Example 51 with TechnicalException
use of org.pac4j.core.exception.TechnicalException in project pac4j by pac4j.
the class ConfigBuilder method build.
@SuppressWarnings("unchecked")
public static synchronized Config build(final String factoryName, final Object... parameters) {
try {
logger.info("Build the configuration from factory: {}", factoryName);
ClassLoader tccl = Thread.currentThread().getContextClassLoader();
final Class<ConfigFactory> clazz;
if (tccl == null) {
clazz = (Class<ConfigFactory>) Class.forName(factoryName);
} else {
clazz = (Class<ConfigFactory>) Class.forName(factoryName, true, tccl);
}
final ConfigFactory factory = clazz.newInstance();
return factory.build(parameters);
} catch (final Exception e) {
throw new TechnicalException("Cannot build configuration", e);
}
}
Also used :
TechnicalException(org.pac4j.core.exception.TechnicalException)
TechnicalException(org.pac4j.core.exception.TechnicalException)
Example 52 with TechnicalException
use of org.pac4j.core.exception.TechnicalException in project ddf by codice.
the class OidcCredentialsResolver method resolveIdToken.
/* This methods job is to try and get an id token from a
1. refresh token
2. authorization code
3. access token
*/
public void resolveIdToken(OidcCredentials credentials, WebContext webContext) {
final AccessToken initialAccessToken = credentials.getAccessToken();
final JWT initialIdToken = credentials.getIdToken();
try {
OidcTokenValidator.validateAccessToken(initialAccessToken, initialIdToken, resourceRetriever, metadata, configuration);
if (initialIdToken != null) {
OidcTokenValidator.validateIdTokens(initialIdToken, webContext, configuration, client);
return;
}
} catch (OidcValidationException e) {
throw new TechnicalException(e);
}
final RefreshToken initialRefreshToken = credentials.getRefreshToken();
final AuthorizationCode initialAuthorizationCode = credentials.getCode();
final List<AuthorizationGrant> grantList = new ArrayList<>();
if (initialRefreshToken != null) {
grantList.add(new RefreshTokenGrant(initialRefreshToken));
}
if (initialAuthorizationCode != null) {
try {
final URI callbackUri = new URI(client.computeFinalCallbackUrl(webContext));
grantList.add(new AuthorizationCodeGrant(initialAuthorizationCode, callbackUri));
} catch (URISyntaxException e) {
LOGGER.debug("Problem computing callback url. Cannot add authorization code grant.");
}
}
// try to get id token using refresh token and authorization code
for (AuthorizationGrant grant : grantList) {
try {
trySendingGrantAndPopulatingCredentials(grant, credentials, webContext);
if (credentials.getIdToken() != null) {
break;
}
} catch (IOException | ParseException e) {
LOGGER.debug("Problem sending grant ({}).", grant, e);
}
}
// try to get id token using access token
if (credentials.getIdToken() == null && initialAccessToken != null) {
final UserInfoRequest userInfoRequest = new UserInfoRequest(metadata.getUserInfoEndpointURI(), Method.GET, new BearerAccessToken(initialAccessToken.toString()));
final HTTPRequest userInfoHttpRequest = userInfoRequest.toHTTPRequest();
try {
final HTTPResponse httpResponse = userInfoHttpRequest.send();
final UserInfoResponse userInfoResponse = UserInfoResponse.parse(httpResponse);
if (userInfoResponse instanceof UserInfoSuccessResponse) {
final UserInfoSuccessResponse userInfoSuccessResponse = (UserInfoSuccessResponse) userInfoResponse;
JWT idToken = userInfoSuccessResponse.getUserInfoJWT();
if (idToken == null && userInfoSuccessResponse.getUserInfo().toJWTClaimsSet() != null) {
idToken = new PlainJWT(userInfoSuccessResponse.getUserInfo().toJWTClaimsSet());
}
OidcTokenValidator.validateUserInfoIdToken(idToken, resourceRetriever, metadata);
credentials.setIdToken(idToken);
} else {
throw new TechnicalException("Received a non-successful UserInfoResponse.");
}
} catch (IOException | ParseException | OidcValidationException e) {
LOGGER.debug("Problem retrieving id token using access token.", e);
throw new TechnicalException(e);
}
}
}
Also used :
