Search in sources :

Example 1 with ProtectedApi

use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.

the class BulkWebService method processBulkOperations.

@javax.ws.rs.POST
@Consumes({ MEDIA_TYPE_SCIM_JSON, MediaType.APPLICATION_JSON })
@Produces({ MEDIA_TYPE_SCIM_JSON + UTF8_CHARSET_FRAGMENT, MediaType.APPLICATION_JSON + UTF8_CHARSET_FRAGMENT })
@HeaderParam("Accept")
@DefaultValue(MEDIA_TYPE_SCIM_JSON)
@ProtectedApi
@ApiOperation(value = "Bulk Operations", notes = "Bulk Operations (https://tools.ietf.org/html/rfc7644#section-3.7)", response = BulkResponse.class)
public Response processBulkOperations(@ApiParam(value = "BulkRequest", required = true) BulkRequest request) {
    Response response = prepareRequest(request, getValueFromHeaders(httpHeaders, "Content-Length"));
    if (response == null) {
        log.debug("Executing web service method. processBulkOperations");
        int i, errors = 0;
        List<BulkOperation> operations = request.getOperations();
        List<BulkOperation> responseOperations = new ArrayList<BulkOperation>();
        Map<String, String> processedBulkIds = new HashMap<String, String>();
        for (i = 0; i < operations.size() && errors < request.getFailOnErrors(); i++) {
            BulkOperation operation = operations.get(i);
            BulkOperation operationResponse = new BulkOperation();
            Response subResponse;
            String method = operation.getMethod();
            String bulkId = operation.getBulkId();
            try {
                String path = operation.getPath();
                BaseScimWebService service = getWSForPath(path);
                String fragment = getFragment(path, service, processedBulkIds);
                Verb verb = Verb.valueOf(method);
                String data = operation.getDataStr();
                if (!verb.equals(DELETE))
                    data = replaceBulkIds(data, processedBulkIds);
                Pair<Response, String> pair = execute(verb, service, data, fragment);
                String idCreated = pair.getSecond();
                subResponse = pair.getFirst();
                int status = subResponse.getStatus();
                if (familyOf(status).equals(SUCCESSFUL)) {
                    if (!verb.equals(DELETE)) {
                        if (verb.equals(POST)) {
                            // Update bulkIds
                            processedBulkIds.put(bulkId, idCreated);
                            fragment = idCreated;
                        }
                        String loc = service.getEndpointUrl() + "/" + fragment;
                        operationResponse.setLocation(loc);
                    }
                } else {
                    operationResponse.setResponse(subResponse.getEntity());
                    errors += familyOf(status).equals(CLIENT_ERROR) || familyOf(status).equals(SERVER_ERROR) ? 1 : 0;
                }
                subResponse.close();
                operationResponse.setStatus(Integer.toString(status));
            } catch (Exception e) {
                log.error(e.getMessage(), e);
                subResponse = getErrorResponse(BAD_REQUEST, ErrorScimType.INVALID_SYNTAX, e.getMessage());
                operationResponse.setStatus(Integer.toString(BAD_REQUEST.getStatusCode()));
                operationResponse.setResponse(subResponse.getEntity());
                errors++;
            }
            operationResponse.setBulkId(bulkId);
            operationResponse.setMethod(method);
            responseOperations.add(operationResponse);
            log.debug("Operation {} processed with status {}. Method {}, Accumulated errors {}", i + 1, operationResponse.getStatus(), method, errors);
        }
        try {
            BulkResponse bulkResponse = new BulkResponse();
            bulkResponse.setOperations(responseOperations);
            String json = mapper.writeValueAsString(bulkResponse);
            response = Response.ok(json).build();
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            response = getErrorResponse(INTERNAL_SERVER_ERROR, e.getMessage());
        }
    }
    return response;
}
Also used : HashMap(java.util.HashMap) BulkOperation(org.gluu.oxtrust.model.scim2.bulk.BulkOperation) ArrayList(java.util.ArrayList) BulkResponse(org.gluu.oxtrust.model.scim2.bulk.BulkResponse) Response(javax.ws.rs.core.Response) BulkResponse(org.gluu.oxtrust.model.scim2.bulk.BulkResponse) DefaultValue(javax.ws.rs.DefaultValue) HeaderParam(javax.ws.rs.HeaderParam) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi)

Example 2 with ProtectedApi

use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.

the class FidoDeviceWebService method searchDevices.

