Search in sources :

Example 1 with TokenEndpointBadRequestException

use of org.wso2.carbon.identity.oauth.endpoint.exception.TokenEndpointBadRequestException in project identity-inbound-auth-oauth by wso2-extensions.

the class EndpointUtil method parseJsonTokenRequest.

public static Map<String, List<String>> parseJsonTokenRequest(String jsonPayload) throws TokenEndpointBadRequestException {
    JsonFactory factory = new JsonFactory();
    Map<String, List<String>> requestParams = new HashMap<>();
    try {
        JsonParser parser = factory.createParser(jsonPayload);
        // Skip the first START_OBJECT token. i.e the beginning of the payload: '{'.
        parser.nextToken();
        while (!parser.isClosed()) {
            JsonToken currentToken = parser.nextToken();
            if (currentToken == null) {
                continue;
            }
            if (currentToken.isScalarValue()) {
                // If the current token is a scalar value, add it to a map along with the corresponding json key.
                String key = parser.currentName();
                String value = parser.getValueAsString();
                requestParams.computeIfAbsent(key, val -> new ArrayList<>()).add(value);
            } else if (currentToken != JsonToken.FIELD_NAME && currentToken != JsonToken.END_OBJECT) {
                // If the current token is a complex value (array or object), flatten the value and add it to map
                // with the corresponding json key.
                String key = parser.currentName();
                String value = (new ObjectMapper()).readTree(parser).toString();
                requestParams.computeIfAbsent(key, val -> new ArrayList<>()).add(value);
            }
        }
    } catch (IOException e) {
        throw new TokenEndpointBadRequestException("Malformed or unsupported request payload", e);
    }
    return requestParams;
}
Also used : StringUtils(org.apache.commons.lang.StringUtils) OAuthServerConfiguration(org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration) Scope(org.wso2.carbon.identity.oauth2.bean.Scope) MultitenantConstants(org.wso2.carbon.utils.multitenancy.MultitenantConstants) Arrays(java.util.Arrays) FrameworkConstants(org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants) OAuth(org.apache.oltu.oauth2.common.OAuth) DefaultOIDCProcessor(org.wso2.carbon.identity.discovery.DefaultOIDCProcessor) SessionDataCacheKey(org.wso2.carbon.identity.oauth.cache.SessionDataCacheKey) IdentityOAuth2ScopeException(org.wso2.carbon.identity.oauth2.IdentityOAuth2ScopeException) OAuth2ScopeConsentResponse(org.wso2.carbon.identity.oauth2.model.OAuth2ScopeConsentResponse) AuthenticationRequestCacheEntry(org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationRequestCacheEntry) OAuth2ErrorCodes(org.wso2.carbon.identity.oauth.common.OAuth2ErrorCodes) Map(java.util.Map) URLBuilderException(org.wso2.carbon.identity.core.URLBuilderException) SessionDataCacheEntry(org.wso2.carbon.identity.oauth.cache.SessionDataCacheEntry) OAuthAdminServiceImpl(org.wso2.carbon.identity.oauth.OAuthAdminServiceImpl) JDBCPermissionBasedInternalScopeValidator(org.wso2.carbon.identity.oauth2.validators.JDBCPermissionBasedInternalScopeValidator) ServiceURLBuilder(org.wso2.carbon.identity.core.ServiceURLBuilder) IdentityOAuth2ScopeServerException(org.wso2.carbon.identity.oauth2.IdentityOAuth2ScopeServerException) Oauth2ScopeUtils(org.wso2.carbon.identity.oauth2.util.Oauth2ScopeUtils) OAuth2Util(org.wso2.carbon.identity.oauth2.util.OAuth2Util) HTTP_REQ_HEADER_AUTH_METHOD_BASIC(org.wso2.carbon.identity.oauth.common.OAuthConstants.HTTP_REQ_HEADER_AUTH_METHOD_BASIC) OAuthClientException(org.wso2.carbon.identity.oauth.common.exception.OAuthClientException) OAuth2Parameters(org.wso2.carbon.identity.oauth2.model.OAuth2Parameters) InvalidRequestException(org.wso2.carbon.identity.oauth.endpoint.exception.InvalidRequestException) OAuthASResponse(org.apache.oltu.oauth2.as.response.OAuthASResponse) Set(java.util.Set) UUID(java.util.UUID) ServiceProvider(org.wso2.carbon.identity.application.common.model.ServiceProvider) Collectors(java.util.stream.Collectors) InvalidOAuthClientException(org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException) List(java.util.List) OAuth2Service(org.wso2.carbon.identity.oauth2.OAuth2Service) UserIdNotFoundException(org.wso2.carbon.identity.application.authentication.framework.exception.UserIdNotFoundException) LogFactory(org.apache.commons.logging.LogFactory) OIDCProcessor(org