Examples with NoCache org.jboss.resteasy.annotations.cache.NoCache used on opensource projects

Search in sources :

Example 1 with NoCache

use of org.jboss.resteasy.annotations.cache.NoCache in project keycloak by keycloak.

the class TokenIntrospectionEndpoint method introspect.

@POST
@NoCache
public Response introspect() {
    event.event(EventType.INTROSPECT_TOKEN);
    checkSsl();
    checkRealm();
    authorizeClient();
    MultivaluedMap<String, String> formParams = request.getDecodedFormParameters();
    checkParameterDuplicated(formParams);
    String tokenTypeHint = formParams.getFirst(PARAM_TOKEN_TYPE_HINT);
    if (tokenTypeHint == null) {
        tokenTypeHint = AccessTokenIntrospectionProviderFactory.ACCESS_TOKEN_TYPE;
    }
    String token = formParams.getFirst(PARAM_TOKEN);
    if (token == null) {
        throw throwErrorResponseException(Errors.INVALID_REQUEST, "Token not provided.", Status.BAD_REQUEST);
    }
    TokenIntrospectionProvider provider = this.session.getProvider(TokenIntrospectionProvider.class, tokenTypeHint);
    if (provider == null) {
        throw throwErrorResponseException(Errors.INVALID_REQUEST, "Unsupported token type [" + tokenTypeHint + "].", Status.BAD_REQUEST);
    }
    try {
        session.clientPolicy().triggerOnEvent(new TokenIntrospectContext(formParams));
    } catch (ClientPolicyException cpe) {
        throw throwErrorResponseException(Errors.INVALID_REQUEST, cpe.getErrorDetail(), Status.BAD_REQUEST);
    }
    try {
        Response response = provider.introspect(token);
        this.event.success();
        return response;
    } catch (ErrorResponseException ere) {
        throw ere;
    } catch (Exception e) {
        throw throwErrorResponseException(Errors.INVALID_REQUEST, "Failed to introspect token.", Status.BAD_REQUEST);
    }
}
Also used : Response(javax.ws.rs.core.Response) TokenIntrospectionProvider(org.keycloak.protocol.oidc.TokenIntrospectionProvider) TokenIntrospectContext(org.keycloak.services.clientpolicy.context.TokenIntrospectContext) ErrorResponseException(org.keycloak.services.ErrorResponseException) ClientPolicyException(org.keycloak.services.clientpolicy.ClientPolicyException) ErrorResponseException(org.keycloak.services.ErrorResponseException) ClientPolicyException(org.keycloak.services.clientpolicy.ClientPolicyException) POST(javax.ws.rs.POST) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Example 2 with NoCache

use of org.jboss.resteasy.annotations.cache.NoCache in project keycloak by keycloak.

the class UserInfoEndpoint method issueUserInfoPost.

@Path("/")
@POST
@NoCache
public Response issueUserInfoPost() {
    // Try header first
    HttpHeaders headers = request.getHttpHeaders();
    String accessToken = this.appAuthManager.extractAuthorizationHeaderTokenOrReturnNull(headers);
    // Fallback to form parameter
    if (accessToken == null) {
        accessToken = request.getDecodedFormParameters().getFirst("access_token");
    }
    return issueUserInfo(accessToken);
}
Also used : HttpHeaders(javax.ws.rs.core.HttpHeaders) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Example 3 with NoCache

use of org.jboss.resteasy.annotations.cache.NoCache in project keycloak by keycloak.

the class BackchannelAuthenticationCallbackEndpoint method processAuthenticationChannelResult.

@Path("/")
@POST
@NoCache
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public Response processAuthenticationChannelResult(AuthenticationChannelResponse response) {
    event.event(EventType.LOGIN);
    BackchannelAuthCallbackContext ctx = verifyAuthenticationRequest(httpRequest.getHttpHeaders());
    AccessToken bearerToken = ctx.bearerToken;
    OAuth2DeviceCodeModel deviceModel = ctx.deviceModel;
    Status status = response.getStatus();
    if (status == null) {
        event.error(Errors.INVALID_REQUEST);
        throw new ErrorResponseException(OAuthErrorException.INVALID_REQUEST, "Invalid authentication status", Response.Status.BAD_REQUEST);
    }
    switch(status) {
        case SUCCEED:
            approveRequest(bearerToken, response.getAdditionalParams());
            break;
        case CANCELLED:
        case UNAUTHORIZED:
            denyRequest(bearerToken, status);
            break;
    }
    // Call the notification endpoint
    ClientModel client = session.getContext().getClient();
    CibaConfig cibaConfig = realm.getCibaPolicy();
    if (cibaConfig.getBackchannelTokenDeliveryMode(client).equals(CibaConfig.CIBA_PING_MODE)) {
        sendClientNotificationRequest(client, cibaConfig, deviceModel);
    }
    return Response.ok(MediaType.APPLICATION_JSON_TYPE).build();
}
Also used : Status(org.keycloak.protocol.oidc.grants.ciba.channel.AuthenticationChannelResponse.Status) ClientModel(org.keycloak.models.ClientModel) OAuth2DeviceCodeModel(org.keycloak.models.OAuth2DeviceCodeModel) AccessToken(org.keycloak.representations.AccessToken) CibaConfig(org.keycloak.models.CibaConfig) ErrorResponseException(org.keycloak.services.ErrorResponseException) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Example 4 with NoCache

