Example 6 with TokenValidationException
use of org.forgerock.openam.sts.TokenValidationException in project OpenAM by OpenRock.
the class PrincipalFromSessionImpl method parsePrincipalFromResponse.
private Principal parsePrincipalFromResponse(String response) throws TokenValidationException {
JsonValue responseJson;
try {
responseJson = JsonValueBuilder.toJsonValue(response);
} catch (JsonException e) {
String message = "Exception caught getting the text of the json principal from session response: " + e;
throw new TokenValidationException(ResourceException.INTERNAL_ERROR, message, e);
}
JsonValue principalIdJsonValue = responseJson.get(ID);
if (!principalIdJsonValue.isString()) {
String message = "Principal from session response does not contain " + ID + " string entry. The obtained entry: " + principalIdJsonValue.toString() + "; The response: " + responseJson.toString();
throw new TokenValidationException(ResourceException.INTERNAL_ERROR, message);
}
return new STSPrincipal(principalIdJsonValue.asString());
}
Also used :
JsonException(org.forgerock.json.JsonException)
JsonValue(org.forgerock.json.JsonValue)
TokenValidationException(org.forgerock.openam.sts.TokenValidationException)
STSPrincipal(org.forgerock.openam.sts.STSPrincipal)
Example 7 with TokenValidationException
use of org.forgerock.openam.sts.TokenValidationException in project OpenAM by OpenRock.
the class PrincipalFromSessionImpl method obtainPrincipalFromSession.
private Principal obtainPrincipalFromSession(String sessionToUsernameUrl, String sessionId) throws TokenValidationException {
if ((sessionId == null) || sessionId.isEmpty()) {
throw new TokenValidationException(ResourceException.INTERNAL_ERROR, "the sessionId passed to PrincipalFromSession is null or empty.");
}
try {
Map<String, String> headerMap = new HashMap<>();
headerMap.put(AMSTSConstants.COOKIE, amSessionCookieName + AMSTSConstants.EQUALS + sessionId);
headerMap.put(AMSTSConstants.CONTENT_TYPE, AMSTSConstants.APPLICATION_JSON);
headerMap.put(AMSTSConstants.CREST_VERSION_HEADER_KEY, crestVersionUsersService);
HttpURLConnectionWrapper.ConnectionResult connectionResult = httpURLConnectionWrapperFactory.httpURLConnectionWrapper(new URL(sessionToUsernameUrl)).setRequestHeaders(headerMap).setRequestMethod(AMSTSConstants.POST).makeInvocation();
final int responseCode = connectionResult.getStatusCode();
if (responseCode != HttpURLConnection.HTTP_OK) {
throw new TokenValidationException(responseCode, "Non-200 response from posting principal from session request: " + connectionResult.getResult());
} else {
return parsePrincipalFromResponse(connectionResult.getResult());
}
} catch (IOException e) {
throw new TokenValidationException(ResourceException.INTERNAL_ERROR, "Exception caught making principal from session invocation: " + e, e);
}
}
Also used :
HashMap(java.util.HashMap)
HttpURLConnectionWrapper(org.forgerock.openam.sts.HttpURLConnectionWrapper)
IOException(java.io.IOException)
URL(java.net.URL)
TokenValidationException(org.forgerock.openam.sts.TokenValidationException)
Example 8 with TokenValidationException
use of org.forgerock.openam.sts.TokenValidationException in project OpenAM by OpenRock.
the class AMTokenParserImpl method getSessionFromAuthNResponse.
@Override
public String getSessionFromAuthNResponse(String authNResponse) throws TokenValidationException {
JsonValue responseJson;
try {
responseJson = JsonValueBuilder.toJsonValue(authNResponse);
} catch (JsonException e) {
String message = "Exception caught getting the text of the json authN response: " + e;
throw new TokenValidationException(ResourceException.INTERNAL_ERROR, message, e);
}
JsonValue sessionIdJsonValue = responseJson.get(TOKEN_ID);
if (!sessionIdJsonValue.isString()) {
String message = "REST authN response does not contain " + TOKEN_ID + " string entry. The obtained entry: " + sessionIdJsonValue.toString() + "; The response: " + responseJson.toString();
throw new TokenValidationException(ResourceException.INTERNAL_ERROR, message);
}
return sessionIdJsonValue.asString();
}
Also used :
JsonException(org.forgerock.json.JsonException)
JsonValue(org.forgerock.json.JsonValue)
TokenValidationException(org.forgerock.openam.sts.TokenValidationException)
Example 9 with TokenValidationException
use of org.forgerock.openam.sts.TokenValidationException in project OpenAM by OpenRock.
the class SoapUsernameTokenAuthenticationRequestDispatcher method dispatch.
