use of org.wso2.carbon.identity.entitlement.endpoint.exception.RequestParseException in project carbon-identity-framework by wso2.
the class JSONRequestParser method jsonAttributeSeperator.
/**
* This is to seperate JSON to attributes
* @param jsonAttribute - the map of category string and the JSON Element
* @param jsonCategory - the main object category
* @param categories - the set of categories
* @throws RequestParseException
* @throws UnknownIdentifierException
*/
private static void jsonAttributeSeperator(Map.Entry<String, JsonElement> jsonAttribute, JsonObject jsonCategory, Set<Attributes> categories) throws RequestParseException, UnknownIdentifierException {
Node content = null;
URI category = null;
Set<Attribute> attributes = null;
String id = null;
if (EntitlementEndpointConstants.CATEGORY_DEFAULT.equals(jsonAttribute.getKey())) {
if (jsonCategory.has(EntitlementEndpointConstants.CATEGORY_ID)) {
category = stringCateogryToURI(jsonCategory.get(EntitlementEndpointConstants.CATEGORY_ID).getAsString());
}
} else {
if (category == null) {
category = stringCateogryToURI(jsonAttribute.getKey());
}
if (jsonCategory.has(EntitlementEndpointConstants.ID)) {
id = jsonCategory.get(EntitlementEndpointConstants.ID).getAsString();
}
if (jsonCategory.has(EntitlementEndpointConstants.CONTENT)) {
DocumentBuilderFactory dbf;
Document doc = null;
String xmlContent = stringContentToXMLContent(jsonCategory.get(EntitlementEndpointConstants.CONTENT).getAsString());
dbf = IdentityUtil.getSecuredDocumentBuilderFactory();
dbf.setNamespaceAware(true);
try (ByteArrayInputStream inputStream = new ByteArrayInputStream(xmlContent.getBytes())) {
doc = dbf.newDocumentBuilder().parse(inputStream);
} catch (Exception e) {
throw new JsonParseException("DOM of request element can not be created from String.", e);
}
if (doc != null) {
content = doc.getDocumentElement();
}
}
// Add all category attributes
if (jsonCategory.has(EntitlementEndpointConstants.ATTRIBUTE)) {
if (jsonCategory.get(EntitlementEndpointConstants.ATTRIBUTE).isJsonArray()) {
attributes = new HashSet<>();
for (JsonElement jsonElement : jsonCategory.get(EntitlementEndpointConstants.ATTRIBUTE).getAsJsonArray()) {
attributes.add(jsonObjectToAttribute(jsonElement.getAsJsonObject()));
}
}
}
}
// Build the Attributes object using above values
Attributes attributesObj = new Attributes(category, content, attributes, id);
categories.add(attributesObj);
}
use of org.wso2.carbon.identity.entitlement.endpoint.exception.RequestParseException in project carbon-identity-framework by wso2.
the class JSONRequestParser method parse.
