Search in sources :

Example 1 with RequestParseException

use of org.wso2.carbon.identity.entitlement.endpoint.exception.RequestParseException in project carbon-identity-framework by wso2.

the class JSONRequestParser method jsonAttributeSeperator.

/**
 * This is to seperate JSON to attributes
 * @param jsonAttribute - the map of category string and the JSON Element
 * @param jsonCategory - the  main object category
 * @param categories - the set of categories
 * @throws RequestParseException
 * @throws UnknownIdentifierException
 */
private static void jsonAttributeSeperator(Map.Entry<String, JsonElement> jsonAttribute, JsonObject jsonCategory, Set<Attributes> categories) throws RequestParseException, UnknownIdentifierException {
    Node content = null;
    URI category = null;
    Set<Attribute> attributes = null;
    String id = null;
    if (EntitlementEndpointConstants.CATEGORY_DEFAULT.equals(jsonAttribute.getKey())) {
        if (jsonCategory.has(EntitlementEndpointConstants.CATEGORY_ID)) {
            category = stringCateogryToURI(jsonCategory.get(EntitlementEndpointConstants.CATEGORY_ID).getAsString());
        }
    } else {
        if (category == null) {
            category = stringCateogryToURI(jsonAttribute.getKey());
        }
        if (jsonCategory.has(EntitlementEndpointConstants.ID)) {
            id = jsonCategory.get(EntitlementEndpointConstants.ID).getAsString();
        }
        if (jsonCategory.has(EntitlementEndpointConstants.CONTENT)) {
            DocumentBuilderFactory dbf;
            Document doc = null;
            String xmlContent = stringContentToXMLContent(jsonCategory.get(EntitlementEndpointConstants.CONTENT).getAsString());
            dbf = IdentityUtil.getSecuredDocumentBuilderFactory();
            dbf.setNamespaceAware(true);
            try (ByteArrayInputStream inputStream = new ByteArrayInputStream(xmlContent.getBytes())) {
                doc = dbf.newDocumentBuilder().parse(inputStream);
            } catch (Exception e) {
                throw new JsonParseException("DOM of request element can not be created from String.", e);
            }
            if (doc != null) {
                content = doc.getDocumentElement();
            }
        }
        // Add all category attributes
        if (jsonCategory.has(EntitlementEndpointConstants.ATTRIBUTE)) {
            if (jsonCategory.get(EntitlementEndpointConstants.ATTRIBUTE).isJsonArray()) {
                attributes = new HashSet<>();
                for (JsonElement jsonElement : jsonCategory.get(EntitlementEndpointConstants.ATTRIBUTE).getAsJsonArray()) {
                    attributes.add(jsonObjectToAttribute(jsonElement.getAsJsonObject()));
                }
            }
        }
    }
    // Build the Attributes object using above values
    Attributes attributesObj = new Attributes(category, content, attributes, id);
    categories.add(attributesObj);
}
Also used : DocumentBuilderFactory(javax.xml.parsers.DocumentBuilderFactory) Attribute(org.wso2.balana.ctx.Attribute) Node(org.w3c.dom.Node) Attributes(org.wso2.balana.xacml3.Attributes) Document(org.w3c.dom.Document) JsonParseException(com.google.gson.JsonParseException) URI(java.net.URI) JsonParseException(com.google.gson.JsonParseException) RequestParseException(org.wso2.carbon.identity.entitlement.endpoint.exception.RequestParseException) UnknownIdentifierException(org.wso2.balana.UnknownIdentifierException) ByteArrayInputStream(java.io.ByteArrayInputStream) JsonElement(com.google.gson.JsonElement)

Example 2 with RequestParseException

use of org.wso2.carbon.identity.entitlement.endpoint.exception.RequestParseException in project carbon-identity-framework by wso2.

the class JSONRequestParser method parse.