@GET
@Produces({ MEDIA_TYPE_SCIM_JSON + UTF8_CHARSET_FRAGMENT, MediaType.APPLICATION_JSON + UTF8_CHARSET_FRAGMENT })
@HeaderParam("Accept")
@DefaultValue(MEDIA_TYPE_SCIM_JSON)
@ProtectedApi
@RefAdjusted
@ApiOperation(value = "Search devices", notes = "Returns a list of devices", response = ListResponse.class)
public Response searchDevices(@QueryParam("userId") String userId, @QueryParam(QUERY_PARAM_FILTER) String filter, @QueryParam(QUERY_PARAM_START_INDEX) Integer startIndex, @QueryParam(QUERY_PARAM_COUNT) Integer count, @QueryParam(QUERY_PARAM_SORT_BY) String sortBy, @QueryParam(QUERY_PARAM_SORT_ORDER) String sortOrder, @QueryParam(QUERY_PARAM_ATTRIBUTES) String attrsList, @QueryParam(QUERY_PARAM_EXCLUDED_ATTRS) String excludedAttrsList) {
    Response response;
    try {
        log.debug("Executing web service method. searchDevices");
        sortBy = translateSortByAttribute(FidoDeviceResource.class, sortBy);
        ListViewResponse<BaseScimResource> resources = searchDevices(userId, filter, sortBy, SortOrder.getByValue(sortOrder), startIndex, count, endpointUrl);
        String json = getListResponseSerialized(resources.getTotalResults(), startIndex, resources.getResult(), attrsList, excludedAttrsList, count == 0);
        response = Response.ok(json).location(new URI(endpointUrl)).build();
    } catch (SCIMException e) {
        log.error(e.getMessage(), e);
        response = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.INVALID_FILTER, e.getMessage());
    } catch (Exception e) {
        log.error("Failure at searchDevices method", e);
        response = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e.getMessage());
    }
    return response;
}
Also used : ListResponse(org.gluu.oxtrust.model.scim2.ListResponse) Response(javax.ws.rs.core.Response) ListViewResponse(org.gluu.persist.model.ListViewResponse) SCIMException(org.gluu.oxtrust.model.exception.SCIMException) FidoDeviceResource(org.gluu.oxtrust.model.scim2.fido.FidoDeviceResource) BaseScimResource(org.gluu.oxtrust.model.scim2.BaseScimResource) URI(java.net.URI) SCIMException(org.gluu.oxtrust.model.exception.SCIMException) InvalidAttributeValueException(javax.management.InvalidAttributeValueException) DefaultValue(javax.ws.rs.DefaultValue) HeaderParam(javax.ws.rs.HeaderParam) RefAdjusted(org.gluu.oxtrust.service.scim2.interceptor.RefAdjusted) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi)

Example 3 with ProtectedApi

use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.

the class FidoDeviceWebService method searchDevicesPost.

