Search in sources :

Example 36 with ErrorResponseException

use of org.keycloak.services.ErrorResponseException in project keycloak by keycloak.

the class RoleMapperResource method addRealmRoleMappings.

/**
 * Add realm-level role mappings to the user
 *
 * @param roles Roles to add
 */
@Path("realm")
@POST
@Consumes(MediaType.APPLICATION_JSON)
public void addRealmRoleMappings(List<RoleRepresentation> roles) {
    managePermission.require();
    logger.debugv("** addRealmRoleMappings: {0}", roles);
    try {
        for (RoleRepresentation role : roles) {
            RoleModel roleModel = realm.getRole(role.getName());
            if (roleModel == null || !roleModel.getId().equals(role.getId())) {
                throw new NotFoundException("Role not found");
            }
            auth.roles().requireMapRole(roleModel);
            roleMapper.grantRole(roleModel);
        }
    } catch (ModelException | ReadOnlyException me) {
        logger.warn(me.getMessage(), me);
        throw new ErrorResponseException("invalid_request", "Could not add user role mappings!", Response.Status.BAD_REQUEST);
    }
    adminEvent.operation(OperationType.CREATE).resourcePath(session.getContext().getUri()).representation(roles).success();
}
Also used : RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) ModelException(org.keycloak.models.ModelException) NotFoundException(javax.ws.rs.NotFoundException) RoleModel(org.keycloak.models.RoleModel) ErrorResponseException(org.keycloak.services.ErrorResponseException) ReadOnlyException(org.keycloak.storage.ReadOnlyException) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes)

Example 37 with ErrorResponseException

use of org.keycloak.services.ErrorResponseException in project keycloak by keycloak.

the class UserResource method removeMembership.

@DELETE
@Path("groups/{groupId}")
@NoCache
public void removeMembership(@PathParam("groupId") String groupId) {
    auth.users().requireManageGroupMembership(user);
    GroupModel group = session.groups().getGroupById(realm, groupId);
    if (group == null) {
        throw new NotFoundException("Group not found");
    }
    auth.groups().requireManageMembership(group);
    try {
        if (user.isMemberOf(group)) {
            user.leaveGroup(group);
            adminEvent.operation(OperationType.DELETE).resource(ResourceType.GROUP_MEMBERSHIP).representation(ModelToRepresentation.toRepresentation(group, true)).resourcePath(session.getContext().getUri()).success();
        }
    } catch (ModelException me) {
        Properties messages = AdminRoot.getMessages(session, realm, auth.adminAuth().getToken().getLocale());
        throw new ErrorResponseException(me.getMessage(), MessageFormat.format(messages.getProperty(me.getMessage(), me.getMessage()), me.getParameters()), Status.BAD_REQUEST);
    }
}
Also used : ModelException(org.keycloak.models.ModelException) GroupModel(org.keycloak.models.GroupModel) NotFoundException(javax.ws.rs.NotFoundException) ErrorResponseException(org.keycloak.services.ErrorResponseException) Properties(java.util.Properties) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Example 38 with ErrorResponseException

use of org.keycloak.services.ErrorResponseException in project keycloak by keycloak.

the class ClientResource method addDefaultClientScope.

private void addDefaultClientScope(String clientScopeId, boolean defaultScope) {
    auth.clients().requireManage(client);
    ClientScopeModel clientScope = realm.getClientScopeById(clientScopeId);
    if (clientScope == null) {
        throw new javax.ws.rs.NotFoundException("Client scope not found");
    }
    if (defaultScope && clientScope.isDynamicScope()) {
        throw new ErrorResponseException("invalid_request", "Can't assign a Dynamic Scope to a Client as a Default Scope", Response.Status.BAD_REQUEST);
    }
    client.addClientScope(clientScope, defaultScope);
    adminEvent.operation(OperationType.CREATE).resource(ResourceType.CLIENT_SCOPE_CLIENT_MAPPING).resourcePath(session.getContext().getUri()).success();
}
Also used : NotFoundException(javax.ws.rs.NotFoundException) ClientScopeModel(org.keycloak.models.ClientScopeModel) ErrorResponseException(org.keycloak.services.ErrorResponseException)

Example 39 with ErrorResponseException

use of org.keycloak.services.ErrorResponseException in project keycloak by keycloak.

the class ClientResource method getClient.

