Example 31 with ProtectedApi
use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.
the class UmaResourceWebResource method getUmaResourceClients.
@GET
@Path(ApiConstants.ID_PARAM_PATH + ApiConstants.CLIENTS)
@Operation(summary = "Get clients of UMA resources", description = "Get clients of uma resource")
@ProtectedApi(scopes = { READ_ACCESS })
public Response getUmaResourceClients(@PathParam(ApiConstants.ID) @NotNull String id) {
try {
log(logger, "Get clients of uma resource having id " + id);
Objects.requireNonNull(id, "id should not be null");
List<UmaResource> resources = umaResourcesService.findResourcesById(id);
if (resources != null && !resources.isEmpty()) {
UmaResource resource = resources.get(0);
List<String> clientsDn = resource.getClients();
List<OxAuthClient> clients = new ArrayList<OxAuthClient>();
if (clientsDn != null) {
for (String clientDn : clientsDn) {
clients.add(clientService.getClientByDn(clientDn));
}
}
return Response.ok(clients).build();
} else {
return Response.status(Response.Status.NOT_FOUND).build();
}
} catch (Exception e) {
log(logger, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
}
}
Also used :
OxAuthClient(org.gluu.oxtrust.model.OxAuthClient)
ArrayList(java.util.ArrayList)
UmaResource(org.gluu.oxauth.model.uma.persistence.UmaResource)
ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi)
Operation(io.swagger.v3.oas.annotations.Operation)
Example 32 with ProtectedApi
use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.
the class UmaResourceWebResource method addScopeToUmaResource.
@POST
@Operation(summary = "Add UMA resource scope", description = "add scope to uma resource")
@ApiResponses(value = { @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = UmaResource.class)), description = "Success"), @ApiResponse(responseCode = "500", description = "Server error") })
@Path(ApiConstants.ID_PARAM_PATH + ApiConstants.SCOPES + ApiConstants.INUM_PARAM_PATH)
@ProtectedApi(scopes = { WRITE_ACCESS })
public Response addScopeToUmaResource(@PathParam(ApiConstants.ID) @NotNull String id, @PathParam(ApiConstants.INUM) @NotNull String scopeInum) {
log(logger, "Add scope " + scopeInum + " to uma resource " + id);
try {
Objects.requireNonNull(id, "Uma id should not be null");
Objects.requireNonNull(scopeInum, "scope inum should not be null");
List<UmaResource> resources = umaResourcesService.findResourcesById(id);
Scope umaScope = scopeDescriptionService.getUmaScopeByInum(scopeInum);
if (resources != null && !resources.isEmpty() && umaScope != null) {
UmaResource umaResource = resources.get(0);
List<String> scopesDn = new ArrayList<String>();
if (umaResource.getScopes() != null) {
scopesDn.addAll(umaResource.getScopes());
}
scopesDn.add(scopeDescriptionService.getDnForScope(scopeInum));
umaResource.setScopes(scopesDn);
umaResourcesService.updateResource(umaResource);
return Response.ok(umaResourcesService.findResourcesById(id).get(0)).build();
} else {
return Response.status(Response.Status.NOT_FOUND).build();
}
} catch (Exception e) {
log(logger, e);
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
}
}
Also used :
Scope(org.oxauth.persistence.model.Scope)
ArrayList(java.util.ArrayList)
UmaResource(org.gluu.oxauth.model.uma.persistence.UmaResource)
ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi)
Operation(io.swagger.v3.oas.annotations.Operation)
ApiResponses(io.swagger.v3.oas.annotations.responses.ApiResponses)
Example 33 with ProtectedApi
use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.
the class BaseUmaProtectionService method addMethodScopes.
private void addMethodScopes(ResourceInfo resourceInfo, List<String> scopes) {
Method resourceMethod = resourceInfo.getResourceMethod();
ProtectedApi methodAnnotation = resourceMethod.getAnnotation(ProtectedApi.class);
if (methodAnnotation != null) {
scopes.addAll(Stream.of(methodAnnotation.scopes()).collect(Collectors.toList()));
}
}
Also used :
ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi)
Method(java.lang.reflect.Method)
Example 34 with ProtectedApi
use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.
the class BaseUmaProtectionService method getRequestedScopes.
