValidatorParameters) TokenMarshalException(org.forgerock.openam.sts.TokenMarshalException) OpenIdConnectIdToken(org.forgerock.openam.sts.token.model.OpenIdConnectIdToken)

Example 8 with TokenMarshalException

use of org.forgerock.openam.sts.TokenMarshalException in project OpenAM by OpenRock.

the class TokenRequestMarshallerImpl method getTokenType.

@Override
public TokenTypeId getTokenType(JsonValue receivedToken) throws TokenMarshalException {
    JsonValue jsonTokenType = receivedToken.get(AMSTSConstants.TOKEN_TYPE_KEY);
    if (jsonTokenType.isNull() || !jsonTokenType.isString()) {
        String message = "REST STS invocation does not contain " + AMSTSConstants.TOKEN_TYPE_KEY + " String entry. The json token: " + receivedToken;
        throw new TokenMarshalException(ResourceException.BAD_REQUEST, message);
    }
    final String tokenType = jsonTokenType.asString();
    return new TokenTypeId() {

        @Override
        public String getId() {
            return tokenType;
        }
    };
}
Also used : JsonValue(org.forgerock.json.JsonValue) TokenMarshalException(org.forgerock.openam.sts.TokenMarshalException) TokenTypeId(org.forgerock.openam.sts.TokenTypeId)

Example 9 with TokenMarshalException

use of org.forgerock.openam.sts.TokenMarshalException in project OpenAM by OpenRock.

the class TokenRequestMarshallerImpl method buildOpenIdConnectIssuedTokenCancellerParameters.

private RestIssuedTokenCancellerParameters<OpenIdConnectIdToken> buildOpenIdConnectIssuedTokenCancellerParameters(JsonValue receivedToken) throws TokenMarshalException {
    if (!receivedToken.get(AMSTSConstants.OPEN_ID_CONNECT_ID_TOKEN_KEY).isString()) {
        String message = "Exception: json representation of a to-be-cancelled OIDC token does not contain a " + AMSTSConstants.OPEN_ID_CONNECT_ID_TOKEN_KEY + " field containing the " + "to-be-cancelled token. The representation: " + receivedToken;
        throw new TokenMarshalException(ResourceException.BAD_REQUEST, message);
    } else {
        final String tokenValue = receivedToken.get(AMSTSConstants.OPEN_ID_CONNECT_ID_TOKEN_KEY).asString();
        final OpenIdConnectIdToken openIdConnectIdToken = new OpenIdConnectIdToken(tokenValue);
        return new RestIssuedTokenCancellerParameters<OpenIdConnectIdToken>() {

            @Override
            public OpenIdConnectIdToken getInputToken() {
                return openIdConnectIdToken;
            }
        };
    }
}
Also used : TokenMarshalException(org.forgerock.openam.sts.TokenMarshalException) OpenIdConnectIdToken(org.forgerock.openam.sts.token.model.OpenIdConnectIdToken) RestIssuedTokenCancellerParameters(org.forgerock.openam.sts.rest.token.canceller.RestIssuedTokenCancellerParameters)

Example 10 with TokenMarshalException

use of org.forgerock.openam.sts.TokenMarshalException in project OpenAM by OpenRock.

the class TokenRequestMarshallerImpl method buildAMSessionTokenTransformValidatorParameters.

private RestTokenTransformValidatorParameters<OpenAMSessionToken> buildAMSessionTokenTransformValidatorParameters(JsonValue receivedToken) throws TokenMarshalException {
    if (!receivedToken.get(AMSTSConstants.AM_SESSION_TOKEN_SESSION_ID).isString()) {
        String message = "Exception: json representation of AM Session Token does not contain a session_id field. " + "The representation: " + receivedToken;
        throw new TokenMarshalException(ResourceException.BAD_REQUEST, message);
    } else {
        final String sessionId = receivedToken.get(AMSTSConstants.AM_SESSION_TOKEN_SESSION_ID).asString();
        final OpenAMSessionToken openAMSessionToken = new OpenAMSessionToken(sessionId);
        return new RestTokenTransformValidatorParameters<OpenAMSessionToken>() {

            @Override
            public OpenAMSessionToken getInputToken() {
                return openAMSessionToken;
            }
        };
    }
}
Also used : OpenAMSessionToken(org.forgerock.openam.sts.token.model.OpenAMSessionToken) RestTokenTransformValidatorParameters(org.forgerock.openam.sts.rest.token.validator.RestTokenTransformValidatorParameters) TokenMarshalException(org.forgerock.openam.sts.TokenMarshalException)

Aggregations

TokenMarshalException (org.forgerock.openam.sts.TokenMarshalException)14 JsonValue (org.forgerock.json.JsonValue)3 RestTokenTransformValidatorParameters (org.forgerock.openam.sts.rest.token.validator.RestTokenTransformValidatorParameters)3 OpenIdConnectIdToken (org.forgerock.openam.sts.token.model.OpenIdConnectIdToken)3 UnsupportedEncodingException (java.io.UnsupportedEncodingException)2 X509Certificate (java.security.cert.X509Certificate)2 RestIssuedTokenCancellerParameters (org.forgerock.openam.sts.rest.token.canceller.RestIssuedTokenCancellerParameters)2 RestIssuedTokenValidatorParameters (org.forgerock.openam.sts.rest.token.validator.RestIssuedTokenValidatorParameters)2 SAML2TokenState (org.forgerock.openam.sts.user.invocation.SAML2TokenState)2 ByteArrayInputStream (java.io.ByteArrayInputStream)1 CertificateException (java.security.cert.CertificateException)1 CertificateFactory (java.security.cert.CertificateFactory)1 ReceivedKey (org.apache.cxf.sts.request.ReceivedKey)1 AMSTSRuntimeException (org.forgerock.openam.sts.AMSTSRuntimeException)1 TokenTypeId (org.forgerock.openam.sts.TokenTypeId)1 OpenIdConnectRestTokenProviderParameters (org.forgerock.openam.sts.rest.operation.translate.OpenIdConnectRestTokenProviderParameters)1 OpenIdConnectTokenCreationState (org.forgerock.openam.sts.rest.token.provider.oidc.OpenIdConnectTokenCreationState)1 SAML2SubjectConfirmation (org.forgerock.openam.sts.token.SAML2SubjectConfirmation)1 OpenAMSessionToken (org.forgerock.openam.sts.token.model.OpenAMSessionToken)1 RestUsernameToken (org.forgerock.openam.sts.token.model.RestUsernameToken)1