.wso2.carbon.identity.discovery.OIDCProcessor) FrameworkUtils(org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils) OAuth2ClientValidationResponseDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2ClientValidationResponseDTO) UnsupportedEncodingException(java.io.UnsupportedEncodingException) DefaultOIDCProviderRequestBuilder(org.wso2.carbon.identity.discovery.builders.DefaultOIDCProviderRequestBuilder) OAuth2ScopeService(org.wso2.carbon.identity.oauth2.OAuth2ScopeService) OAuthProblemException(org.apache.oltu.oauth2.common.exception.OAuthProblemException) IdentityOAuth2ScopeConsentException(org.wso2.carbon.identity.oauth2.IdentityOAuth2ScopeConsentException) ApplicationManagementService(org.wso2.carbon.identity.application.mgt.ApplicationManagementService) OAuthAppDO(org.wso2.carbon.identity.oauth.dao.OAuthAppDO) AuthenticationRequest(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationRequest) PrivilegedCarbonContext(org.wso2.carbon.context.PrivilegedCarbonContext) HashMap(java.util.HashMap) APP_STATE_ACTIVE(org.wso2.carbon.identity.oauth.common.OAuthConstants.OauthAppStates.APP_STATE_ACTIVE) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) HttpServletRequest(javax.servlet.http.HttpServletRequest) Encode(org.owasp.encoder.Encode) CollectionUtils(org.apache.commons.collections.CollectionUtils) IdentityOAuthAdminException(org.wso2.carbon.identity.oauth.IdentityOAuthAdminException) Base64Utils(org.apache.axiom.util.base64.Base64Utils) LoggerUtils(org.wso2.carbon.identity.central.log.mgt.utils.LoggerUtils) IdentityOAuth2Exception(org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception) JsonToken(com.fasterxml.jackson.core.JsonToken) SessionDataCache(org.wso2.carbon.identity.oauth.cache.SessionDataCache) WebFingerProcessor(org.wso2.carbon.identity.webfinger.WebFingerProcessor) SSOConsentService(org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.consent.SSOConsentService) IdentityTenantUtil(org.wso2.carbon.identity.core.util.IdentityTenantUtil) OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext) Charsets(org.apache.commons.io.Charsets) JsonParser(com.fasterxml.jackson.core.JsonParser) OAuthConstants(org.wso2.carbon.identity.oauth.common.OAuthConstants) BadRequestException(org.wso2.carbon.identity.oauth.endpoint.exception.BadRequestException) TokenEndpointBadRequestException(org.wso2.carbon.identity.oauth.endpoint.exception.TokenEndpointBadRequestException) Oauth2ScopeConstants(org.wso2.carbon.identity.oauth2.Oauth2ScopeConstants) IdpManager(org.wso2.carbon.idp.mgt.IdpManager) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) HttpServletResponse(javax.servlet.http.HttpServletResponse) CibaAuthServiceImpl(org.wso2.carbon.identity.oauth.ciba.api.CibaAuthServiceImpl) IOException(java.io.IOException) InvalidApplicationClientException(org.wso2.carbon.identity.oauth.endpoint.exception.InvalidApplicationClientException) StringUtils.isNotBlank(org.apache.commons.lang.StringUtils.isNotBlank) ServerConfiguration(org.wso2.carbon.base.ServerConfiguration) TimeUnit(java.util.concurrent.TimeUnit) MultivaluedMap(javax.ws.rs.core.MultivaluedMap) OAuth2TokenValidationService(org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService) URLEncoder(java.net.URLEncoder) JsonFactory(com.fasterxml.jackson.core.JsonFactory) DefaultWebFingerProcessor(org.wso2.carbon.identity.webfinger.DefaultWebFingerProcessor) AuthenticatedUser(org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser) OIDCProviderRequestBuilder(org.wso2.carbon.identity.discovery.builders.OIDCProviderRequestBuilder) OAuthMessage(org.wso2.carbon.identity.oauth.endpoint.message.OAuthMessage) OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException) RequestObjectService(org.wso2.carbon.identity.openidconnect.RequestObjectService) IdentityUtil(org.wso2.carbon.identity.core.util.IdentityUtil) Log(org.apache.commons.logging.Log) FrameworkUtils.getRedirectURL(org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils.getRedirectURL) ArrayUtils(org.apache.commons.lang.ArrayUtils) TokenEndpointBadRequestException(org.wso2.carbon.identity.oauth.endpoint.exception.TokenEndpointBadRequestException) HashMap(java.util.HashMap) JsonFactory(com.fasterxml.jackson.core.JsonFactory) ArrayList(java.util.ArrayList) IOException(java.io.IOException) List(java.util.List) ArrayList(java.util.ArrayList) JsonToken(com.fasterxml.jackson.core.JsonToken) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) JsonParser(com.fasterxml.jackson.core.JsonParser)