public List<String> getRequestedScopes(ResourceInfo resourceInfo) {
Class<?> resourceClass = resourceInfo.getResourceClass();
ProtectedApi typeAnnotation = resourceClass.getAnnotation(ProtectedApi.class);
if (typeAnnotation == null) {
return Collections.emptyList();
}
List<String> scopes = new ArrayList<String>();
scopes.addAll(getResourceScopes(typeAnnotation.scopes()));
Method resourceMethod = resourceInfo.getResourceMethod();
ProtectedApi methodAnnotation = resourceMethod.getAnnotation(ProtectedApi.class);
if (methodAnnotation != null) {
scopes.addAll(getResourceScopes(methodAnnotation.scopes()));
}
return scopes;
}
Also used :
ArrayList(java.util.ArrayList)
ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi)
Method(java.lang.reflect.Method)
Example 35 with ProtectedApi
use of org.gluu.oxtrust.service.filter.ProtectedApi in project oxTrust by GluuFederation.
the class FidoDeviceWebService method deleteDevice.
@Path("{id}")
@DELETE
@Produces({ MEDIA_TYPE_SCIM_JSON + UTF8_CHARSET_FRAGMENT, MediaType.APPLICATION_JSON + UTF8_CHARSET_FRAGMENT })
@HeaderParam("Accept")
@DefaultValue(MEDIA_TYPE_SCIM_JSON)
@ProtectedApi
@ApiOperation(value = "Delete device")
public Response deleteDevice(@PathParam("id") String id) {
Response response;
try {
log.debug("Executing web service method. deleteDevice");
// No need to check id being non-null. fidoDeviceService will give null if null is provided
GluuCustomFidoDevice device = fidoDeviceService.getGluuCustomFidoDeviceById(null, id);
if (device != null) {
fidoDeviceService.removeGluuCustomFidoDevice(device);
response = Response.noContent().build();
} else
response = getErrorResponse(Response.Status.NOT_FOUND, ErrorScimType.INVALID_VALUE, "Resource " + id + " not found");
} catch (Exception e) {
log.error("Failure at deleteDevice method", e);
response = getErrorResponse(Response.Status.INTERNAL_SERVER_ERROR, "Unexpected error: " + e.getMessage());
}
return response;
}
Also used :
ListResponse(org.gluu.oxtrust.model.scim2.ListResponse)
Response(javax.ws.rs.core.Response)
ListViewResponse(org.gluu.persist.model.ListViewResponse)
GluuCustomFidoDevice(org.gluu.oxtrust.model.fido.GluuCustomFidoDevice)
SCIMException(org.gluu.oxtrust.model.exception.SCIMException)
InvalidAttributeValueException(javax.management.InvalidAttributeValueException)
Path(javax.ws.rs.Path)
DefaultValue(javax.ws.rs.DefaultValue)
DELETE(javax.ws.rs.DELETE)
HeaderParam(javax.ws.rs.HeaderParam)
Produces(javax.ws.rs.Produces)
ApiOperation(com.wordnik.swagger.annotations.ApiOperation)
ProtectedApi(org.gluu.oxtrust.service.filter.ProtectedApi)
Aggregations
ProtectedApi (org.gluu.oxtrust.service.filter.ProtectedApi)75
Operation (io.swagger.v3.oas.annotations.Operation)50
ApiResponses (io.swagger.v3.oas.annotations.responses.ApiResponses)47
ApiOperation (com.wordnik.swagger.annotations.ApiOperation)21
Produces (javax.ws.rs.Produces)21
Response (javax.ws.rs.core.Response)21
ArrayList (java.util.ArrayList)20
DefaultValue (javax.ws.rs.DefaultValue)20
HeaderParam (javax.ws.rs.HeaderParam)20
ListResponse (org.gluu.oxtrust.model.scim2.ListResponse)20
InvalidAttributeValueException (javax.management.InvalidAttributeValueException)19
SCIMException (org.gluu.oxtrust.model.exception.SCIMException)19
ListViewResponse (org.gluu.persist.model.ListViewResponse)19
URI (java.net.URI)17
RefAdjusted (org.gluu.oxtrust.service.scim2.interceptor.RefAdjusted)17
Path (javax.ws.rs.Path)16
Consumes (javax.ws.rs.Consumes)11
GluuGroup (org.gluu.oxtrust.model.GluuGroup)10
OxAuthClient (org.gluu.oxtrust.model.OxAuthClient)10
Scope (org.oxauth.persistence.model.Scope)10