use of org.jboss.resteasy.annotations.cache.NoCache in project keycloak by keycloak.

the class ScopeMappedResource method getScopeMappings.

/**
 * Get all scope mappings for the client
 *
 * @return
 * @deprecated the method is not used neither from admin console or from admin client. It may be removed in future releases.
 */
@GET
@Produces(MediaType.APPLICATION_JSON)
@NoCache
@Deprecated
public MappingsRepresentation getScopeMappings() {
    viewPermission.require();
    if (scopeContainer == null) {
        throw new NotFoundException("Could not find client");
    }
    MappingsRepresentation all = new MappingsRepresentation();
    List<RoleRepresentation> realmRep = scopeContainer.getRealmScopeMappingsStream().map(ModelToRepresentation::toBriefRepresentation).collect(Collectors.toList());
    if (!realmRep.isEmpty()) {
        all.setRealmMappings(realmRep);
    }
    Stream<ClientModel> clients = realm.getClientsStream();
    Map<String, ClientMappingsRepresentation> clientMappings = clients.map(c -> ScopeMappedUtil.toClientMappingsRepresentation(c, scopeContainer)).filter(Objects::nonNull).collect(Collectors.toMap(ClientMappingsRepresentation::getClient, Function.identity()));
    if (!clientMappings.isEmpty()) {
        all.setClientMappings(clientMappings);
    }
    return all;
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) ClientModel(org.keycloak.models.ClientModel) MappingsRepresentation(org.keycloak.representations.idm.MappingsRepresentation) ClientMappingsRepresentation(org.keycloak.representations.idm.ClientMappingsRepresentation) NotFoundException(javax.ws.rs.NotFoundException) ClientMappingsRepresentation(org.keycloak.representations.idm.ClientMappingsRepresentation) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Example 5 with NoCache

use of org.jboss.resteasy.annotations.cache.NoCache in project keycloak by keycloak.

the class UserResource method removeCredential.

/**
 * Remove a credential for a user
 */
@Path("credentials/{credentialId}")
@DELETE
@NoCache
public void removeCredential(@PathParam("credentialId") final String credentialId) {
    auth.users().requireManage(user);
    CredentialModel credential = session.userCredentialManager().getStoredCredentialById(realm, user, credentialId);
    if (credential == null) {
        // we do this to make sure somebody can't phish ids
        if (auth.users().canQuery())
            throw new NotFoundException("Credential not found");
        else
            throw new ForbiddenException();
    }
    session.userCredentialManager().removeStoredCredential(realm, user, credentialId);
    adminEvent.operation(OperationType.ACTION).resourcePath(session.getContext().getUri()).success();
}
Also used : ForbiddenException(org.keycloak.services.ForbiddenException) UserCredentialModel(org.keycloak.models.UserCredentialModel) CredentialModel(org.keycloak.credential.CredentialModel) NotFoundException(javax.ws.rs.NotFoundException) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Aggregations

NoCache (org.jboss.resteasy.annotations.cache.NoCache)152 Path (javax.ws.rs.Path)128 Produces (javax.ws.rs.Produces)100 GET (javax.ws.rs.GET)82 NotFoundException (javax.ws.rs.NotFoundException)67 POST (javax.ws.rs.POST)49 Consumes (javax.ws.rs.Consumes)48 PUT (javax.ws.rs.PUT)24 DELETE (javax.ws.rs.DELETE)23 HashMap (java.util.HashMap)20 RoleModel (org.keycloak.models.RoleModel)18 UserModel (org.keycloak.models.UserModel)18 BadRequestException (javax.ws.rs.BadRequestException)17 Response (javax.ws.rs.core.Response)16 ErrorResponseException (org.keycloak.services.ErrorResponseException)16 ClientModel (org.keycloak.models.ClientModel)15 AuthenticationFlowModel (org.keycloak.models.AuthenticationFlowModel)14 RealmModel (org.keycloak.models.RealmModel)14 List (java.util.List)12 Map (java.util.Map)12
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial