Example 36 with ErrorResponseException
use of org.keycloak.services.ErrorResponseException in project keycloak by keycloak.
the class RoleMapperResource method addRealmRoleMappings.
/**
* Add realm-level role mappings to the user
*
* @param roles Roles to add
*/
@Path("realm")
@POST
@Consumes(MediaType.APPLICATION_JSON)
public void addRealmRoleMappings(List<RoleRepresentation> roles) {
managePermission.require();
logger.debugv("** addRealmRoleMappings: {0}", roles);
try {
for (RoleRepresentation role : roles) {
RoleModel roleModel = realm.getRole(role.getName());
if (roleModel == null || !roleModel.getId().equals(role.getId())) {
throw new NotFoundException("Role not found");
}
auth.roles().requireMapRole(roleModel);
roleMapper.grantRole(roleModel);
}
} catch (ModelException | ReadOnlyException me) {
logger.warn(me.getMessage(), me);
throw new ErrorResponseException("invalid_request", "Could not add user role mappings!", Response.Status.BAD_REQUEST);
}
adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri()).representation(roles).success();
}
Also used :
RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation)
ModelException(org.keycloak.models.ModelException)
NotFoundException(javax.ws.rs.NotFoundException)
RoleModel(org.keycloak.models.RoleModel)
ErrorResponseException(org.keycloak.services.ErrorResponseException)
ReadOnlyException(org.keycloak.storage.ReadOnlyException)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Consumes(javax.ws.rs.Consumes)
Example 37 with ErrorResponseException
use of org.keycloak.services.ErrorResponseException in project keycloak by keycloak.
the class UserResource method removeMembership.
@DELETE
@Path("groups/{groupId}")
@NoCache
public void removeMembership(@PathParam("groupId") String groupId) {
auth.users().requireManageGroupMembership(user);
GroupModel group = session.groups().getGroupById(realm, groupId);
if (group == null) {
throw new NotFoundException("Group not found");
}
auth.groups().requireManageMembership(group);
try {
if (user.isMemberOf(group)) {
user.leaveGroup(group);
adminEvent.operation(OperationType.DELETE).resource(ResourceType.GROUP_MEMBERSHIP).representation(ModelToRepresentation.toRepresentation(group, true)).resourcePath(session.getContext().getUri()).success();
}
} catch (ModelException me) {
Properties messages = AdminRoot.getMessages(session, realm, auth.adminAuth().getToken().getLocale());
throw new ErrorResponseException(me.getMessage(), MessageFormat.format(messages.getProperty(me.getMessage(), me.getMessage()), me.getParameters()), Status.BAD_REQUEST);
}
}
Also used :
ModelException(org.keycloak.models.ModelException)
GroupModel(org.keycloak.models.GroupModel)
NotFoundException(javax.ws.rs.NotFoundException)
ErrorResponseException(org.keycloak.services.ErrorResponseException)
Properties(java.util.Properties)
Path(javax.ws.rs.Path)
DELETE(javax.ws.rs.DELETE)
NoCache(org.jboss.resteasy.annotations.cache.NoCache)
Example 38 with ErrorResponseException
use of org.keycloak.services.ErrorResponseException in project keycloak by keycloak.
the class ClientResource method addDefaultClientScope.
private void addDefaultClientScope(String clientScopeId, boolean defaultScope) {
auth.clients().requireManage(client);
ClientScopeModel clientScope = realm.getClientScopeById(clientScopeId);
if (clientScope == null) {
throw new javax.ws.rs.NotFoundException("Client scope not found");
}
if (defaultScope && clientScope.isDynamicScope()) {
throw new ErrorResponseException("invalid_request", "Can't assign a Dynamic Scope to a Client as a Default Scope", Response.Status.BAD_REQUEST);
}
client.addClientScope(clientScope, defaultScope);
adminEvent.operation(OperationType.CREATE).resource(ResourceType.CLIENT_SCOPE_CLIENT_MAPPING).resourcePath(session.getContext().getUri()).success();
}
Also used :
NotFoundException(javax.ws.rs.NotFoundException)
ClientScopeModel(org.keycloak.models.ClientScopeModel)
ErrorResponseException(org.keycloak.services.ErrorResponseException)
Example 39 with ErrorResponseException
use of org.keycloak.services.ErrorResponseException in project keycloak by keycloak.
the class ClientResource method getClient.
