use of password.pwm.error.PwmUnrecoverableException in project pwm by pwm-project.
the class RestChallengesServer method doSetChallengeDataJson.
@RestMethodHandler(method = HttpMethod.POST, consumes = HttpContentType.json, produces = HttpContentType.json)
public RestResultBean doSetChallengeDataJson(final RestRequest restRequest) throws IOException, PwmUnrecoverableException {
final JsonChallengesData jsonInput = RestUtility.deserializeJsonBody(restRequest, JsonChallengesData.class);
final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, jsonInput.getUsername());
try {
final ChaiUser chaiUser;
final String userGUID;
final String csIdentifer;
final UserIdentity userIdentity;
final CrService crService = restRequest.getPwmApplication().getCrService();
userIdentity = targetUserIdentity.getUserIdentity();
chaiUser = targetUserIdentity.getChaiUser();
userGUID = LdapOperationsHelper.readLdapGuidValue(restRequest.getPwmApplication(), restRequest.getSessionLabel(), userIdentity, false);
final ChallengeProfile challengeProfile = crService.readUserChallengeProfile(restRequest.getSessionLabel(), userIdentity, chaiUser, PwmPasswordPolicy.defaultPolicy(), restRequest.getLocale());
csIdentifer = challengeProfile.getChallengeSet().getIdentifier();
final ResponseInfoBean responseInfoBean = jsonInput.toResponseInfoBean(restRequest.getLocale(), csIdentifer);
crService.writeResponses(userIdentity, chaiUser, userGUID, responseInfoBean);
// update statistics
StatisticsManager.incrementStat(restRequest.getPwmApplication(), Statistic.REST_CHALLENGES);
return RestResultBean.forSuccessMessage(restRequest, Message.Success_SetupResponse);
} catch (Exception e) {
final String errorMsg = "unexpected error reading json input: " + e.getMessage();
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg);
return RestResultBean.fromError(restRequest, errorInformation);
}
}
use of password.pwm.error.PwmUnrecoverableException in project pwm by pwm-project.
the class RestFormSigningServer method handleRestJsonPostRequest.
@RestMethodHandler(method = HttpMethod.POST, produces = HttpContentType.json)
private RestResultBean handleRestJsonPostRequest(final RestRequest restRequest) throws IOException, PwmUnrecoverableException {
final Map<String, String> inputFormData = restRequest.readBodyAsJsonStringMap(PwmHttpRequestWrapper.Flag.BypassValidation);
if (!restRequest.getRestAuthentication().getUsages().contains(WebServiceUsage.SigningForm)) {
final String errorMsg = "request is not authenticated with permission for " + WebServiceUsage.SigningForm;
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNAUTHORIZED, errorMsg);
return RestResultBean.fromError(errorInformation);
}
try {
if (!JavaHelper.isEmpty(inputFormData)) {
final SecureService securityService = restRequest.getPwmApplication().getSecureService();
final SignedFormData signedFormData = new SignedFormData(Instant.now(), inputFormData);
final String signedValue = securityService.encryptObjectToString(signedFormData);
StatisticsManager.incrementStat(restRequest.getPwmApplication(), Statistic.REST_SIGNING_FORM);
return RestResultBean.withData(signedValue);
}
throw PwmUnrecoverableException.newException(PwmError.ERROR_MISSING_PARAMETER, "POST body should be a json object");
} catch (Exception e) {
if (e instanceof PwmUnrecoverableException) {
throw e;
}
final String errorMsg = "unexpected error building json response: " + e.getMessage();
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg);
throw new PwmUnrecoverableException(errorInformation);
}
}
use of password.pwm.error.PwmUnrecoverableException in project pwm by pwm-project.
the class RestProfileServer method doGetProfileDataImpl.
private static RestResultBean doGetProfileDataImpl(final RestRequest restRequest, final String username) throws PwmUnrecoverableException, ChaiUnavailableException {
final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, username);
final String updateProfileID = ProfileUtility.discoverProfileIDforUser(restRequest.getPwmApplication(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), ProfileType.UpdateAttributes);
if (StringUtil.isEmpty(updateProfileID)) {
throw new PwmUnrecoverableException(PwmError.ERROR_NO_PROFILE_ASSIGNED);
}
final UpdateProfileProfile updateProfileProfile = restRequest.getPwmApplication().getConfig().getUpdateAttributesProfile().get(updateProfileID);
final Map<String, String> profileData = new HashMap<>();
{
final Map<FormConfiguration, String> formData = new HashMap<>();
for (final FormConfiguration formConfiguration : updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM)) {
formData.put(formConfiguration, "");
}
final List<FormConfiguration> formFields = updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
final UserInfo userInfo = UserInfoFactory.newUserInfo(restRequest.getPwmApplication(), restRequest.getSessionLabel(), restRequest.getLocale(), targetUserIdentity.getUserIdentity(), targetUserIdentity.getChaiProvider());
FormUtility.populateFormMapFromLdap(formFields, restRequest.getSessionLabel(), formData, userInfo);
for (final Map.Entry<FormConfiguration, String> entry : formData.entrySet()) {
final FormConfiguration formConfig = entry.getKey();
profileData.put(formConfig.getName(), entry.getValue());
}
}
final JsonProfileData outputData = new JsonProfileData();
outputData.profile = profileData;
outputData.formDefinition = updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
final RestResultBean restResultBean = RestResultBean.withData(outputData);
StatisticsManager.incrementStat(restRequest.getPwmApplication(), Statistic.REST_PROFILE);
return restResultBean;
}
use of password.pwm.error.PwmUnrecoverableException in project pwm by pwm-project.