@Path(SEARCH_SUFFIX)
@POST
@Consumes({ MEDIA_TYPE_SCIM_JSON, MediaType.APPLICATION_JSON })
@Produces({ MEDIA_TYPE_SCIM_JSON + UTF8_CHARSET_FRAGMENT, MediaType.APPLICATION_JSON + UTF8_CHARSET_FRAGMENT })
@HeaderParam("Accept")
@DefaultValue(MEDIA_TYPE_SCIM_JSON)
@ProtectedApi
@RefAdjusted
@ApiOperation(value = "Search devices POST /.search", notes = "Returns a list of fido devices", response = ListResponse.class)
public Response searchDevicesPost(SearchRequest searchRequest, @QueryParam("userId") String userId) {
    log.debug("Executing web service method. searchDevicesPost");
    URI uri = null;
    Response response = searchDevices(userId, searchRequest.getFilter(), searchRequest.getStartIndex(), searchRequest.getCount(), searchRequest.getSortBy(), searchRequest.getSortOrder(), searchRequest.getAttributesStr(), searchRequest.getExcludedAttributesStr());
    try {
        uri = new URI(endpointUrl + "/" + SEARCH_SUFFIX);
    } catch (Exception e) {
        log.error(e.getMessage(), e);
    }
    return Response.fromResponse(response).location(uri).build();
}
Also used : ListResponse(org.gluu.oxtrust.model.scim2.ListResponse) Response(javax.ws.rs.core.Response) ListViewResponse(org.gluu.persist.model.ListViewResponse) URI(java.net.URI) SCIMException(org.gluu.oxtrust.model.exception.SCIMException) InvalidAttributeValueException(javax.management.InvalidAttributeValueException) Path(javax.ws.rs.Path) DefaultValue(javax.ws.rs.DefaultValue) HeaderParam(javax.ws.rs.HeaderParam) RefAdjusted(org.gluu.oxtrust.service.scim2.interceptor.RefAdjusted) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi)

Example 4 with ProtectedApi

use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.

the class GroupWebService method updateGroup.

/**
 * This implementation differs from spec in the following aspects:
 * - Passing a null value for an attribute, does not modify the attribute in the destination, however passing an
 * empty array for a multivalued attribute does clear the attribute. Thus, to clear single-valued attribute, PATCH
 * operation should be used
 */
@Path("{id}")
@PUT
@Consumes({ MEDIA_TYPE_SCIM_JSON, MediaType.APPLICATION_JSON })
@Produces({ MEDIA_TYPE_SCIM_JSON + UTF8_CHARSET_FRAGMENT, MediaType.APPLICATION_JSON + UTF8_CHARSET_FRAGMENT })
@HeaderParam("Accept")
@DefaultValue(MEDIA_TYPE_SCIM_JSON)
@ProtectedApi
@RefAdjusted
@ApiOperation(value = "Update group", notes = "Update group (https://tools.ietf.org/html/rfc7644#section-3.5.1)", response = GroupResource.class)
public Response updateGroup(@ApiParam(value = "Group", required = true) GroupResource group, @PathParam("id") String id, @QueryParam(QUERY_PARAM_ATTRIBUTES) String attrsList, @QueryParam(QUERY_PARAM_EXCLUDED_ATTRS) String excludedAttrsList) {
    Response response;
    try {
        log.debug("Executing web service method. updateGroup");
        GroupResource updatedResource = scim2GroupService.updateGroup(id, group, endpointUrl, userWebService.getEndpointUrl());
        String json = resourceSerializer.serialize(updatedResource, attrsList, excludedAttrsList);
        response = Response.ok(new URI(updatedResource.getMeta().getLocation())).entity(json).build();
    } catch (InvalidAttributeValueException e) {
        log.error(e.getMessage());
        response = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.MUTABILITY, e.getMessage());
    } catch (Exception e) {
        log.error("Failure at updateGroup method", e);
        response = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e.getMessage());
    }
    return response;
}
Also used : ListResponse(org.gluu.oxtrust.model.scim2.ListResponse) Response(javax.ws.rs.core.Response) ListViewResponse(org.gluu.persist.model.ListViewResponse) URI(java.net.URI) InvalidAttributeValueException(javax.management.InvalidAttributeValueException) GroupResource(org.gluu.oxtrust.model.scim2.group.GroupResource) SCIMException(org.gluu.oxtrust.model.exception.SCIMException) InvalidAttributeValueException(javax.management.InvalidAttributeValueException) Path(javax.ws.rs.Path) DefaultValue(javax.ws.rs.DefaultValue) HeaderParam(javax.ws.rs.HeaderParam) RefAdjusted(org.gluu.oxtrust.service.scim2.interceptor.RefAdjusted) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi) PUT(javax.ws.rs.PUT)

Example 5 with ProtectedApi

use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.

the class GroupWebService method searchGroups.