/**
 * Static method that will convert a XACML JSON Request to a <code>{@link RequestCtx}</code> instance
 *
 * @param jsonRequest <code>String</code> with JSON request
 * @return <code>{@link RequestCtx}</code> instance that can be used to evaluate on Balana
 * @throws JsonParseException         <code>{@link JsonParseException}</code>
 * @throws RequestParseException      <code>{@link RequestParseException}</code>
 * @throws UnknownIdentifierException <code>{@link UnknownIdentifierException}</code>
 */
public static RequestCtx parse(String jsonRequest) throws JsonParseException, RequestParseException, UnknownIdentifierException {
    JsonObject requestObject = null;
    Set<Attributes> categories = new HashSet<>();
    boolean returnPolicyIdList = false;
    boolean combinedDecision = false;
    MultiRequests multiRequests = null;
    RequestDefaults requestDefaults = null;
    try {
        requestObject = gson.fromJson(jsonRequest, JsonObject.class);
        requestObject = requestObject.get("Request").getAsJsonObject();
    } catch (Exception e) {
        throw new JsonParseException("Error in JSON Request String");
    }
    Set<Map.Entry<String, JsonElement>> jsonAttributes = requestObject.entrySet();
    for (Map.Entry<String, JsonElement> jsonAttribute : jsonAttributes) {
        if (jsonAttribute.getValue().isJsonPrimitive()) {
            switch(jsonAttribute.getKey()) {
                case XACMLConstants.RETURN_POLICY_LIST:
                    if (jsonAttribute.getValue().getAsBoolean() == true) {
                        returnPolicyIdList = true;
                    }
                    break;
                case XACMLConstants.COMBINE_DECISION:
                    if (jsonAttribute.getValue().getAsBoolean() == true) {
                        combinedDecision = true;
                    }
                    break;
                case EntitlementEndpointConstants.XPATH_VERSION:
                    String xPathVersion = jsonAttribute.getValue().getAsString();
                    requestDefaults = new RequestDefaults(xPathVersion);
                    break;
            }
        } else if (!jsonAttribute.getValue().isJsonNull()) {
            JsonObject jsonCategory = null;
            if (jsonAttribute.getValue().isJsonObject()) {
                jsonCategory = jsonAttribute.getValue().getAsJsonObject();
                jsonAttributeSeperator(jsonAttribute, jsonCategory, categories);
            } else if (jsonAttribute.getValue().isJsonArray()) {
                for (JsonElement jsonElement : jsonAttribute.getValue().getAsJsonArray()) {
                    jsonCategory = jsonElement.getAsJsonObject();
                    jsonAttributeSeperator(jsonAttribute, jsonCategory, categories);
                }
            } else if (EntitlementEndpointConstants.MULTI_REQUESTS.equals(jsonAttribute.getKey())) {
                Set<Map.Entry<String, JsonElement>> jsonRequestReferences = jsonCategory.entrySet();
                Set<RequestReference> requestReferences = new HashSet<>();
                if (jsonRequestReferences.isEmpty()) {
                    throw new RequestParseException("MultiRequest should contain at least one Reference Request");
                }
                for (Map.Entry<String, JsonElement> jsonRequstReference : jsonRequestReferences) {
                    requestReferences.add(jsonObjectToRequestReference(jsonRequstReference.getValue().getAsJsonObject()));
                }
                multiRequests = new MultiRequests(requestReferences);
            }
        }
    }
    return new RequestCtx(null, categories, returnPolicyIdList, combinedDecision, multiRequests, requestDefaults);
}
Also used : HashSet(java.util.HashSet) Set(java.util.Set) Attributes(org.wso2.balana.xacml3.Attributes) JsonObject(com.google.gson.JsonObject) MultiRequests(org.wso2.balana.xacml3.MultiRequests) RequestDefaults(org.wso2.balana.xacml3.RequestDefaults) JsonParseException(com.google.gson.JsonParseException) JsonParseException(com.google.gson.JsonParseException) RequestParseException(org.wso2.carbon.identity.entitlement.endpoint.exception.RequestParseException) UnknownIdentifierException(org.wso2.balana.UnknownIdentifierException) RequestParseException(org.wso2.carbon.identity.entitlement.endpoint.exception.RequestParseException) JsonElement(com.google.gson.JsonElement) Map(java.util.Map) HashSet(java.util.HashSet) RequestCtx(org.wso2.balana.ctx.xacml3.RequestCtx)

Example 3 with RequestParseException

use of org.wso2.carbon.identity.entitlement.endpoint.exception.RequestParseException in project carbon-identity-framework by wso2.

the class JSONRequestParser method jsonObjectToAttribute.

