Search in sources :

Example 66 with ProtectedApi

use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.

the class UmaScopeWebResource method updateUmaScope.

@PUT
@Operation(summary = "Update UMA scope", description = "Update uma scope")
@ApiResponses(value = { @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Scope.class)), description = Constants.RESULT_SUCCESS), @ApiResponse(responseCode = "500", description = "Server error") })
@ProtectedApi(scopes = { WRITE_ACCESS })
public Response updateUmaScope(Scope umaScopeDescription) {
    String inum = umaScopeDescription.getInum();
    log(logger, "Update uma scope " + inum);
    try {
        Objects.requireNonNull(inum, "inum should not be null");
        Objects.requireNonNull(umaScopeDescription, "Attempt to update null uma scope");
        Scope existingScope = scopeDescriptionService.getUmaScopeByInum(inum);
        if (existingScope != null) {
            umaScopeDescription.setDn(scopeDescriptionService.getDnForScope(inum));
            scopeDescriptionService.updateUmaScope(umaScopeDescription);
            return Response.ok(scopeDescriptionService.getUmaScopeByInum(inum)).build();
        } else {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
    } catch (Exception e) {
        log(logger, e);
        return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
    }
}
Also used : Scope(org.oxauth.persistence.model.Scope) ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi) Operation(io.swagger.v3.oas.annotations.Operation) ApiResponses(io.swagger.v3.oas.annotations.responses.ApiResponses)

Example 67 with ProtectedApi

use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.

the class UmaScopeWebResource method getUmaScopeByInum.

@GET
@Path(ApiConstants.INUM_PARAM_PATH)
@Operation(summary = "Get UMA scope by inum", description = "Get a uma scope by inum")
@ApiResponses(value = { @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Scope.class)), description = Constants.RESULT_SUCCESS), @ApiResponse(responseCode = "500", description = "Server error") })
@ProtectedApi(scopes = { READ_ACCESS })
public Response getUmaScopeByInum(@PathParam(ApiConstants.INUM) @NotNull String inum) {
    log(logger, "Get uma scope " + inum);
    try {
        Objects.requireNonNull(inum, "inum should not be null");
        Scope scope = scopeDescriptionService.getUmaScopeByInum(inum);
        if (scope != null) {
            return Response.ok(scope).build();
        } else {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
    } catch (Exception e) {
        log(logger, e);
        return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
    }
}
Also used : Scope(org.oxauth.persistence.model.Scope) ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi) Operation(io.swagger.v3.oas.annotations.Operation) ApiResponses(io.swagger.v3.oas.annotations.responses.ApiResponses)

Example 68 with ProtectedApi

use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.

the class ClientWebResource method getClientScope.

@GET
@Path(ApiConstants.INUM_PARAM_PATH + ApiConstants.SCOPES)
@Operation(summary = "Get assigned OIDC client scopes", description = "Get OIDC scopes assign to OIDC client")
@ApiResponses(value = { @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = Scope[].class)), description = "Success"), @ApiResponse(responseCode = "500", description = "Server error"), @ApiResponse(responseCode = "404", description = "Not Found") })
@ProtectedApi(scopes = { READ_ACCESS })
public Response getClientScope(@PathParam(ApiConstants.INUM) @NotNull String inum) {
    log(logger, "Get client scopes");
    try {
        Objects.requireNonNull(inum);
        OxAuthClient client = clientService.getClientByInum(inum);
        if (client != null) {
            List<String> scopesDn = client.getOxAuthScopes();
            List<Scope> scopes = new ArrayList<Scope>();
            if (scopesDn != null) {
                for (String scopeDn : scopesDn) {
                    scopes.add(scopeService.getScopeByDn(scopeDn));
                }
                return Response.ok(scopes).build();
            } else {
                return Response.ok(scopes).build();
            }
        } else {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
    } catch (Exception e) {
        log(logger, e);
        return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
    }
}
Also used : Scope(org.oxauth.persistence.model.Scope) OxAuthClient(org.gluu.oxtrust.model.OxAuthClient) ArrayList(java.util.ArrayList) ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi) Operation(io.swagger.v3.oas.annotations.Operation) ApiResponses(io.swagger.v3.oas.annotations.responses.ApiResponses)

Example 69 with ProtectedApi

use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.

the class UmaResourceWebResource method removeClientToUmaResource.

