use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.
the class UserWebService method updateUser.
/**
* This implementation differs from spec in the following aspects:
* - Passing a null value for an attribute, does not modify the attribute in the destination, however passing an
* empty array for a multivalued attribute does clear the attribute. Thus, to clear single-valued attribute, PATCH
* operation should be used
*/
@Path("{id}")
@PUT
@Consumes({ MEDIA_TYPE_SCIM_JSON, MediaType.APPLICATION_JSON })
@Produces({ MEDIA_TYPE_SCIM_JSON + UTF8_CHARSET_FRAGMENT, MediaType.APPLICATION_JSON + UTF8_CHARSET_FRAGMENT })
@HeaderParam("Accept")
@DefaultValue(MEDIA_TYPE_SCIM_JSON)
@ProtectedApi
@RefAdjusted
@ApiOperation(value = "Update user", notes = "Update user (https://tools.ietf.org/html/rfc7644#section-3.5.1)", response = UserResource.class)
public Response updateUser(@ApiParam(value = "User", required = true) UserResource user, @PathParam("id") String id, @QueryParam(QUERY_PARAM_ATTRIBUTES) String attrsList, @QueryParam(QUERY_PARAM_EXCLUDED_ATTRS) String excludedAttrsList) {
Response response;
try {
log.debug("Executing web service method. updateUser");
UserResource updatedResource = scim2UserService.updateUser(id, user, endpointUrl);
String json = resourceSerializer.serialize(updatedResource, attrsList, excludedAttrsList);
response = Response.ok(new URI(updatedResource.getMeta().getLocation())).entity(json).build();
} catch (InvalidAttributeValueException e) {
log.error(e.getMessage());
response = getErrorResponse(Response.Status.BAD_REQUEST, ErrorScimType.MUTABILITY, e.getMessage());
} catch (Exception e) {
log.error("Failure at updateUser method", e);
response = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e.getMessage());
}
return response;
}
use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.
the class PassportRestWebService method getPassportConfig.
@GET
@Produces({ MediaType.APPLICATION_JSON })
@ProtectedApi
public Response getPassportConfig() {
Status status;
String jsonResponse;
try {
Object obj = Optional.ofNullable(passportService.loadConfigurationFromLdap()).map(LdapOxPassportConfiguration::getPassportConfiguration).map(Object.class::cast).orElse(Collections.emptyMap());
jsonResponse = jsonService.objectToPerttyJson(obj);
status = Status.OK;
} catch (Exception e) {
jsonResponse = "Failed to prepare configuration: " + e.getMessage();
status = Status.INTERNAL_SERVER_ERROR;
log.error(e.getMessage(), e);
}
log.trace("Passport endpoint config response is\n{}", jsonResponse);
return Response.status(status).entity(jsonResponse).build();
}
use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.
the class ClientWebResource method removeScopeToClient.
@DELETE
@Path(ApiConstants.INUM_PARAM_PATH + ApiConstants.SCOPES + ApiConstants.SCOPE_INUM_PARAM_PATH)
@Operation(summary = "Remove OIDC client scope", description = "Remove an existing scope from client")
@ApiResponses(value = { @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Scope[].class)), description = "Success"), @ApiResponse(responseCode = "500", description = "Server error") })
@ProtectedApi(scopes = { WRITE_ACCESS })
public Response removeScopeToClient(@PathParam(ApiConstants.INUM) @NotNull String inum, @PathParam(ApiConstants.SCOPE_INUM) @NotNull String sinum) {
log(logger, "remove scope to client");
try {
OxAuthClient client = clientService.getClientByInum(inum);
Scope scope = scopeService.getScopeByInum(sinum);
Objects.requireNonNull(client);
Objects.requireNonNull(scope);
if (client != null && scope != null) {
List<String> scopes = new ArrayList<String>(client.getOxAuthScopes());
scopes.remove(scopeService.getDnForScope(scope.getInum()));
client.setOxAuthScopes(scopes);
clientService.updateClient(client);
return Response.ok(scopes).build();
} else {
return Response.status(Response.Status.NOT_FOUND).build();
}
} catch (Exception e) {
log(logger, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
}
}
use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.
the class CustomScriptWebResource method updateCustomScript.
@PUT
@Operation(summary = "Update custom script", description = "Update custom script")
@ApiResponses(value = { @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = CustomScript.class)), description = "Success"), @ApiResponse(responseCode = "500", description = "Server error") })
@ProtectedApi(scopes = { WRITE_ACCESS })
public Response updateCustomScript(CustomScript customScript) {
try {
Objects.requireNonNull(customScript, "Attempt to update null custom script");
String inum = customScript.getInum();
log(logger, "Update custom script " + inum);
CustomScript existingScript = customScriptService.getScriptByInum(customScript.getInum());
if (existingScript != null) {
customScript.setInum(existingScript.getInum());
customScriptService.update(customScript);
return Response.ok().build();
} else {
return Response.status(Response.Status.NOT_FOUND).build();
}
} catch (Exception e) {
log(logger, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
}
}
use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.
the class LDAPAuthenticationWebResource method updateLdapConfiguration.
@PUT
@Operation(summary = "Update existing configuration", description = "Update an existing configuration")
@ApiResponses(value = { @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = LdapConfigurationDTO.class)), description = "Success"), @ApiResponse(responseCode = "404", description = "Not found") })
@ProtectedApi(scopes = { WRITE_ACCESS })
public Response updateLdapConfiguration(@Valid LdapConfigurationDTO ldapConfiguration) {
log(logger, "Update an existing configuration");
try {
GluuLdapConfiguration gluuLdapConfiguration = withVersion(ldapConfiguration);
ldapConfigurationService.update(gluuLdapConfiguration);
return Response.ok(read(ldapConfiguration.getConfigId())).build();
} catch (Exception e) {
log(logger, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
}
}
Aggregations