/**
 * Private methods used by the parser to convert a given <code>{@link JsonObject}</code>
 * to a Balana <code>{@link Attribute}</code>
 *
 * @param jsonObject <code>{@link JsonObject}</code> representing the Attributes
 * @return <code>{@link Attribute}</code>
 * @throws RequestParseException
 * @throws UnknownIdentifierException
 */
private static Attribute jsonObjectToAttribute(JsonObject jsonObject) throws RequestParseException, UnknownIdentifierException {
    URI id = null;
    URI type = stringAttributeToURI(EntitlementEndpointConstants.ATTRIBUTE_DATA_TYPE_STRING);
    boolean includeInResult = false;
    String issuer = null;
    List<AttributeValue> attributeValues = new ArrayList<>();
    Set<Map.Entry<String, JsonElement>> properties = jsonObject.entrySet();
    for (Map.Entry<String, JsonElement> property : properties) {
        if (property.getValue().isJsonPrimitive()) {
            switch(property.getKey()) {
                case EntitlementEndpointConstants.ATTRIBUTE_ID:
                    id = stringAttributeToURI(property.getValue().getAsString());
                    break;
                case EntitlementEndpointConstants.ATTRIBUTE_ISSUER:
                    issuer = property.getValue().getAsString();
                    break;
                case EntitlementEndpointConstants.ATTRIBUTE_INCLUDE_IN_RESULT:
                    includeInResult = property.getValue().getAsBoolean();
                    break;
                case EntitlementEndpointConstants.ATTRIBUTE_DATA_TYPE:
                    type = stringAttributeToURI(property.getValue().getAsString());
                    break;
                case EntitlementEndpointConstants.ATTRIBUTE_VALUE:
                    URI dataType = stringAttributeToURI(jsonElementToDataType(property.getValue().getAsJsonPrimitive()));
                    // If a recognizable data type is given, it should replace the above
                    if (type.equals(stringAttributeToURI(EntitlementEndpointConstants.ATTRIBUTE_DATA_TYPE_STRING)) && dataType != null) {
                        type = dataType;
                    }
                    attributeValues.add(getAttributeValue(property.getValue().getAsString(), dataType, type));
            }
        } else if (property.getValue().isJsonArray()) {
            if (property.getKey().equals(EntitlementEndpointConstants.ATTRIBUTE_VALUE)) {
                JsonArray valueArray = property.getValue().getAsJsonArray();
                for (JsonElement value : valueArray) {
                    if (value.isJsonPrimitive()) {
                        // check if each value's data type can be determined
                        URI dataType = stringAttributeToURI(jsonElementToDataType(value.getAsJsonPrimitive()));
                        attributeValues.add(getAttributeValue(value.getAsString(), dataType, type));
                    }
                }
            }
        /*
                Todo: Spec mentions resolve the type by checking all elements at the end
                 */
        }
    }
    if (id == null) {
        throw new RequestParseException("Attribute Id should be set");
    }
    if (attributeValues.isEmpty()) {
        throw new RequestParseException("Attribute should have at least one value");
    }
    return new Attribute(id, type, issuer, null, attributeValues, includeInResult, XACMLConstants.XACML_VERSION_3_0);
}
Also used : AttributeValue(org.wso2.balana.attr.AttributeValue) Attribute(org.wso2.balana.ctx.Attribute) ArrayList(java.util.ArrayList) URI(java.net.URI) JsonArray(com.google.gson.JsonArray) RequestParseException(org.wso2.carbon.identity.entitlement.endpoint.exception.RequestParseException) JsonElement(com.google.gson.JsonElement) Map(java.util.Map)

Example 4 with RequestParseException

use of org.wso2.carbon.identity.entitlement.endpoint.exception.RequestParseException in project carbon-identity-framework by wso2.

the class DecisionResource method getEntitledAttributes.

