use of password.pwm.http.client.PwmHttpClient in project pwm by pwm-project.
the class ApplianceStatusChecker method readApplianceHealthStatus.
private List<HealthRecord> readApplianceHealthStatus(final PwmApplication pwmApplication) throws IOException, PwmUnrecoverableException, PwmOperationalException {
final List<HealthRecord> healthRecords = new ArrayList<>();
final String url = figureUrl(pwmApplication);
final Map<String, String> requestHeaders = Collections.singletonMap("sspr-authorization-token", getApplianceAccessToken(pwmApplication));
final PwmHttpClientConfiguration pwmHttpClientConfiguration = PwmHttpClientConfiguration.builder().promiscuous(true).build();
final PwmHttpClient pwmHttpClient = new PwmHttpClient(pwmApplication, SessionLabel.HEALTH_SESSION_LABEL, pwmHttpClientConfiguration);
final PwmHttpClientRequest pwmHttpClientRequest = new PwmHttpClientRequest(HttpMethod.GET, url, null, requestHeaders);
final PwmHttpClientResponse response = pwmHttpClient.makeRequest(pwmHttpClientRequest);
LOGGER.trace(SessionLabel.HEALTH_SESSION_LABEL, "https response from appliance server request: " + response.getBody());
final String jsonString = response.getBody();
LOGGER.debug("response from /sspr/appliance-update-status: " + jsonString);
final UpdateStatus updateStatus = JsonUtil.deserialize(jsonString, UpdateStatus.class);
if (updateStatus.pendingInstallation) {
healthRecords.add(HealthRecord.forMessage(HealthMessage.Appliance_PendingUpdates));
}
if (!updateStatus.autoUpdatesEnabled) {
healthRecords.add(HealthRecord.forMessage(HealthMessage.Appliance_UpdatesNotEnabled));
}
if (!updateStatus.updateServiceConfigured) {
healthRecords.add(HealthRecord.forMessage(HealthMessage.Appliance_UpdateServiceNotConfigured));
}
return healthRecords;
}
use of password.pwm.http.client.PwmHttpClient in project pwm by pwm-project.
the class CaptchaUtility method verifyReCaptcha.
public static boolean verifyReCaptcha(final PwmRequest pwmRequest, final String recaptchaResponse) throws PwmUnrecoverableException {
if (!captchaEnabledForRequest(pwmRequest)) {
return true;
}
final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
final PasswordData privateKey = pwmApplication.getConfig().readSettingAsPassword(PwmSetting.RECAPTCHA_KEY_PRIVATE);
final StringBuilder bodyText = new StringBuilder();
bodyText.append("secret=").append(privateKey.getStringValue());
bodyText.append("&");
bodyText.append("remoteip=").append(pwmRequest.getSessionLabel().getSrcAddress());
bodyText.append("&");
bodyText.append("response=").append(recaptchaResponse);
try {
final PwmHttpClientRequest clientRequest = new PwmHttpClientRequest(HttpMethod.POST, pwmApplication.getConfig().readAppProperty(AppProperty.RECAPTCHA_VALIDATE_URL), bodyText.toString(), Collections.singletonMap("Content-Type", HttpContentType.form.getHeaderValue()));
LOGGER.debug(pwmRequest, "sending reCaptcha verification request");
final PwmHttpClient client = new PwmHttpClient(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel());
final PwmHttpClientResponse clientResponse = client.makeRequest(clientRequest);
if (clientResponse.getStatusCode() != HttpServletResponse.SC_OK) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_CAPTCHA_API_ERROR, "unexpected HTTP status code (" + clientResponse.getStatusCode() + ")"));
}
final JsonElement responseJson = new JsonParser().parse(clientResponse.getBody());
final JsonObject topObject = responseJson.getAsJsonObject();
if (topObject != null && topObject.has("success")) {
final boolean success = topObject.get("success").getAsBoolean();
if (success) {
writeCaptchaSkipCookie(pwmRequest);
return true;
}
if (topObject.has("error-codes")) {
final List<String> errorCodes = new ArrayList<>();
for (final JsonElement element : topObject.get("error-codes").getAsJsonArray()) {
final String errorCode = element.getAsString();
errorCodes.add(errorCode);
}
LOGGER.debug(pwmRequest, "recaptcha error codes: " + JsonUtil.serializeCollection(errorCodes));
}
}
} catch (Exception e) {
final String errorMsg = "unexpected error during reCaptcha API execution: " + e.getMessage();
LOGGER.error(errorMsg, e);
final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_CAPTCHA_API_ERROR, errorMsg);
final PwmUnrecoverableException pwmE = new PwmUnrecoverableException(errorInfo);
pwmE.initCause(e);
throw pwmE;
}
return false;
}
use of password.pwm.http.client.PwmHttpClient in project pwm by pwm-project.
the class HttpTelemetrySender method publish.
