Examples with ErrorDTO org.wso2.carbon.apimgt.rest.api.gateway.dto.ErrorDTO used on opensource projects

Example 76 with ErrorDTO

use of org.wso2.carbon.apimgt.rest.api.gateway.dto.ErrorDTO in project carbon-apimgt by wso2.

the class RestApiUtil method getErrorDTO.

/**
 * Returns a generic errorDTO
 *
 * @param message specifies the error message
 * @return A generic errorDTO with the specified details
 */
public static ErrorDTO getErrorDTO(String message, Long code, String description) {
    ErrorDTO errorDTO = new ErrorDTO();
    errorDTO.setCode(code);
    errorDTO.setMoreInfo("");
    errorDTO.setMessage(message);
    errorDTO.setDescription(description);
    return errorDTO;
}

Example 77 with ErrorDTO

use of org.wso2.carbon.apimgt.rest.api.gateway.dto.ErrorDTO in project carbon-apimgt by wso2.

the class RestApiUtil method handleMigrationSpecificPermissionViolations.

/**
 * Handle if any cross tenant access permission violations detected. Cross tenant resources (apis/apps) can be
 * retrieved only by super tenant admin user, only while a migration process(2.6.0 to 3.0.0). APIM server has to be
 * started with the system property 'migrationMode=true' if a migration related exports are to be done.
 *
 * @param targetTenantDomain Tenant domain of which resources are requested
 * @param username           Logged in user name
 * @throws ForbiddenException
 */
public static void handleMigrationSpecificPermissionViolations(String targetTenantDomain, String username) throws ForbiddenException {
    boolean isCrossTenantAccess = !targetTenantDomain.equals(MultitenantUtils.getTenantDomain(username));
    if (!isCrossTenantAccess) {
        return;
    }
    String superAdminRole = null;
    try {
        superAdminRole = ServiceReferenceHolder.getInstance().getRealmService().getTenantUserRealm(MultitenantConstants.SUPER_TENANT_ID).getRealmConfiguration().getAdminRoleName();
    } catch (UserStoreException e) {
        RestApiUtil.handleInternalServerError("Error in getting super admin role name", e, log);
    }
    // check whether logged in user is a super tenant user
    String superTenantDomain = null;
    try {
        superTenantDomain = ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getSuperTenantDomain();
    } catch (UserStoreException e) {
        RestApiUtil.handleInternalServerError("Error in getting the super tenant domain", e, log);
    }
    boolean isSuperTenantUser = RestApiCommonUtil.getLoggedInUserTenantDomain().equals(superTenantDomain);
    if (!isSuperTenantUser) {
        String errorMsg = "Cross Tenant resource access is not allowed for this request. User " + username + " is not allowed to access resources in " + targetTenantDomain + " as the requester is not a super " + "tenant user";
        log.error(errorMsg);
        ErrorDTO errorDTO = getErrorDTO(RestApiConstants.STATUS_FORBIDDEN_MESSAGE_DEFAULT, 403l, errorMsg);
        throw new ForbiddenException(errorDTO);
    }
    // check whether the user has super tenant admin role
    boolean isSuperAdminRoleNameExist = false;
    try {
        isSuperAdminRoleNameExist = APIUtil.isUserInRole(username, superAdminRole);
    } catch (UserStoreException | APIManagementException e) {
        RestApiUtil.handleInternalServerError("Error in checking whether the user has admin role", e, log);
    }
    if (!isSuperAdminRoleNameExist) {
        String errorMsg = "Cross Tenant resource access is not allowed for this request. User " + username + " is not allowed to access resources in " + targetTenantDomain + " as the requester is not a " + "super tenant admin";
        log.error(errorMsg);
        ErrorDTO errorDTO = getErrorDTO(RestApiConstants.STATUS_FORBIDDEN_MESSAGE_DEFAULT, 403l, errorMsg);
        throw new ForbiddenException(errorDTO);
    }
}

Example 78 with ErrorDTO

use of org.wso2.carbon.apimgt.rest.api.gateway.dto.ErrorDTO in project carbon-apimgt by wso2.

the class RestApiUtil method buildMethodNotAllowedException.

