Search in sources :

Example 46 with ProtectedApi

use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.

the class UserWebService method updateUser.

/**
 * This implementation differs from spec in the following aspects:
 * - Passing a null value for an attribute, does not modify the attribute in the destination, however passing an
 * empty array for a multivalued attribute does clear the attribute. Thus, to clear single-valued attribute, PATCH
 * operation should be used
 */
@Path("{id}")
@PUT
@Consumes({ MEDIA_TYPE_SCIM_JSON, MediaType.APPLICATION_JSON })
@Produces({ MEDIA_TYPE_SCIM_JSON + UTF8_CHARSET_FRAGMENT, MediaType.APPLICATION_JSON + UTF8_CHARSET_FRAGMENT })
@HeaderParam("Accept")
@DefaultValue(MEDIA_TYPE_SCIM_JSON)
@ProtectedApi
@RefAdjusted
@ApiOperation(value = "Update user", notes = "Update user (https://tools.ietf.org/html/rfc7644#section-3.5.1)", response = UserResource.class)
public Response updateUser(@ApiParam(value = "User", required = true) UserResource user, @PathParam("id") String id, @QueryParam(QUERY_PARAM_ATTRIBUTES) String attrsList, @QueryParam(QUERY_PARAM_EXCLUDED_ATTRS) String excludedAttrsList) {
    Response response;
    try {
        log.debug("Executing web service method. updateUser");
        UserResource updatedResource = scim2UserService.updateUser(id, user, endpointUrl);
        String json = resourceSerializer.serialize(updatedResource, attrsList, excludedAttrsList);
        response = Response.ok(new URI(updatedResource.getMeta().getLocation())).entity(json).build();
    } catch (InvalidAttributeValueException e) {
        log.error(e.getMessage());
        response = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.MUTABILITY, e.getMessage());
    } catch (Exception e) {
        log.error("Failure at updateUser method", e);
        response = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e.getMessage());
    }
    return response;
}
Also used : ListResponse(org.gluu.oxtrust.model.scim2.ListResponse) Response(javax.ws.rs.core.Response) ListViewResponse(org.gluu.persist.model.ListViewResponse) UserResource(org.gluu.oxtrust.model.scim2.user.UserResource) URI(java.net.URI) InvalidAttributeValueException(javax.management.InvalidAttributeValueException) SCIMException(org.gluu.oxtrust.model.exception.SCIMException) InvalidAttributeValueException(javax.management.InvalidAttributeValueException) Path(javax.ws.rs.Path) DefaultValue(javax.ws.rs.DefaultValue) HeaderParam(javax.ws.rs.HeaderParam) RefAdjusted(org.gluu.oxtrust.service.scim2.interceptor.RefAdjusted) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) ApiOperation(com.wordnik.swagger.annotations.ApiOperation) ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi) PUT(javax.ws.rs.PUT)

Example 47 with ProtectedApi

use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.

the class PassportRestWebService method getPassportConfig.

@GET
@Produces({ MediaType.APPLICATION_JSON })
@ProtectedApi
public Response getPassportConfig() {
    Status status;
    String jsonResponse;
    try {
        Object obj = Optional.ofNullable(passportService.loadConfigurationFromLdap()).map(LdapOxPassportConfiguration::getPassportConfiguration).map(Object.class::cast).orElse(Collections.emptyMap());
        jsonResponse = jsonService.objectToPerttyJson(obj);
        status = Status.OK;
    } catch (Exception e) {
        jsonResponse = "Failed to prepare configuration: " + e.getMessage();
        status = Status.INTERNAL_SERVER_ERROR;
        log.error(e.getMessage(), e);
    }
    log.trace("Passport endpoint config response is\n{}", jsonResponse);
    return Response.status(status).entity(jsonResponse).build();
}
Also used : Status(javax.ws.rs.core.Response.Status) LdapOxPassportConfiguration(org.gluu.config.oxtrust.LdapOxPassportConfiguration) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi)

Example 48 with ProtectedApi

use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.

the class ClientWebResource method removeScopeToClient.