@Override
public void publish(final TelemetryPublishBean statsPublishBean) throws PwmUnrecoverableException {
final PwmHttpClientConfiguration pwmHttpClientConfiguration = PwmHttpClientConfiguration.builder().promiscuous(true).build();
final PwmHttpClient pwmHttpClient = new PwmHttpClient(pwmApplication, SessionLabel.TELEMETRY_SESSION_LABEL, pwmHttpClientConfiguration);
final String body = JsonUtil.serialize(statsPublishBean);
final Map<String, String> headers = new HashMap<>();
headers.put(HttpHeader.Content_Type.getHttpName(), HttpContentType.json.getHeaderValue());
headers.put(HttpHeader.Accept.getHttpName(), PwmConstants.AcceptValue.json.getHeaderValue());
final PwmHttpClientRequest pwmHttpClientRequest = new PwmHttpClientRequest(HttpMethod.POST, settings.getUrl(), body, headers);
LOGGER.trace(SessionLabel.TELEMETRY_SESSION_LABEL, "preparing to send telemetry data to '" + settings.getUrl() + ")");
pwmHttpClient.makeRequest(pwmHttpClientRequest);
LOGGER.trace(SessionLabel.TELEMETRY_SESSION_LABEL, "sent telemetry data to '" + settings.getUrl() + ")");
}
use of password.pwm.http.client.PwmHttpClient in project pwm by pwm-project.
the class OAuthMachine method makeHttpRequest.
private static PwmHttpClientResponse makeHttpRequest(final PwmRequest pwmRequest, final String debugText, final OAuthSettings settings, final String requestUrl, final Map<String, String> requestParams) throws PwmUnrecoverableException {
final String requestBody = PwmURL.appendAndEncodeUrlParameters("", requestParams);
final List<X509Certificate> certs = settings.getCertificates();
final PwmHttpClientRequest pwmHttpClientRequest;
{
final Map<String, String> headers = new HashMap<>();
headers.put(HttpHeader.Authorization.getHttpName(), new BasicAuthInfo(settings.getClientID(), settings.getSecret()).toAuthHeader());
headers.put(HttpHeader.Content_Type.getHttpName(), HttpContentType.form.getHeaderValue());
pwmHttpClientRequest = new PwmHttpClientRequest(HttpMethod.POST, requestUrl, requestBody, headers);
}
final PwmHttpClientResponse pwmHttpClientResponse;
try {
final PwmHttpClientConfiguration config = PwmHttpClientConfiguration.builder().certificates(JavaHelper.isEmpty(certs) ? null : certs).maskBodyDebugOutput(true).build();
final PwmHttpClient pwmHttpClient = new PwmHttpClient(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), config);
pwmHttpClientResponse = pwmHttpClient.makeRequest(pwmHttpClientRequest);
} catch (PwmException e) {
final String errorMsg = "error during " + debugText + " http request to oauth server, remote error: " + e.getErrorInformation().toDebugStr();
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_OAUTH_ERROR, errorMsg));
}
if (pwmHttpClientResponse.getStatusCode() != HttpStatus.SC_OK) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_OAUTH_ERROR, "unexpected HTTP status code (" + pwmHttpClientResponse.getStatusCode() + ") during " + debugText + " request to " + requestUrl));
}
return pwmHttpClientResponse;
}
use of password.pwm.http.client.PwmHttpClient in project pwm by pwm-project.
the class ActionExecutor method executeWebserviceAction.
private void executeWebserviceAction(final SessionLabel sessionLabel, final ActionConfiguration actionConfiguration) throws PwmOperationalException, PwmUnrecoverableException {
String url = actionConfiguration.getUrl();
String body = actionConfiguration.getBody();
final Map<String, String> headers = new LinkedHashMap<>();
if (actionConfiguration.getHeaders() != null) {
headers.putAll(actionConfiguration.getHeaders());
}
try {
// expand using pwm macros
if (settings.isExpandPwmMacros()) {
if (settings.getMacroMachine() == null) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, "executor specified macro expansion but did not supply macro machine"));
}
final MacroMachine macroMachine = settings.getMacroMachine();
url = macroMachine.expandMacros(url);
body = body == null ? "" : macroMachine.expandMacros(body);
for (final Map.Entry<String, String> entry : headers.entrySet()) {
final String headerName = entry.getKey();
final String headerValue = entry.getValue();
if (headerValue != null) {
headers.put(headerName, macroMachine.expandMacros(headerValue));
}
}
}
// add basic auth header;
if (!StringUtil.isEmpty(actionConfiguration.getUsername()) && !StringUtil.isEmpty(actionConfiguration.getPassword())) {
final String authHeaderValue = new BasicAuthInfo(actionConfiguration.getUsername(), new PasswordData(actionConfiguration.getPassword())).toAuthHeader();
headers.put(HttpHeader.Authorization.getHttpName(), authHeaderValue);
}
final HttpMethod method = HttpMethod.fromString(actionConfiguration.getMethod().toString());
final PwmHttpClientRequest clientRequest = new PwmHttpClientRequest(method, url, body, headers);
final PwmHttpClient client;
{
if (actionConfiguration.getCertificates() != null) {
final PwmHttpClientConfiguration clientConfiguration = PwmHttpClientConfiguration.builder().certificates(actionConfiguration.getCertificates()).build();
client = new PwmHttpClient(pwmApplication, sessionLabel, clientConfiguration);
} else {
client = new PwmHttpClient(pwmApplication, sessionLabel);
}
}
final PwmHttpClientResponse clientResponse = client.makeRequest(clientRequest);
if (clientResponse.getStatusCode() != 200) {
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_SERVICE_UNREACHABLE, "unexpected HTTP status code while calling external web service: " + clientResponse.getStatusCode() + " " + clientResponse.getStatusPhrase()));
}
} catch (PwmException e) {
if (e instanceof PwmOperationalException) {
throw (PwmOperationalException) e;
}
final String errorMsg = "unexpected error during API execution: " + e.getMessage();
LOGGER.error(errorMsg);
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg));
}
}
Aggregations