/**
* Get representation of the client
*
* @return
*/
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public ClientRepresentation getClient() {
try {
session.clientPolicy().triggerOnEvent(new AdminClientViewContext(client, auth.adminAuth()));
} catch (ClientPolicyException cpe) {
throw new ErrorResponseException(cpe.getError(), cpe.getErrorDetail(), Response.Status.BAD_REQUEST);
}
auth.clients().requireView(client);
ClientRepresentation representation = ModelToRepresentation.toRepresentation(client, session);
representation.setAccess(auth.clients().getAccess(client));
return representation;
}
Also used :
AdminClientViewContext(org.keycloak.services.clientpolicy.context.AdminClientViewContext)
ErrorResponseException(org.keycloak.services.ErrorResponseException)
ClientPolicyException(org.keycloak.services.clientpolicy.ClientPolicyException)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
NoCache(org.jboss.resteasy.annotations.cache.NoCache)
Example 40 with ErrorResponseException
use of org.keycloak.services.ErrorResponseException in project keycloak by keycloak.
the class ClientAttributeCertificateResource method getKeystore.
/**
* Get a keystore file for the client, containing private key and public certificate
*
* @param config Keystore configuration as JSON
* @return
*/
@POST
@NoCache
@Path("/download")
@Produces(MediaType.APPLICATION_OCTET_STREAM)
@Consumes(MediaType.APPLICATION_JSON)
public byte[] getKeystore(final KeyStoreConfig config) {
auth.clients().requireView(client);
if (config.getFormat() != null && !config.getFormat().equals("JKS") && !config.getFormat().equals("PKCS12")) {
throw new NotAcceptableException("Only support jks or pkcs12 format.");
}
CertificateRepresentation info = CertificateInfoHelper.getCertificateFromClient(client, attributePrefix);
String privatePem = info.getPrivateKey();
String certPem = info.getCertificate();
if (privatePem == null && certPem == null) {
throw new NotFoundException("keypair not generated for client");
}
if (privatePem != null && config.getKeyPassword() == null) {
throw new ErrorResponseException("password-missing", "Need to specify a key password for jks download", Response.Status.BAD_REQUEST);
}
if (config.getStorePassword() == null) {
throw new ErrorResponseException("password-missing", "Need to specify a store password for jks download", Response.Status.BAD_REQUEST);
}
byte[] rtn = getKeystore(config, privatePem, certPem);
return rtn;
}
Also used :
NotAcceptableException(javax.ws.rs.NotAcceptableException)
CertificateRepresentation(org.keycloak.representations.idm.CertificateRepresentation)
NotFoundException(javax.ws.rs.NotFoundException)
ErrorResponseException(org.keycloak.services.ErrorResponseException)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Produces(javax.ws.rs.Produces)
Consumes(javax.ws.rs.Consumes)
NoCache(org.jboss.resteasy.annotations.cache.NoCache)
Aggregations
ErrorResponseException (org.keycloak.services.ErrorResponseException)60
Consumes (javax.ws.rs.Consumes)25
Path (javax.ws.rs.Path)20
POST (javax.ws.rs.POST)19
ClientModel (org.keycloak.models.ClientModel)19
Produces (javax.ws.rs.Produces)17
NoCache (org.jboss.resteasy.annotations.cache.NoCache)14
ClientPolicyException (org.keycloak.services.clientpolicy.ClientPolicyException)11
NotFoundException (javax.ws.rs.NotFoundException)9
IOException (java.io.IOException)8
Response (javax.ws.rs.core.Response)8
DELETE (javax.ws.rs.DELETE)7
PUT (javax.ws.rs.PUT)7
OAuthErrorException (org.keycloak.OAuthErrorException)7
RealmModel (org.keycloak.models.RealmModel)7
ModelException (org.keycloak.models.ModelException)6
RoleModel (org.keycloak.models.RoleModel)6
List (java.util.List)5
GET (javax.ws.rs.GET)5
Resource (org.keycloak.authorization.model.Resource)5