@DELETE
@Operation(summary = "Remove UMA resource client", description = "Remove client from uma resource")
@ApiResponses(value = { @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = UmaResource.class)), description = "Success"), @ApiResponse(responseCode = "500", description = "Server error") })
@Path(ApiConstants.ID_PARAM_PATH + ApiConstants.CLIENTS + ApiConstants.INUM_PARAM_PATH)
@ProtectedApi(scopes = { WRITE_ACCESS })
public Response removeClientToUmaResource(@PathParam(ApiConstants.ID) @NotNull String id, @PathParam(ApiConstants.INUM) @NotNull String clientInum) {
    try {
        log(logger, "Remove client " + clientInum + " from uma resource " + id);
        Objects.requireNonNull(id, "Uma id should not be null");
        Objects.requireNonNull(clientInum, "Client inum should not be null");
        List<UmaResource> resources = umaResourcesService.findResourcesById(id);
        OxAuthClient client = clientService.getClientByInum(clientInum);
        if (resources != null && !resources.isEmpty() && client != null) {
            UmaResource umaResource = resources.get(0);
            List<String> clientsDn = new ArrayList<String>();
            if (umaResource.getClients() != null) {
                clientsDn.addAll(umaResource.getClients());
            }
            clientsDn.remove(clientService.getDnForClient(clientInum));
            umaResource.setClients(clientsDn);
            umaResourcesService.updateResource(umaResource);
            return Response.ok(umaResourcesService.findResourcesById(id).get(0)).build();
        } else {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
    } catch (Exception e) {
        log(logger, e);
        return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
    }
}
Also used : OxAuthClient(org.gluu.oxtrust.model.OxAuthClient) ArrayList(java.util.ArrayList) UmaResource(org.gluu.oxauth.model.uma.persistence.UmaResource) ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi) Operation(io.swagger.v3.oas.annotations.Operation) ApiResponses(io.swagger.v3.oas.annotations.responses.ApiResponses)

Example 70 with ProtectedApi

use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.

the class UmaResourceWebResource method removeScopeToUmaResource.

@DELETE
@Operation(summary = "Remove UMA resource scope", description = "remove a scope from uma resource")
@ApiResponses(value = { @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = UmaResource.class)), description = "Success"), @ApiResponse(responseCode = "500", description = "Server error") })
@Path(ApiConstants.ID_PARAM_PATH + ApiConstants.SCOPES + ApiConstants.INUM_PARAM_PATH)
@ProtectedApi(scopes = { WRITE_ACCESS })
public Response removeScopeToUmaResource(@PathParam(ApiConstants.ID) @NotNull String id, @PathParam(ApiConstants.INUM) @NotNull String scopeInum) {
    try {
        log(logger, "Remove scope " + scopeInum + " from uma resource " + id);
        Objects.requireNonNull(id, "Uma id should not be null");
        Objects.requireNonNull(scopeInum, "scope inum should not be null");
        List<UmaResource> resources = umaResourcesService.findResourcesById(id);
        Scope umaScope = scopeDescriptionService.getUmaScopeByInum(scopeInum);
        if (resources != null && !resources.isEmpty() && umaScope != null) {
            UmaResource umaResource = resources.get(0);
            List<String> scopesDn = new ArrayList<String>();
            if (umaResource.getScopes() != null) {
                scopesDn.addAll(umaResource.getScopes());
            }
            scopesDn.remove(scopeDescriptionService.getDnForScope(scopeInum));
            umaResource.setScopes(scopesDn);
            umaResourcesService.updateResource(umaResource);
            return Response.ok(umaResourcesService.findResourcesById(id).get(0)).build();
        } else {
            return Response.status(Response.Status.NOT_FOUND).build();
        }
    } catch (Exception e) {
        log(logger, e);
        return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
    }
}
Also used : Scope(org.oxauth.persistence.model.Scope) ArrayList(java.util.ArrayList) UmaResource(org.gluu.oxauth.model.uma.persistence.UmaResource) ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi) Operation(io.swagger.v3.oas.annotations.Operation) ApiResponses(io.swagger.v3.oas.annotations.responses.ApiResponses)

Aggregations

ProtectedApi (org.gluu.oxtrust.service.filter.ProtectedApi)75 Operation (io.swagger.v3.oas.annotations.Operation)50 ApiResponses (io.swagger.v3.oas.annotations.responses.ApiResponses)47 ApiOperation (com.wordnik.swagger.annotations.ApiOperation)21 Produces (javax.ws.rs.Produces)21 Response (javax.ws.rs.core.Response)21 ArrayList (java.util.ArrayList)20 DefaultValue (javax.ws.rs.DefaultValue)20 HeaderParam (javax.ws.rs.HeaderParam)20 ListResponse (org.gluu.oxtrust.model.scim2.ListResponse)20 InvalidAttributeValueException (javax.management.InvalidAttributeValueException)19 SCIMException (org.gluu.oxtrust.model.exception.SCIMException)19 ListViewResponse (org.gluu.persist.model.ListViewResponse)19 URI (java.net.URI)17 RefAdjusted (org.gluu.oxtrust.service.scim2.interceptor.RefAdjusted)17 Path (javax.ws.rs.Path)16 Consumes (javax.ws.rs.Consumes)11 GluuGroup (org.gluu.oxtrust.model.GluuGroup)10 OxAuthClient (org.gluu.oxtrust.model.OxAuthClient)10 Scope (org.oxauth.persistence.model.Scope)10