@DELETE
@Path(ApiConstants.INUM_PARAM_PATH + ApiConstants.SCOPES + ApiConstants.SCOPE_INUM_PARAM_PATH)
@Operation(summary = "Remove OIDC client scope", description = "Remove an existing scope from client")
@ApiResponses(value = { @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Scope[].class)), description = "Success"), @ApiResponse(responseCode = "500", description = "Server error") })
@ProtectedApi(scopes = { WRITE_ACCESS })
public Response removeScopeToClient(@PathParam(ApiConstants.INUM) @NotNull String inum, @PathParam(ApiConstants.SCOPE_INUM) @NotNull String sinum) {
    log(logger, "remove scope to client");
    try {
        OxAuthClient client = clientService.getClientByInum(inum);
        Scope scope = scopeService.getScopeByInum(sinum);
        Objects.requireNonNull(client);
        Objects.requireNonNull(scope);
        if (client != null && scope != null) {
            List<String> scopes = new ArrayList<String>(client.getOxAuthScopes());
            scopes.remove(scopeService.getDnForScope(scope.getInum()));
            client.setOxAuthScopes(scopes);
            clientService.updateClient(client);
            return Response.ok(scopes).build();
        } else {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
    } catch (Exception e) {
        log(logger, e);
        return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
    }
}
Also used : Scope(org.oxauth.persistence.model.Scope) OxAuthClient(org.gluu.oxtrust.model.OxAuthClient) ArrayList(java.util.ArrayList) ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi) Operation(io.swagger.v3.oas.annotations.Operation) ApiResponses(io.swagger.v3.oas.annotations.responses.ApiResponses)

Example 49 with ProtectedApi

use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.

the class CustomScriptWebResource method updateCustomScript.

@PUT
@Operation(summary = "Update custom script", description = "Update custom script")
@ApiResponses(value = { @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = CustomScript.class)), description = "Success"), @ApiResponse(responseCode = "500", description = "Server error") })
@ProtectedApi(scopes = { WRITE_ACCESS })
public Response updateCustomScript(CustomScript customScript) {
    try {
        Objects.requireNonNull(customScript, "Attempt to update null custom script");
        String inum = customScript.getInum();
        log(logger, "Update custom script " + inum);
        CustomScript existingScript = customScriptService.getScriptByInum(customScript.getInum());
        if (existingScript != null) {
            customScript.setInum(existingScript.getInum());
            customScriptService.update(customScript);
            return Response.ok().build();
        } else {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
    } catch (Exception e) {
        log(logger, e);
        return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
    }
}
Also used : CustomScript(org.gluu.model.custom.script.model.CustomScript) ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi) Operation(io.swagger.v3.oas.annotations.Operation) PUT(javax.ws.rs.PUT) ApiResponses(io.swagger.v3.oas.annotations.responses.ApiResponses)

Example 50 with ProtectedApi

use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.

the class LDAPAuthenticationWebResource method updateLdapConfiguration.

@PUT
@Operation(summary = "Update existing configuration", description = "Update an existing configuration")
@ApiResponses(value = { @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = LdapConfigurationDTO.class)), description = "Success"), @ApiResponse(responseCode = "404", description = "Not found") })
@ProtectedApi(scopes = { WRITE_ACCESS })
public Response updateLdapConfiguration(@Valid LdapConfigurationDTO ldapConfiguration) {
    log(logger, "Update an existing configuration");
    try {
        GluuLdapConfiguration gluuLdapConfiguration = withVersion(ldapConfiguration);
        ldapConfigurationService.update(gluuLdapConfiguration);
        return Response.ok(read(ldapConfiguration.getConfigId())).build();
    } catch (Exception e) {
        log(logger, e);
        return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
    }
}
Also used : GluuLdapConfiguration(org.gluu.model.ldap.GluuLdapConfiguration) LdapConfigurationDuplicatedException(org.gluu.oxtrust.api.server.util.LdapConfigurationDuplicatedException) ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi) Operation(io.swagger.v3.oas.annotations.Operation) ApiResponses(io.swagger.v3.oas.annotations.responses.ApiResponses)

Aggregations

ProtectedApi (org.gluu.oxtrust.service.filter.ProtectedApi)75 Operation (io.swagger.v3.oas.annotations.Operation)50 ApiResponses (io.swagger.v3.oas.annotations.responses.ApiResponses)47 ApiOperation (com.wordnik.swagger.annotations.ApiOperation)21 Produces (javax.ws.rs.Produces)21 Response (javax.ws.rs.core.Response)21 ArrayList (java.util.ArrayList)20 DefaultValue (javax.ws.rs.DefaultValue)20 HeaderParam (javax.ws.rs.HeaderParam)20 ListResponse (org.gluu.oxtrust.model.scim2.ListResponse)20 InvalidAttributeValueException (javax.management.InvalidAttributeValueException)19 SCIMException (org.gluu.oxtrust.model.exception.SCIMException)19 ListViewResponse (org.gluu.persist.model.ListViewResponse)19 URI (java.net.URI)17 RefAdjusted (org.gluu.oxtrust.service.scim2.interceptor.RefAdjusted)17 Path (javax.ws.rs.Path)16 Consumes (javax.ws.rs.Consumes)11 GluuGroup (org.gluu.oxtrust.model.GluuGroup)10 OxAuthClient (org.gluu.oxtrust.model.OxAuthClient)10 Scope (org.oxauth.persistence.model.Scope)10