/**
* Static method that will convert a XACML JSON Request to a <code>{@link RequestCtx}</code> instance
*
* @param jsonRequest <code>String</code> with JSON request
* @return <code>{@link RequestCtx}</code> instance that can be used to evaluate on Balana
* @throws JsonParseException <code>{@link JsonParseException}</code>
* @throws RequestParseException <code>{@link RequestParseException}</code>
* @throws UnknownIdentifierException <code>{@link UnknownIdentifierException}</code>
*/
public static RequestCtx parse(String jsonRequest) throws JsonParseException, RequestParseException, UnknownIdentifierException {
JsonObject requestObject = null;
Set<Attributes> categories = new HashSet<>();
boolean returnPolicyIdList = false;
boolean combinedDecision = false;
MultiRequests multiRequests = null;
RequestDefaults requestDefaults = null;
try {
requestObject = gson.fromJson(jsonRequest, JsonObject.class);
requestObject = requestObject.get("Request").getAsJsonObject();
} catch (Exception e) {
throw new JsonParseException("Error in JSON Request String");
}
Set<Map.Entry<String, JsonElement>> jsonAttributes = requestObject.entrySet();
for (Map.Entry<String, JsonElement> jsonAttribute : jsonAttributes) {
if (jsonAttribute.getValue().isJsonPrimitive()) {
switch(jsonAttribute.getKey()) {
case XACMLConstants.RETURN_POLICY_LIST:
if (jsonAttribute.getValue().getAsBoolean() == true) {
returnPolicyIdList = true;
}
break;
case XACMLConstants.COMBINE_DECISION:
if (jsonAttribute.getValue().getAsBoolean() == true) {
combinedDecision = true;
}
break;
case EntitlementEndpointConstants.XPATH_VERSION:
String xPathVersion = jsonAttribute.getValue().getAsString();
requestDefaults = new RequestDefaults(xPathVersion);
break;
}
} else if (!jsonAttribute.getValue().isJsonNull()) {
JsonObject jsonCategory = null;
if (jsonAttribute.getValue().isJsonObject()) {
jsonCategory = jsonAttribute.getValue().getAsJsonObject();
jsonAttributeSeperator(jsonAttribute, jsonCategory, categories);
} else if (jsonAttribute.getValue().isJsonArray()) {
for (JsonElement jsonElement : jsonAttribute.getValue().getAsJsonArray()) {
jsonCategory = jsonElement.getAsJsonObject();
jsonAttributeSeperator(jsonAttribute, jsonCategory, categories);
}
} else if (EntitlementEndpointConstants.MULTI_REQUESTS.equals(jsonAttribute.getKey())) {
Set<Map.Entry<String, JsonElement>> jsonRequestReferences = jsonCategory.entrySet();
Set<RequestReference> requestReferences = new HashSet<>();
if (jsonRequestReferences.isEmpty()) {
throw new RequestParseException("MultiRequest should contain at least one Reference Request");
}
for (Map.Entry<String, JsonElement> jsonRequstReference : jsonRequestReferences) {
requestReferences.add(jsonObjectToRequestReference(jsonRequstReference.getValue().getAsJsonObject()));
}
multiRequests = new MultiRequests(requestReferences);
}
}
}
return new RequestCtx(null, categories, returnPolicyIdList, combinedDecision, multiRequests, requestDefaults);
}
use of org.wso2.carbon.identity.entitlement.endpoint.exception.RequestParseException in project carbon-identity-framework by wso2.
the class JSONRequestParser method jsonObjectToAttribute.
/**
* Private methods used by the parser to convert a given <code>{@link JsonObject}</code>
* to a Balana <code>{@link Attribute}</code>
*
* @param jsonObject <code>{@link JsonObject}</code> representing the Attributes
* @return <code>{@link Attribute}</code>
* @throws RequestParseException
* @throws UnknownIdentifierException
*/
private static Attribute jsonObjectToAttribute(JsonObject jsonObject) throws RequestParseException, UnknownIdentifierException {
URI id = null;
URI type = stringAttributeToURI(EntitlementEndpointConstants.ATTRIBUTE_DATA_TYPE_STRING);
boolean includeInResult = false;
String issuer = null;
List<AttributeValue> attributeValues = new ArrayList<>();
Set<Map.Entry<String, JsonElement>> properties = jsonObject.entrySet();
for (Map.Entry<String, JsonElement> property : properties) {
if (property.getValue().isJsonPrimitive()) {
switch(property.getKey()) {
case EntitlementEndpointConstants.ATTRIBUTE_ID:
id = stringAttributeToURI(property.getValue().getAsString());
break;