/**
 * Get representation of the client
 *
 * @return
 */
@GET
@NoCache
@Produces(MediaType.APPLICATION_JSON)
public ClientRepresentation getClient() {
    try {
        session.clientPolicy().triggerOnEvent(new AdminClientViewContext(client, auth.adminAuth()));
    } catch (ClientPolicyException cpe) {
        throw new ErrorResponseException(cpe.getError(), cpe.getErrorDetail(), Response.Status.BAD_REQUEST);
    }
    auth.clients().requireView(client);
    ClientRepresentation representation = ModelToRepresentation.toRepresentation(client, session);
    representation.setAccess(auth.clients().getAccess(client));
    return representation;
}
Also used : AdminClientViewContext(org.keycloak.services.clientpolicy.context.AdminClientViewContext) ErrorResponseException(org.keycloak.services.ErrorResponseException) ClientPolicyException(org.keycloak.services.clientpolicy.ClientPolicyException) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Example 40 with ErrorResponseException

use of org.keycloak.services.ErrorResponseException in project keycloak by keycloak.

the class ClientAttributeCertificateResource method getKeystore.

/**
 * Get a keystore file for the client, containing private key and public certificate
 *
 * @param config Keystore configuration as JSON
 * @return
 */
@POST
@NoCache
@Path("/download")
@Produces(MediaType.APPLICATION_OCTET_STREAM)
@Consumes(MediaType.APPLICATION_JSON)
public byte[] getKeystore(final KeyStoreConfig config) {
    auth.clients().requireView(client);
    if (config.getFormat() != null && !config.getFormat().equals("JKS") && !config.getFormat().equals("PKCS12")) {
        throw new NotAcceptableException("Only support jks or pkcs12 format.");
    }
    CertificateRepresentation info = CertificateInfoHelper.getCertificateFromClient(client, attributePrefix);
    String privatePem = info.getPrivateKey();
    String certPem = info.getCertificate();
    if (privatePem == null && certPem == null) {
        throw new NotFoundException("keypair not generated for client");
    }
    if (privatePem != null && config.getKeyPassword() == null) {
        throw new ErrorResponseException("password-missing", "Need to specify a key password for jks download", Response.Status.BAD_REQUEST);
    }
    if (config.getStorePassword() == null) {
        throw new ErrorResponseException("password-missing", "Need to specify a store password for jks download", Response.Status.BAD_REQUEST);
    }
    byte[] rtn = getKeystore(config, privatePem, certPem);
    return rtn;
}
Also used : NotAcceptableException(javax.ws.rs.NotAcceptableException) CertificateRepresentation(org.keycloak.representations.idm.CertificateRepresentation) NotFoundException(javax.ws.rs.NotFoundException) ErrorResponseException(org.keycloak.services.ErrorResponseException) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Produces(javax.ws.rs.Produces) Consumes(javax.ws.rs.Consumes) NoCache(org.jboss.resteasy.annotations.cache.NoCache)

Aggregations

ErrorResponseException (org.keycloak.services.ErrorResponseException)60 Consumes (javax.ws.rs.Consumes)25 Path (javax.ws.rs.Path)20 POST (javax.ws.rs.POST)19 ClientModel (org.keycloak.models.ClientModel)19 Produces (javax.ws.rs.Produces)17 NoCache (org.jboss.resteasy.annotations.cache.NoCache)14 ClientPolicyException (org.keycloak.services.clientpolicy.ClientPolicyException)11 NotFoundException (javax.ws.rs.NotFoundException)9 IOException (java.io.IOException)8 Response (javax.ws.rs.core.Response)8 DELETE (javax.ws.rs.DELETE)7 PUT (javax.ws.rs.PUT)7 OAuthErrorException (org.keycloak.OAuthErrorException)7 RealmModel (org.keycloak.models.RealmModel)7 ModelException (org.keycloak.models.ModelException)6 RoleModel (org.keycloak.models.RoleModel)6 List (java.util.List)5 GET (javax.ws.rs.GET)5 Resource (org.keycloak.authorization.model.Resource)5