the class RestProfileServer method doPostProfileDataImpl.
private static RestResultBean doPostProfileDataImpl(final RestRequest restRequest, final JsonProfileData jsonInput) throws PwmUnrecoverableException, ChaiUnavailableException, PwmOperationalException {
final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, jsonInput.getUsername());
final String updateProfileID = ProfileUtility.discoverProfileIDforUser(restRequest.getPwmApplication(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), ProfileType.UpdateAttributes);
if (StringUtil.isEmpty(updateProfileID)) {
throw new PwmUnrecoverableException(PwmError.ERROR_NO_PROFILE_ASSIGNED);
}
final UpdateProfileProfile updateProfileProfile = restRequest.getPwmApplication().getConfig().getUpdateAttributesProfile().get(updateProfileID);
{
final List<UserPermission> userPermission = updateProfileProfile.readSettingAsUserPermission(PwmSetting.UPDATE_PROFILE_QUERY_MATCH);
final boolean result = LdapPermissionTester.testUserPermissions(restRequest.getPwmApplication(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), userPermission);
if (!result) {
throw new PwmUnrecoverableException(PwmError.ERROR_UNAUTHORIZED);
}
}
final FormMap inputFormData = new FormMap(jsonInput.profile);
final List<FormConfiguration> profileForm = updateProfileProfile.readSettingAsForm(PwmSetting.UPDATE_PROFILE_FORM);
final Map<FormConfiguration, String> profileFormData = new HashMap<>();
for (final FormConfiguration formConfiguration : profileForm) {
if (!formConfiguration.isReadonly() && inputFormData.containsKey(formConfiguration.getName())) {
profileFormData.put(formConfiguration, inputFormData.get(formConfiguration.getName()));
}
}
final UserInfo userInfo = UserInfoFactory.newUserInfo(restRequest.getPwmApplication(), restRequest.getSessionLabel(), restRequest.getLocale(), targetUserIdentity.getUserIdentity(), targetUserIdentity.getChaiProvider());
final MacroMachine macroMachine = MacroMachine.forUser(restRequest.getPwmApplication(), restRequest.getLocale(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity());
UpdateProfileUtil.doProfileUpdate(restRequest.getPwmApplication(), restRequest.getSessionLabel(), restRequest.getLocale(), userInfo, macroMachine, updateProfileProfile, FormUtility.asStringMap(profileFormData), targetUserIdentity.getChaiUser());
StatisticsManager.incrementStat(restRequest.getPwmApplication(), Statistic.REST_PROFILE);
return RestResultBean.forSuccessMessage(restRequest, Message.Success_UpdateProfile);
}
use of password.pwm.error.PwmUnrecoverableException in project pwm by pwm-project.
the class RestStatusServer method doGetStatusData.
@RestMethodHandler(method = HttpMethod.GET, produces = HttpContentType.json, consumes = HttpContentType.json)
public RestResultBean doGetStatusData(final RestRequest restRequest) throws PwmUnrecoverableException {
final Instant startTime = Instant.now();
final String username = restRequest.readParameterAsString("username");
final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, username);
try {
final ChaiProvider chaiProvider = targetUserIdentity.getChaiProvider();
final UserInfo userInfo = UserInfoFactory.newUserInfo(restRequest.getPwmApplication(), restRequest.getSessionLabel(), restRequest.getLocale(), targetUserIdentity.getUserIdentity(), chaiProvider);
final MacroMachine macroMachine = MacroMachine.forUser(restRequest.getPwmApplication(), restRequest.getLocale(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity());
final PublicUserInfoBean publicUserInfoBean = PublicUserInfoBean.fromUserInfoBean(userInfo, restRequest.getPwmApplication().getConfig(), restRequest.getLocale(), macroMachine);
StatisticsManager.incrementStat(restRequest.getPwmApplication(), Statistic.REST_STATUS);
final RestResultBean restResultBean = RestResultBean.withData(publicUserInfoBean);
LOGGER.debug(restRequest.getSessionLabel(), "completed REST status request in " + TimeDuration.compactFromCurrent(startTime) + ", result=" + JsonUtil.serialize(restResultBean));
return restResultBean;
} catch (PwmException e) {
return RestResultBean.fromError(e.getErrorInformation());
} catch (Exception e) {
final String errorMsg = "unexpected error building json response: " + e.getMessage();
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg);
return RestResultBean.fromError(restRequest, errorInformation);
}
}
Aggregations