@GET
@Produces({ MEDIA_TYPE_SCIM_JSON + UTF8_CHARSET_FRAGMENT, MediaType.APPLICATION_JSON + UTF8_CHARSET_FRAGMENT })
@HeaderParam("Accept")
@DefaultValue(MEDIA_TYPE_SCIM_JSON)
@ProtectedApi
@RefAdjusted
@ApiOperation(value = "Search groups", notes = "Returns a list of groups (https://tools.ietf.org/html/rfc7644#section-3.4.2.2)", response = ListResponse.class)
public Response searchGroups(@QueryParam(QUERY_PARAM_FILTER) String filter, @QueryParam(QUERY_PARAM_START_INDEX) Integer startIndex, @QueryParam(QUERY_PARAM_COUNT) Integer count, @QueryParam(QUERY_PARAM_SORT_BY) String sortBy, @QueryParam(QUERY_PARAM_SORT_ORDER) String sortOrder, @QueryParam(QUERY_PARAM_ATTRIBUTES) String attrsList, @QueryParam(QUERY_PARAM_EXCLUDED_ATTRS) String excludedAttrsList) {
    Response response;
    try {
        log.debug("Executing web service method. searchGroups");
        sortBy = translateSortByAttribute(GroupResource.class, sortBy);
        ListViewResponse<BaseScimResource> resources = scim2GroupService.searchGroups(filter, sortBy, SortOrder.getByValue(sortOrder), startIndex, count, endpointUrl, userWebService.getEndpointUrl(), getMaxCount());
        String json = getListResponseSerialized(resources.getTotalResults(), startIndex, resources.getResult(), attrsList, excludedAttrsList, count == 0);
        response = Response.ok(json).location(new URI(endpointUrl)).build();
    } catch (SCIMException e) {
        log.error(e.getMessage(), e);
        response = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.INVALID_FILTER, e.getMessage());
    } catch (Exception e) {
        log.error("Failure at searchGroups method", e);
        response = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e.getMessage());
    }
    return response;
}
Also used : ListResponse(org.gluu.oxtrust.model.scim2.ListResponse) Response(javax.ws.rs.core.Response) ListViewResponse(org.gluu.persist.model.ListViewResponse) SCIMException(org.gluu.oxtrust.model.exception.SCIMException) BaseScimResource(org.gluu.oxtrust.model.scim2.BaseScimResource) URI(java.net.URI) GroupResource(org.gluu.oxtrust.model.scim2.group.GroupResource) SCIMException(org.gluu.oxtrust.model.exception.SCIMException) InvalidAttributeValueException(javax.management.InvalidAttributeValueException) DefaultValue(javax.ws.rs.DefaultValue) HeaderParam(javax.ws.rs.HeaderParam) RefAdjusted(org.gluu.oxtrust.service.scim2.interceptor.RefAdjusted) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi)

Aggregations

ProtectedApi (org.gluu.oxtrust.service.filter.ProtectedApi)75 Operation (io.swagger.v3.oas.annotations.Operation)50 ApiResponses (io.swagger.v3.oas.annotations.responses.ApiResponses)47 ApiOperation (com.wordnik.swagger.annotations.ApiOperation)21 Produces (javax.ws.rs.Produces)21 Response (javax.ws.rs.core.Response)21 ArrayList (java.util.ArrayList)20 DefaultValue (javax.ws.rs.DefaultValue)20 HeaderParam (javax.ws.rs.HeaderParam)20 ListResponse (org.gluu.oxtrust.model.scim2.ListResponse)20 InvalidAttributeValueException (javax.management.InvalidAttributeValueException)19 SCIMException (org.gluu.oxtrust.model.exception.SCIMException)19 ListViewResponse (org.gluu.persist.model.ListViewResponse)19 URI (java.net.URI)17 RefAdjusted (org.gluu.oxtrust.service.scim2.interceptor.RefAdjusted)17 Path (javax.ws.rs.Path)16 Consumes (javax.ws.rs.Consumes)11 GluuGroup (org.gluu.oxtrust.model.GluuGroup)10 OxAuthClient (org.gluu.oxtrust.model.OxAuthClient)10 Scope (org.oxauth.persistence.model.Scope)10