case EntitlementEndpointConstants.ATTRIBUTE_ISSUER:
issuer = property.getValue().getAsString();
break;
case EntitlementEndpointConstants.ATTRIBUTE_INCLUDE_IN_RESULT:
includeInResult = property.getValue().getAsBoolean();
break;
case EntitlementEndpointConstants.ATTRIBUTE_DATA_TYPE:
type = stringAttributeToURI(property.getValue().getAsString());
break;
case EntitlementEndpointConstants.ATTRIBUTE_VALUE:
URI dataType = stringAttributeToURI(jsonElementToDataType(property.getValue().getAsJsonPrimitive()));
// If a recognizable data type is given, it should replace the above
if (type.equals(stringAttributeToURI(EntitlementEndpointConstants.ATTRIBUTE_DATA_TYPE_STRING)) && dataType != null) {
type = dataType;
}
attributeValues.add(getAttributeValue(property.getValue().getAsString(), dataType, type));
}
} else if (property.getValue().isJsonArray()) {
if (property.getKey().equals(EntitlementEndpointConstants.ATTRIBUTE_VALUE)) {
JsonArray valueArray = property.getValue().getAsJsonArray();
for (JsonElement value : valueArray) {
if (value.isJsonPrimitive()) {
// check if each value's data type can be determined
URI dataType = stringAttributeToURI(jsonElementToDataType(value.getAsJsonPrimitive()));
attributeValues.add(getAttributeValue(value.getAsString(), dataType, type));
}
}
}
/*
Todo: Spec mentions resolve the type by checking all elements at the end
*/
}
}
if (id == null) {
throw new RequestParseException("Attribute Id should be set");
}
if (attributeValues.isEmpty()) {
throw new RequestParseException("Attribute should have at least one value");
}
return new Attribute(id, type, issuer, null, attributeValues, includeInResult, XACMLConstants.XACML_VERSION_3_0);
}
use of org.wso2.carbon.identity.entitlement.endpoint.exception.RequestParseException in project carbon-identity-framework by wso2.
the class DecisionResource method getEntitledAttributes.
/**
* API endpoint for returning entitled attributes for a give set of parameters
*
* @return EntitledAttributesResponse object
*/
@POST
@Path("entitled-attribs")
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@ApiOperation(value = "Get entitled attributes for a given set of parameters", response = EntitledAttributesResponseModel.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "Entitled Attributes response", response = EntitledAttributesResponseModel.class), @ApiResponse(code = 40010, message = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_MESSAGE, response = ExceptionBean.class), @ApiResponse(code = 40020, message = EntitlementEndpointConstants.ERROR_REQUEST_PARSE_MESSAGE, response = ExceptionBean.class), @ApiResponse(code = 40010, message = EntitlementEndpointConstants.ERROR_RESPONSE_READ_MESSAGE, response = ExceptionBean.class) })
public EntitledAttributesResponseModel getEntitledAttributes(@ApiParam(value = "Request Media Type", required = true) @HeaderParam(EntitlementEndpointConstants.ACCEPT_HEADER) String format, @ApiParam(value = "Authentication Type", required = true) @HeaderParam(EntitlementEndpointConstants.AUTHENTICATION_TYPE_HEADER) String authMechanism, @ApiParam(value = "Add HTTP Basic Authorization", required = true) @HeaderParam(EntitlementEndpointConstants.AUTHORIZATION_HEADER) String authorization, @ApiParam(value = "Response Media Type", required = true) @HeaderParam(EntitlementEndpointConstants.CONTENT_TYPE_HEADER) String contentType, @ApiParam(value = "Entitled Attributes Model", required = true) EntitledAttributesRequestModel request) throws Exception {
if (request.getSubjectName() == null) {
log.error("Invalid input data - either the user name or role name should be non-null");
throw new RequestParseException(40022, "Invalid input data - either the user name or role name should be non-null");
}
PolicySearch policySearch = EntitlementEngine.getInstance().getPolicySearch();
EntitledResultSetDTO resultsSet = policySearch.getEntitledAttributes(request.getSubjectName(), request.getResourceName(), request.getSubjectId(), request.getAction(), request.isEnableChildSearch());
EntitledAttributesResponseModel response = new EntitledAttributesResponseModel();
response.setEntitledResultSetDTO(resultsSet);
return response;
}
Aggregations