Example 2 with TokenEndpointBadRequestException

use of org.wso2.carbon.identity.oauth.endpoint.exception.TokenEndpointBadRequestException in project identity-inbound-auth-oauth by wso2-extensions.

the class DeviceEndpoint method authorize.

@POST
@Path("/")
@Consumes("application/x-www-form-urlencoded")
@Produces("application/json")
public Response authorize(@Context HttpServletRequest request, MultivaluedMap<String, String> paramMap, @Context HttpServletResponse response) throws IdentityOAuth2Exception, OAuthSystemException {
    OAuthClientAuthnContext oAuthClientAuthnContext = getValidationObject(request);
    if (!oAuthClientAuthnContext.isAuthenticated()) {
        return handleErrorResponse(oAuthClientAuthnContext);
    }
    try {
        validateRepeatedParams(request, paramMap);
        String deviceCode = UUID.randomUUID().toString();
        String scopes = request.getParameter(Constants.SCOPE);
        String userCode = getUniqueUserCode(deviceCode, oAuthClientAuthnContext.getClientId(), scopes);
        String redirectionUri = ServiceURLBuilder.create().addPath(Constants.DEVICE_ENDPOINT_PATH).build().getAbsolutePublicURL();
        String redirectionUriComplete = ServiceURLBuilder.create().addPath(Constants.DEVICE_ENDPOINT_PATH).addParameter("user_code", userCode).build().getAbsolutePublicURL();
        return buildResponseObject(deviceCode, userCode, redirectionUri, redirectionUriComplete);
    } catch (IdentityOAuth2Exception e) {
        return handleIdentityOAuth2Exception(e);
    } catch (TokenEndpointBadRequestException e) {
        return handleTokenEndpointBadRequestException(e);
    } catch (URLBuilderException e) {
        return handleURLBuilderException(e);
    }
}
Also used : URLBuilderException(org.wso2.carbon.identity.core.URLBuilderException) IdentityOAuth2Exception(org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception) TokenEndpointBadRequestException(org.wso2.carbon.identity.oauth.endpoint.exception.TokenEndpointBadRequestException) OAuthClientAuthnContext(org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces)

Example 3 with TokenEndpointBadRequestException

use of org.wso2.carbon.identity.oauth.endpoint.exception.TokenEndpointBadRequestException in project identity-inbound-auth-oauth by wso2-extensions.

the class OAuth2TokenEndpoint method issueAccessToken.

protected Response issueAccessToken(HttpServletRequest request, Map<String, List<String>> paramMap) throws OAuthSystemException, InvalidRequestParentException {
    try {
        startSuperTenantFlow();
        validateRepeatedParams(request, paramMap);
        HttpServletRequestWrapper httpRequest = new OAuthRequestWrapper(request, paramMap);
        CarbonOAuthTokenRequest oauthRequest = buildCarbonOAuthTokenRequest(httpRequest);
        validateOAuthApplication(oauthRequest.getoAuthClientAuthnContext());
        OAuth2AccessTokenRespDTO oauth2AccessTokenResp = issueAccessToken(oauthRequest, httpRequest);
        if (oauth2AccessTokenResp.getErrorMsg() != null) {
            return handleErrorResponse(oauth2AccessTokenResp);
        } else {
            return buildTokenResponse(oauth2AccessTokenResp);
        }
    } catch (TokenEndpointBadRequestException | OAuthSystemException | InvalidApplicationClientException e) {
        triggerOnTokenExceptionListeners(e, request, paramMap);
        throw e;
    } finally {
        PrivilegedCarbonContext.endTenantFlow();
    }
}
Also used : OAuthRequestWrapper(org.wso2.carbon.identity.oauth.endpoint.OAuthRequestWrapper) OAuth2AccessTokenRespDTO(org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO) TokenEndpointBadRequestException(org.wso2.carbon.identity.oauth.endpoint.exception.TokenEndpointBadRequestException) HttpServletRequestWrapper(javax.servlet.http.HttpServletRequestWrapper) OAuthSystemException(org.apache.oltu.oauth2.common.exception.OAuthSystemException) InvalidApplicationClientException(org.wso2.carbon.identity.oauth.endpoint.exception.InvalidApplicationClientException) CarbonOAuthTokenRequest(org.wso2.carbon.identity.oauth2.model.CarbonOAuthTokenRequest)

Aggregations

TokenEndpointBadRequestException (org.wso2.carbon.identity.oauth.endpoint.exception.TokenEndpointBadRequestException)3 OAuthSystemException (org.apache.oltu.oauth2.common.exception.OAuthSystemException)2 URLBuilderException (org.wso2.carbon.identity.core.URLBuilderException)2 IdentityOAuth2Exception (org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception)2 OAuthClientAuthnContext (org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext)2 JsonFactory (com.fasterxml.jackson.core.JsonFactory)1 JsonParser (com.fasterxml.jackson.core.JsonParser)1 JsonToken (com.fasterxml.jackson.core.JsonToken)1 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 IOException (java.io.IOException)1 UnsupportedEncodingException (java.io.UnsupportedEncodingException)1 URLEncoder (java.net.URLEncoder)1 ArrayList (java.util.ArrayList)1 Arrays (java.util.Arrays)1 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 List (java.util.List)1 Map (java.util.Map)1 Set (java.util.Set)1 UUID (java.util.UUID)1