@Override
public String dispatch(URL url, AuthTargetMapping.AuthTarget target, UsernameToken token) throws TokenValidationException {
try {
Map<String, String> headerMap = new HashMap<>();
headerMap.put(AMSTSConstants.CONTENT_TYPE, AMSTSConstants.APPLICATION_JSON);
headerMap.put(AMSTSConstants.CREST_VERSION_HEADER_KEY, crestVersionAuthNService);
headerMap.put(AMSTSConstants.AM_REST_AUTHN_USERNAME_HEADER, token.getName());
headerMap.put(AMSTSConstants.AM_REST_AUTHN_PASSWORD_HEADER, token.getPassword());
HttpURLConnectionWrapper.ConnectionResult connectionResult = httpURLConnectionWrapperFactory.httpURLConnectionWrapper(url).setRequestHeaders(headerMap).setRequestMethod(AMSTSConstants.POST).makeInvocation();
final int responseCode = connectionResult.getStatusCode();
if (responseCode != HttpURLConnection.HTTP_OK) {
throw new TokenValidationException(responseCode, "Non-200 response from posting Username token " + "to rest authN: " + connectionResult.getResult());
} else {
return connectionResult.getResult();
}
} catch (IOException e) {
throw new TokenValidationException(ResourceException.INTERNAL_ERROR, "Exception caught posting UsernameToken to rest authN: " + e, e);
}
}
Also used :
HashMap(java.util.HashMap)
HttpURLConnectionWrapper(org.forgerock.openam.sts.HttpURLConnectionWrapper)
IOException(java.io.IOException)
TokenValidationException(org.forgerock.openam.sts.TokenValidationException)
Example 10 with TokenValidationException
use of org.forgerock.openam.sts.TokenValidationException in project OpenAM by OpenRock.
the class OpenAMWSSUsernameTokenValidator method verifyPlaintextPassword.
@Override
protected void verifyPlaintextPassword(UsernameToken usernameToken, RequestData data) throws WSSecurityException {
try {
final String sessionId = authenticationHandler.authenticate(usernameToken, TokenType.USERNAME);
threadLocalAMTokenCache.cacheSessionIdForContext(validationInvocationContext, sessionId, invalidateOpenAMSession);
} catch (TokenValidationException e) {
String message = "Exception caught authenticating UsernameToken with OpenAM: " + e;
logger.error(message, e);
throw new WSSecurityException(message, e);
}
}
Also used :
WSSecurityException(org.apache.ws.security.WSSecurityException)
TokenValidationException(org.forgerock.openam.sts.TokenValidationException)
Aggregations
TokenValidationException (org.forgerock.openam.sts.TokenValidationException)17
IOException (java.io.IOException)7
HttpURLConnectionWrapper (org.forgerock.openam.sts.HttpURLConnectionWrapper)7
HashMap (java.util.HashMap)6
URL (java.net.URL)3
WSSecurityException (org.apache.ws.security.WSSecurityException)3
JsonException (org.forgerock.json.JsonException)2
JsonValue (org.forgerock.json.JsonValue)2
TokenTypeId (org.forgerock.openam.sts.TokenTypeId)2
MalformedURLException (java.net.MalformedURLException)1
Principal (java.security.Principal)1
CertificateEncodingException (java.security.cert.CertificateEncodingException)1
X509Certificate (java.security.cert.X509Certificate)1
ReceivedToken (org.apache.cxf.sts.request.ReceivedToken)1
TokenDelegationResponse (org.apache.cxf.sts.token.delegation.TokenDelegationResponse)1
TokenValidatorResponse (org.apache.cxf.sts.token.validator.TokenValidatorResponse)1
STSException (org.apache.cxf.ws.security.sts.provider.STSException)1
WSSecurityEngineResult (org.apache.ws.security.WSSecurityEngineResult)1
BinarySecurity (org.apache.ws.security.message.token.BinarySecurity)1
InternalServerErrorException (org.forgerock.json.resource.InternalServerErrorException)1
