Example 6 with NotFoundException
use of org.wso2.charon3.core.exceptions.NotFoundException in project OpenAM by OpenRock.
the class OpenAMOAuth2ProviderSettingsFactory method getProviderSettings.
private OAuth2ProviderSettings getProviderSettings(String realm) throws NotFoundException {
synchronized (providerSettingsMap) {
OAuth2ProviderSettings providerSettings = providerSettingsMap.get(realm);
if (providerSettings == null) {
ResourceSetStore resourceSetStore = resourceSetStoreFactory.create(realm);
providerSettings = new OpenAMOAuth2ProviderSettings(realm, resourceSetStore, cookieExtractor);
if (providerSettings.exists()) {
providerSettingsMap.put(realm, providerSettings);
} else {
throw new NotFoundException("No OpenID Connect provider for realm " + realm);
}
}
return providerSettings;
}
}
Also used :
ResourceSetStore(org.forgerock.oauth2.resources.ResourceSetStore)
NotFoundException(org.forgerock.oauth2.core.exceptions.NotFoundException)
OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings)
Example 7 with NotFoundException
use of org.wso2.charon3.core.exceptions.NotFoundException in project OpenAM by OpenRock.
the class OpenAMResourceOwnerAuthenticator method authenticate.
/**
* {@inheritDoc}
*/
public ResourceOwner authenticate(OAuth2Request request, boolean useSession) throws NotFoundException {
SSOToken token = null;
try {
SSOTokenManager mgr = SSOTokenManager.getInstance();
token = mgr.createSSOToken(ServletUtils.getRequest(request.<Request>getRequest()));
} catch (Exception e) {
logger.warning("No SSO Token in request", e);
}
if (token == null || !useSession) {
final String username = request.getParameter(USERNAME);
final char[] password = request.getParameter(PASSWORD) == null ? null : request.<String>getParameter(PASSWORD).toCharArray();
final String realm = realmNormaliser.normalise(request.<String>getParameter(OAuth2Constants.Custom.REALM));
final String authChain = request.getParameter(AUTH_CHAIN);
return authenticate(username, password, realm, authChain);
} else {
try {
final AMIdentity id = IdUtils.getIdentity(AccessController.doPrivileged(AdminTokenAction.getInstance()), token.getProperty(Constants.UNIVERSAL_IDENTIFIER));
long authTime = stringToDate(token.getProperty(ISAuthConstants.AUTH_INSTANT)).getTime();
return new OpenAMResourceOwner(id.getName(), id, authTime);
} catch (SSOException e) {
logger.error("Unable to create ResourceOwner", e);
} catch (ParseException e) {
logger.error("Unable to create ResourceOwner", e);
} catch (IdRepoException e) {
logger.error("Unable to create ResourceOwner", e);
}
}
return null;
}
Also used :
SSOTokenManager(com.iplanet.sso.SSOTokenManager)
SSOToken(com.iplanet.sso.SSOToken)
AMIdentity(com.sun.identity.idm.AMIdentity)
IdRepoException(com.sun.identity.idm.IdRepoException)
SSOException(com.iplanet.sso.SSOException)
ParseException(java.text.ParseException)
IdRepoException(com.sun.identity.idm.IdRepoException)
ResourceException(org.restlet.resource.ResourceException)
ParseException(java.text.ParseException)
NotFoundException(org.forgerock.oauth2.core.exceptions.NotFoundException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
Example 8 with NotFoundException
use of org.wso2.charon3.core.exceptions.NotFoundException in project OpenAM by OpenRock.
the class OpenAMScopeValidator method getUserInfo.
/**
* {@inheritDoc}
*/
public UserInfoClaims getUserInfo(AccessToken token, OAuth2Request request) throws UnauthorizedClientException, NotFoundException {
Map<String, Object> response = new HashMap<>();
Bindings scriptVariables = new SimpleBindings();
SSOToken ssoToken = getUsersSession(request);
String realm;
Set<String> scopes;
AMIdentity id;
OAuth2ProviderSettings providerSettings = providerSettingsFactory.get(request);
Map<String, Set<String>> requestedClaimsValues = gatherRequestedClaims(providerSettings, request, token);
try {
if (token != null) {
OpenIdConnectClientRegistration clientRegistration;
try {
clientRegistration = clientRegistrationStore.get(token.getClientId(), request);
} catch (InvalidClientException e) {
logger.message("Unable to retrieve client from store.");
throw new NotFoundException("No valid client registration found.");
}
final String subId = clientRegistration.getSubValue(token.getResourceOwnerId(), providerSettings);
//data comes from token when we have one
realm = token.getRealm();
scopes = token.getScope();
id = identityManager.getResourceOwnerIdentity(token.getResourceOwnerId(), realm);
response.put(OAuth2Constants.JWTTokenParams.SUB, subId);
response.put(OAuth2Constants.JWTTokenParams.UPDATED_AT, getUpdatedAt(token.getResourceOwnerId(), token.getRealm(), request));
} else {
//otherwise we're simply reading claims into the id_token, so grab it from the request/ssoToken
realm = DNMapper.orgNameToRealmName(ssoToken.getProperty(ISAuthConstants.ORGANIZATION));
id = identityManager.getResourceOwnerIdentity(ssoToken.getProperty(ISAuthConstants.USER_ID), realm);
String scopeStr = request.getParameter(OAuth2Constants.Params.SCOPE);
scopes = splitScope(scopeStr);
}
scriptVariables.put(OAuth2Constants.ScriptParams.SCOPES, getScriptFriendlyScopes(scopes));
scriptVariables.put(OAuth2Constants.ScriptParams.IDENTITY, id);
scriptVariables.put(OAuth2Constants.ScriptParams.LOGGER, logger);
scriptVariables.put(OAuth2Constants.ScriptParams.CLAIMS, response);
scriptVariables.put(OAuth2Constants.ScriptParams.SESSION, ssoToken);
scriptVariables.put(OAuth2Constants.ScriptParams.REQUESTED_CLAIMS, requestedClaimsValues);
ScriptObject script = getOIDCClaimsExtensionScript(realm);
try {
return scriptEvaluator.evaluateScript(script, scriptVariables);
} catch (ScriptException e) {
logger.message("Error running OIDC claims script", e);
throw new ServerException("Error running OIDC claims script: " + e.getMessage());
}
} catch (ServerException e) {
//API does not allow ServerExceptions to be thrown!
