use of org.wso2.carbon.apimgt.api.ErrorHandler in project carbon-apimgt by wso2.
the class RestApiUtil method getErrorDTO.
/**
* Returns a generic errorDTO
*
* @param errorHandler The error handler object.
* @param paramList map of parameters specific to the error.
* @return A generic errorDTO with the specified details
*/
public static ErrorDTO getErrorDTO(ErrorHandler errorHandler, Map<String, String> paramList) {
ErrorDTO errorDTO = new ErrorDTO();
errorDTO.setCode(errorHandler.getErrorCode());
errorDTO.setMoreInfo(paramList);
errorDTO.setMessage(errorHandler.getErrorMessage());
errorDTO.setDescription(errorHandler.getErrorDescription());
return errorDTO;
}
use of org.wso2.carbon.apimgt.api.ErrorHandler in project carbon-apimgt by wso2.
the class RestApiUtil method getErrorDTO.
/**
* Return errorDTO object. This method accept APIMGTException as a parameter so we can set the e.getMessage
* directly to the errorDTO.
*
* @param errorHandler Error Handler object.
* @param paramList Parameter list
* @param e APIMGTException object.
* @return ErrorDTO Object.
*/
public static ErrorDTO getErrorDTO(ErrorHandler errorHandler, HashMap<String, String> paramList, APIManagementException e) {
ErrorDTO errorDTO = new ErrorDTO();
errorDTO.setCode(errorHandler.getErrorCode());
errorDTO.setMoreInfo(paramList);
if (e.getMessage() == null) {
errorDTO.setMessage(errorHandler.getErrorMessage());
} else {
errorDTO.setMessage(e.getMessage());
}
errorDTO.setDescription(errorHandler.getErrorDescription());
return errorDTO;
}
use of org.wso2.carbon.apimgt.api.ErrorHandler in project carbon-apimgt by wso2.
the class RestApiUtil method getErrorDTO.
/**
* Returns a generic errorDTO
*
* @param errorHandler The error handler object.
* @return A generic errorDTO with the specified details
*/
public static ErrorDTO getErrorDTO(ErrorHandler errorHandler) {
ErrorDTO errorDTO = new ErrorDTO();
errorDTO.setCode(errorHandler.getErrorCode());
errorDTO.setMessage(errorHandler.getErrorMessage());
errorDTO.setDescription(errorHandler.getErrorDescription());
return errorDTO;
}
use of org.wso2.carbon.apimgt.api.ErrorHandler in project carbon-apimgt by wso2.
the class OAuth2Authenticator method authenticate.
/*
* This method performs authentication and authorization
* @param Request
* @param Response
* @param ServiceMethodInfo
* throws Exception
* */
@Override
public boolean authenticate(Request request, Response responder, ServiceMethodInfo serviceMethodInfo) throws APIMgtSecurityException {
ErrorHandler errorHandler = null;
boolean isTokenValid = false;
HttpHeaders headers = request.getHeaders();
boolean isCookieHeaderPresent = false;
boolean isAuthorizationHeaderPresent = false;
if (request.getHeader(RestApiConstants.COOKIE_HEADER) != null) {
isCookieHeaderPresent = true;
}
if (request.getHeader(RestApiConstants.AUTHORIZATION_HTTP_HEADER) != null) {
isAuthorizationHeaderPresent = true;
}
if (headers != null && isCookieHeaderPresent && isCookieExists(request, APIConstants.AccessTokenConstants.AM_TOKEN_MSF4J)) {
String accessToken = null;
String cookies = request.getHeader(RestApiConstants.COOKIE_HEADER);
String partialTokenFromCookie = extractPartialAccessTokenFromCookie(cookies);
if (partialTokenFromCookie != null && isAuthorizationHeaderPresent) {
String authHeader = request.getHeader(RestApiConstants.AUTHORIZATION_HTTP_HEADER);
String partialTokenFromHeader = extractAccessToken(authHeader);
accessToken = (partialTokenFromHeader != null) ? partialTokenFromHeader + partialTokenFromCookie : partialTokenFromCookie;
}
isTokenValid = validateTokenAndScopes(request, serviceMethodInfo, accessToken);
request.setProperty(LOGGED_IN_USER, getEndUserName(accessToken));
} else if (headers != null && isAuthorizationHeaderPresent) {
String authHeader = request.getHeader(RestApiConstants.AUTHORIZATION_HTTP_HEADER);
String accessToken = extractAccessToken(authHeader);
if (accessToken != null) {
isTokenValid = validateTokenAndScopes(request, serviceMethodInfo, accessToken);
request.setProperty(LOGGED_IN_USER, getEndUserName(accessToken));
}
} else {
throw new APIMgtSecurityException("Missing Authorization header in the request.`", ExceptionCodes.MALFORMED_AUTHORIZATION_HEADER_OAUTH);
}
return isTokenValid;
}
use of org.wso2.carbon.apimgt.api.ErrorHandler in project carbon-apimgt by wso2.
the class RESTAPISecurityInterceptor method handleSecurityError.
/**
* Handles error condition
*
* @param errorHandler Security error code
* @param responder HttpResponder instance which is used send error messages back to the client
*/
private void handleSecurityError(ErrorHandler errorHandler, Response responder) {
HashMap<String, String> paramList = new HashMap<>();
ErrorDTO errorDTO = RestApiUtil.getErrorDTO(errorHandler, paramList);
responder.setStatus(errorHandler.getHttpStatusCode());
responder.setHeader(javax.ws.rs.core.HttpHeaders.WWW_AUTHENTICATE, RestApiConstants.AUTH_TYPE_OAUTH2);
responder.setEntity(errorDTO);
responder.setMediaType(MediaType.APPLICATION_JSON);
responder.send();
}
Aggregations