/**
 * Returns a new MethodNotAllowedException
 *
 * @param method http method
 * @param resource resource which the method is not allowed
 * @return a new MethodNotAllowedException consists of the error message
 */
public static MethodNotAllowedException buildMethodNotAllowedException(String method, String resource) {
    String description = "Method " + method + " is not supported for " + resource;
    ErrorDTO errorDTO = getErrorDTO(RestApiConstants.STATUS_METHOD_NOT_ALLOWED_MESSAGE_DEFAULT, 405l, description);
    return new MethodNotAllowedException(errorDTO);
}

Example 79 with ErrorDTO

use of org.wso2.carbon.apimgt.rest.api.gateway.dto.ErrorDTO in project carbon-apimgt by wso2.

the class RestApiUtil method buildForbiddenException.

/**
 * Returns a new ForbiddenException
 *
 * @param resource Resource type
 * @param id identifier of the resource
 * @return a new ForbiddenException with the specified details as a response DTO
 */
public static ForbiddenException buildForbiddenException(String resource, String id) {
    String description;
    if (!StringUtils.isEmpty(id)) {
        description = "You don't have permission to access the " + resource + " with Id " + id;
    } else {
        description = "You don't have permission to access the " + resource;
    }
    ErrorDTO errorDTO = getErrorDTO(RestApiConstants.STATUS_FORBIDDEN_MESSAGE_DEFAULT, 403l, description);
    return new ForbiddenException(errorDTO);
}

Example 80 with ErrorDTO

use of org.wso2.carbon.apimgt.rest.api.gateway.dto.ErrorDTO in project carbon-apimgt by wso2.

the class RegistrationServiceImpl method register.