throw new NotFoundException(e.getMessage());
} catch (SSOException e) {
throw new NotFoundException(e.getMessage());
}
}
Also used :
ScriptObject(org.forgerock.openam.scripting.ScriptObject)
OpenIdConnectClientRegistration(org.forgerock.openidconnect.OpenIdConnectClientRegistration)
SSOToken(com.iplanet.sso.SSOToken)
Set(java.util.Set)
HashSet(java.util.HashSet)
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
AMHashMap(com.iplanet.am.sdk.AMHashMap)
HashMap(java.util.HashMap)
NotFoundException(org.forgerock.oauth2.core.exceptions.NotFoundException)
SSOException(com.iplanet.sso.SSOException)
SimpleBindings(javax.script.SimpleBindings)
Bindings(javax.script.Bindings)
ScriptException(javax.script.ScriptException)
SimpleBindings(javax.script.SimpleBindings)
AMIdentity(com.sun.identity.idm.AMIdentity)
InvalidClientException(org.forgerock.oauth2.core.exceptions.InvalidClientException)
JSONObject(org.json.JSONObject)
ScriptObject(org.forgerock.openam.scripting.ScriptObject)
OAuth2ProviderSettings(org.forgerock.oauth2.core.OAuth2ProviderSettings)
Example 9 with NotFoundException
use of org.wso2.charon3.core.exceptions.NotFoundException in project OpenAM by OpenRock.
the class OpenAMResourceSetStore method delete.
@Override
public void delete(String resourceSetId, String resourceOwnerId) throws NotFoundException, ServerException {
try {
ResourceSetDescription token = read(resourceSetId, resourceOwnerId);
delegate.delete(token.getId());
} catch (org.forgerock.openam.sm.datalayer.store.NotFoundException e) {
throw new NotFoundException("Could not find resource set");
} catch (org.forgerock.openam.sm.datalayer.store.ServerException e) {
throw new ServerException(e);
}
}
Also used :
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
NotFoundException(org.forgerock.oauth2.core.exceptions.NotFoundException)
ResourceSetDescription(org.forgerock.oauth2.resources.ResourceSetDescription)
Example 10 with NotFoundException
use of org.wso2.charon3.core.exceptions.NotFoundException in project OpenAM by OpenRock.
the class AuthorizationRequestEndpoint method getAuthorisationApiToken.
protected AccessToken getAuthorisationApiToken() throws ServerException {
Request req = getRequest();
ChallengeResponse challengeResponse = req.getChallengeResponse();
try {
return oauth2TokenStore.readAccessToken(requestFactory.create(req), challengeResponse.getRawValue());
} catch (InvalidGrantException e) {
throw new ServerException("Unable to verify client identity.");
} catch (NotFoundException e) {
throw new ServerException(e.getMessage());
}
}
Also used :
ServerException(org.forgerock.oauth2.core.exceptions.ServerException)
UmaPendingRequest(org.forgerock.openam.sm.datalayer.impl.uma.UmaPendingRequest)
OAuth2Request(org.forgerock.oauth2.core.OAuth2Request)
Request(org.restlet.Request)
NotFoundException(org.forgerock.oauth2.core.exceptions.NotFoundException)
InvalidGrantException(org.forgerock.oauth2.core.exceptions.InvalidGrantException)
ChallengeResponse(org.restlet.data.ChallengeResponse)
Aggregations
APIManagementException (org.wso2.carbon.apimgt.core.exception.APIManagementException)171
ErrorDTO (org.wso2.carbon.apimgt.rest.api.common.dto.ErrorDTO)144
HashMap (java.util.HashMap)121
APIStore (org.wso2.carbon.apimgt.core.api.APIStore)120
Response (javax.ws.rs.core.Response)106
Test (org.junit.Test)100
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)99
Request (org.wso2.msf4j.Request)75
APIPublisher (org.wso2.carbon.apimgt.core.api.APIPublisher)48
APIMgtAdminService (org.wso2.carbon.apimgt.core.api.APIMgtAdminService)44
ArrayList (java.util.ArrayList)36
WorkflowResponse (org.wso2.carbon.apimgt.core.api.WorkflowResponse)31
GeneralWorkflowResponse (org.wso2.carbon.apimgt.core.workflow.GeneralWorkflowResponse)29
Map (java.util.Map)25
APIMgtAdminServiceImpl (org.wso2.carbon.apimgt.core.impl.APIMgtAdminServiceImpl)25
NotFoundException (org.forgerock.oauth2.core.exceptions.NotFoundException)24
ApplicationCreationResponse (org.wso2.carbon.apimgt.core.workflow.ApplicationCreationResponse)23
PoliciesApiServiceImpl (org.wso2.carbon.apimgt.rest.api.admin.impl.PoliciesApiServiceImpl)20
Application (org.wso2.carbon.apimgt.core.models.Application)19
BadRequestException (org.wso2.charon3.core.exceptions.BadRequestException)18
