Search in sources :

Example 1 with ErrorResponse

use of org.keycloak.services.ErrorResponse in project keycloak by keycloak.

the class IdentityBrokerService method parseSessionCode.

/**
 * This method will throw JAX-RS exception in case it is not able to retrieve AuthenticationSessionModel. It never returns null
 */
private AuthenticationSessionModel parseSessionCode(String code, String clientId, String tabId) {
    if (code == null || clientId == null || tabId == null) {
        logger.debugf("Invalid request. Authorization code, clientId or tabId was null. Code=%s, clientId=%s, tabID=%s", code, clientId, tabId);
        Response staleCodeError = redirectToErrorPage(Response.Status.BAD_REQUEST, Messages.INVALID_REQUEST);
        throw new WebApplicationException(staleCodeError);
    }
    SessionCodeChecks checks = new SessionCodeChecks(realmModel, session.getContext().getUri(), request, clientConnection, session, event, null, code, null, clientId, tabId, LoginActionsService.AUTHENTICATE_PATH);
    checks.initialVerify();
    if (!checks.verifyActiveAndValidAction(AuthenticationSessionModel.Action.AUTHENTICATE.name(), ClientSessionCode.ActionType.LOGIN)) {
        AuthenticationSessionModel authSession = checks.getAuthenticationSession();
        if (authSession != null) {
            // Check if error happened during login or during linking from account management
            Response accountManagementFailedLinking = checkAccountManagementFailedLinking(authSession, Messages.STALE_CODE_ACCOUNT);
            if (accountManagementFailedLinking != null) {
                throw new WebApplicationException(accountManagementFailedLinking);
            } else {
                Response errorResponse = checks.getResponse();
                // Remove "code" from browser history
                errorResponse = BrowserHistoryHelper.getInstance().saveResponseAndRedirect(session, authSession, errorResponse, true, request);
                throw new WebApplicationException(errorResponse);
            }
        } else {
            throw new WebApplicationException(checks.getResponse());
        }
    } else {
        if (isDebugEnabled()) {
            logger.debugf("Authorization code is valid.");
        }
        return checks.getClientCode().getClientSession();
    }
}
Also used : Response(javax.ws.rs.core.Response) ErrorResponse(org.keycloak.services.ErrorResponse) AuthenticationSessionModel(org.keycloak.sessions.AuthenticationSessionModel) RootAuthenticationSessionModel(org.keycloak.sessions.RootAuthenticationSessionModel) WebApplicationException(javax.ws.rs.WebApplicationException)

Aggregations

WebApplicationException (javax.ws.rs.WebApplicationException)1 Response (javax.ws.rs.core.Response)1 ErrorResponse (org.keycloak.services.ErrorResponse)1 AuthenticationSessionModel (org.keycloak.sessions.AuthenticationSessionModel)1 RootAuthenticationSessionModel (org.keycloak.sessions.RootAuthenticationSessionModel)1