@POST
@Override
public Response register(RegistrationProfile profile) {
    /**
     * sample message to this method
     * {
     * "callbackUrl": "www.google.lk",
     * "clientName": "mdm",
     * "tokenScope": "Production",
     * "owner": "admin",
     * "grantType": "password refresh_token",
     * "saasApp": true
     *}
     */
    Response response;
    String applicationName = null;
    ErrorDTO errorDTO;
    try {
        OAuthAppRequest appRequest = new OAuthAppRequest();
        OAuthApplicationInfo oauthApplicationInfo = new OAuthApplicationInfo();
        OAuthApplicationInfo returnedAPP;
        String loggedInUserTenantDomain;
        String owner = profile.getOwner();
        String authUserName = RestApiCommonUtil.getLoggedInUsername();
        // correct domain
        if (owner != null && authUserName != null) {
            int index = authUserName.indexOf(UserCoreConstants.DOMAIN_SEPARATOR);
            int ownerIndex = owner.indexOf(UserCoreConstants.DOMAIN_SEPARATOR);
            if (index > 0 && ownerIndex < 0) {
                if (!UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME.equalsIgnoreCase(authUserName.substring(0, index)) && owner.equals(authUserName.substring(index + 1))) {
                    if (log.isDebugEnabled()) {
                        log.debug("Update profile user name :" + owner + " with " + authUserName);
                    }
                    owner = authUserName;
                    profile.setOwner(owner);
                }
            }
        }
        // Validates if the application owner and logged in username is same.
        if (authUserName != null && ((authUserName.equals(owner)) || isUserSuperAdmin(authUserName))) {
            if (!isUserAccessAllowed(authUserName)) {
                String errorMsg = "You do not have enough privileges to create an OAuth app";
                log.error("User " + authUserName + " does not have any of subscribe/create/publish privileges " + "to create an OAuth app");
                errorDTO = RestApiUtil.getErrorDTO(RestApiConstants.STATUS_FORBIDDEN_MESSAGE_DEFAULT, 403L, errorMsg);
                response = Response.status(Response.Status.FORBIDDEN).entity(errorDTO).build();
                return response;
            }
            // Getting client credentials from the profile
            String grantTypes = profile.getGrantType();
            oauthApplicationInfo.setClientName(profile.getClientName());
            if (StringUtils.isNotBlank(profile.getCallbackUrl())) {
                oauthApplicationInfo.setCallBackURL(profile.getCallbackUrl());
            } else {
                String[] grantTypeArr = grantTypes.split(" ");
                for (String grantType : grantTypeArr) {
                    if ((grantType.equalsIgnoreCase(ApplicationConstants.AUTHORIZATION_CODE)) || (grantType.equalsIgnoreCase(ApplicationConstants.IMPLICIT_CONST))) {
                        grantTypes = grantTypes.replace(grantType, "");
                    }
                }
            }
            String tokenType = APIConstants.DEFAULT_TOKEN_TYPE;
            String profileTokenType = profile.getTokenType();
            if (StringUtils.isNotEmpty(profileTokenType)) {
                tokenType = profileTokenType;
            }
            oauthApplicationInfo.addParameter(OAUTH_CLIENT_USERNAME, owner);
            oauthApplicationInfo.setClientId("");
            oauthApplicationInfo.setClientSecret("");
            oauthApplicationInfo.setIsSaasApplication(profile.isSaasApp());
            oauthApplicationInfo.setTokenType(tokenType);
            appRequest.setOAuthApplicationInfo(oauthApplicationInfo);
            if (!authUserName.equals(owner)) {
                loggedInUserTenantDomain = MultitenantUtils.getTenantDomain(owner);
            } else {
                loggedInUserTenantDomain = RestApiCommonUtil.getLoggedInUserTenantDomain();
            }
            String userId = (String) oauthApplicationInfo.getParameter(OAUTH_CLIENT_USERNAME);
            String userNameForSP = MultitenantUtils.getTenantAwareUsername(userId);
            // Replace domain separator by "_" if user is coming from a secondary userstore.
            String domain = UserCoreUtil.extractDomainFromName(userNameForSP);
            if (domain != null && !domain.isEmpty() && !UserCoreConstants.PRIMARY_DEFAULT_DOMAIN_NAME.equals(domain)) {
                userNameForSP = userNameForSP.replace(UserCoreConstants.DOMAIN_SEPARATOR, "_");
            }
            applicationName = profile.getClientName();
            ApplicationManagementService applicationManagementService = ApplicationManagementService.getInstance();
            // Check if the application is already exists
            ServiceProvider appServiceProvider = null;
            try {
                appServiceProvider = applicationManagementService.getApplicationExcludingFileBasedSPs(applicationName, loggedInUserTenantDomain);
            } catch (IdentityApplicationManagementException e) {
                log.error("Error occurred while checking the existence of the application " + applicationName, e);
            }
            // Retrieving the existing application
            if (appServiceProvider != null) {
                returnedAPP = this.getExistingApp(applicationName, appServiceProvider.isSaasApp());
            } else {
                // create a new application if the application doesn't exists.
                returnedAPP = this.createApplication(applicationName, appRequest, grantTypes);
            }
            // ReturnedAPP is null
            if (returnedAPP == null) {
                String errorMsg = "OAuth app '" + profile.getClientName() + "' creation or updating failed." + " Dynamic Client Registration Service not available.";
                log.error(errorMsg);
                errorDTO = RestApiUtil.getErrorDTO(RestApiConstants.STATUS_BAD_REQUEST_MESSAGE_DEFAULT, 500L, errorMsg);
                response = Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(errorDTO).build();
            } else {
                if (log.isDebugEnabled()) {
                    log.debug("OAuth app " + profile.getClientName() + " creation successful.");
                }
                response = Response.status(Response.Status.OK).entity(returnedAPP).build();
            }
        } else {
            String errorMsg = "Logged in user '" + authUserName + "' and application owner '" + owner + "' should be same.";
            errorDTO = RestApiUtil.getErrorDTO(RestApiConstants.STATUS_BAD_REQUEST_MESSAGE_DEFAULT, 400L, errorMsg);
            response = Response.status(Response.Status.BAD_REQUEST).entity(errorDTO).build();
        }
    } catch (APIManagementException e) {
        String errorMsg = "Error occurred while trying to create the client application " + applicationName;
        log.error(errorMsg, e);
        errorDTO = RestApiUtil.getErrorDTO(RestApiConstants.STATUS_BAD_REQUEST_MESSAGE_DEFAULT, 500L, errorMsg);
        response = Response.status(Response.Status.BAD_REQUEST).entity(errorDTO).build();
    }
    return response;
}