AuthorizationCode(com.nimbusds.oauth2.sdk.AuthorizationCode)
HTTPRequest(com.nimbusds.oauth2.sdk.http.HTTPRequest)
PlainJWT(com.nimbusds.jwt.PlainJWT)
TechnicalException(org.pac4j.core.exception.TechnicalException)
UserInfoSuccessResponse(com.nimbusds.openid.connect.sdk.UserInfoSuccessResponse)
PlainJWT(com.nimbusds.jwt.PlainJWT)
JWT(com.nimbusds.jwt.JWT)
RefreshTokenGrant(com.nimbusds.oauth2.sdk.RefreshTokenGrant)
HTTPResponse(com.nimbusds.oauth2.sdk.http.HTTPResponse)
ArrayList(java.util.ArrayList)
UserInfoRequest(com.nimbusds.openid.connect.sdk.UserInfoRequest)
URISyntaxException(java.net.URISyntaxException)
IOException(java.io.IOException)
URI(java.net.URI)
OidcValidationException(org.codice.ddf.security.oidc.validator.OidcValidationException)
RefreshToken(com.nimbusds.oauth2.sdk.token.RefreshToken)
AuthorizationCodeGrant(com.nimbusds.oauth2.sdk.AuthorizationCodeGrant)
AccessToken(com.nimbusds.oauth2.sdk.token.AccessToken)
BearerAccessToken(com.nimbusds.oauth2.sdk.token.BearerAccessToken)
ParseException(com.nimbusds.oauth2.sdk.ParseException)
BearerAccessToken(com.nimbusds.oauth2.sdk.token.BearerAccessToken)
UserInfoResponse(com.nimbusds.openid.connect.sdk.UserInfoResponse)
AuthorizationGrant(com.nimbusds.oauth2.sdk.AuthorizationGrant)
Example 53 with TechnicalException
use of org.pac4j.core.exception.TechnicalException in project knox by apache.
the class KnoxSessionStore method uncompressDecryptBase64.
private Serializable uncompressDecryptBase64(final String v) {
if (v != null && !v.isEmpty()) {
byte[] bytes = Base64.decodeBase64(v);
EncryptionResult result = EncryptionResult.fromByteArray(bytes);
byte[] clear = cryptoService.decryptForCluster(this.clusterName, PAC4J_PASSWORD, result.cipher, result.iv, result.salt);
if (clear != null) {
try {
return javaSerializationHelper.deserializeFromBytes(unCompress(clear));
} catch (IOException e) {
throw new TechnicalException(e);
}
}
}
return null;
}
Also used :
TechnicalException(org.pac4j.core.exception.TechnicalException)
EncryptionResult(org.apache.knox.gateway.services.security.EncryptionResult)
IOException(java.io.IOException)
Example 54 with TechnicalException
use of org.pac4j.core.exception.TechnicalException in project knox by apache.
the class KnoxSessionStore method compressEncryptBase64.
private String compressEncryptBase64(final Object o) {
if (o == null || o.equals("") || (o instanceof Map<?, ?> && ((Map<?, ?>) o).isEmpty())) {
return null;
} else {
byte[] bytes = javaSerializationHelper.serializeToBytes((Serializable) o);
/* compress the data */
try {
bytes = compress(bytes);
if (bytes.length > 3000) {
logger.warn("Cookie too big, it might not be properly set");
}
} catch (final IOException e) {
throw new TechnicalException(e);
}
EncryptionResult result = cryptoService.encryptForCluster(this.clusterName, PAC4J_PASSWORD, bytes);
return Base64.encodeBase64String(result.toByteAray());
}
}
Also used :
TechnicalException(org.pac4j.core.exception.TechnicalException)
EncryptionResult(org.apache.knox.gateway.services.security.EncryptionResult)
IOException(java.io.IOException)
Aggregations
TechnicalException (org.pac4j.core.exception.TechnicalException)54
IOException (java.io.IOException)16
JWT (com.nimbusds.jwt.JWT)6
SignedJWT (com.nimbusds.jwt.SignedJWT)4
HTTPRequest (com.nimbusds.oauth2.sdk.http.HTTPRequest)4
HTTPResponse (com.nimbusds.oauth2.sdk.http.HTTPResponse)4
AccessToken (com.nimbusds.oauth2.sdk.token.AccessToken)4
HttpURLConnection (java.net.HttpURLConnection)4
URI (java.net.URI)4
URISyntaxException (java.net.URISyntaxException)4
URL (java.net.URL)4
ArrayList (java.util.ArrayList)4
OAuthException (com.github.scribejava.core.exceptions.OAuthException)3
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)3
ParseException (com.nimbusds.oauth2.sdk.ParseException)3
BearerAccessToken (com.nimbusds.oauth2.sdk.token.BearerAccessToken)3
BufferedWriter (java.io.BufferedWriter)3
OutputStreamWriter (java.io.OutputStreamWriter)3
HashMap (java.util.HashMap)3
Test (org.junit.Test)3