/**
 * API endpoint for returning entitled attributes for a give set of parameters
 *
 * @return EntitledAttributesResponse object
 */
@POST
@Path("entitled-attribs")
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@ApiOperation(value = "Get entitled attributes for a given set of parameters", response = EntitledAttributesResponseModel.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "Entitled Attributes response", response = EntitledAttributesResponseModel.class), @ApiResponse(code = 40010, message = EntitlementEndpointConstants.ERROR_UNAUTHORIZED_MESSAGE, response = ExceptionBean.class), @ApiResponse(code = 40020, message = EntitlementEndpointConstants.ERROR_REQUEST_PARSE_MESSAGE, response = ExceptionBean.class), @ApiResponse(code = 40010, message = EntitlementEndpointConstants.ERROR_RESPONSE_READ_MESSAGE, response = ExceptionBean.class) })
public EntitledAttributesResponseModel getEntitledAttributes(@ApiParam(value = "Request Media Type", required = true) @HeaderParam(EntitlementEndpointConstants.ACCEPT_HEADER) String format, @ApiParam(value = "Authentication Type", required = true) @HeaderParam(EntitlementEndpointConstants.AUTHENTICATION_TYPE_HEADER) String authMechanism, @ApiParam(value = "Add HTTP Basic Authorization", required = true) @HeaderParam(EntitlementEndpointConstants.AUTHORIZATION_HEADER) String authorization, @ApiParam(value = "Response Media Type", required = true) @HeaderParam(EntitlementEndpointConstants.CONTENT_TYPE_HEADER) String contentType, @ApiParam(value = "Entitled Attributes Model", required = true) EntitledAttributesRequestModel request) throws Exception {
    if (request.getSubjectName() == null) {
        log.error("Invalid input data - either the user name or role name should be non-null");
        throw new RequestParseException(40022, "Invalid input data - either the user name or role name should be non-null");
    }
    PolicySearch policySearch = EntitlementEngine.getInstance().getPolicySearch();
    EntitledResultSetDTO resultsSet = policySearch.getEntitledAttributes(request.getSubjectName(), request.getResourceName(), request.getSubjectId(), request.getAction(), request.isEnableChildSearch());
    EntitledAttributesResponseModel response = new EntitledAttributesResponseModel();
    response.setEntitledResultSetDTO(resultsSet);
    return response;
}
Also used : RequestParseException(org.wso2.carbon.identity.entitlement.endpoint.exception.RequestParseException) EntitledAttributesResponseModel(org.wso2.carbon.identity.entitlement.endpoint.resources.models.EntitledAttributesResponseModel) PolicySearch(org.wso2.carbon.identity.entitlement.policy.search.PolicySearch) EntitledResultSetDTO(org.wso2.carbon.identity.entitlement.dto.EntitledResultSetDTO) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Produces(javax.ws.rs.Produces) Consumes(javax.ws.rs.Consumes) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Aggregations

RequestParseException (org.wso2.carbon.identity.entitlement.endpoint.exception.RequestParseException)4 JsonElement (com.google.gson.JsonElement)3 JsonParseException (com.google.gson.JsonParseException)2 URI (java.net.URI)2 Map (java.util.Map)2 UnknownIdentifierException (org.wso2.balana.UnknownIdentifierException)2 Attribute (org.wso2.balana.ctx.Attribute)2 Attributes (org.wso2.balana.xacml3.Attributes)2 JsonArray (com.google.gson.JsonArray)1 JsonObject (com.google.gson.JsonObject)1 ApiOperation (io.swagger.annotations.ApiOperation)1 ApiResponses (io.swagger.annotations.ApiResponses)1 ByteArrayInputStream (java.io.ByteArrayInputStream)1 ArrayList (java.util.ArrayList)1 HashSet (java.util.HashSet)1 Set (java.util.Set)1 Consumes (javax.ws.rs.Consumes)1 POST (javax.ws.rs.POST)1 Path (javax.ws.rs.Path)1 Produces (javax.ws.rs.Produces)1