Search in sources :

Example 1 with PwmHttpClient

use of password.pwm.http.client.PwmHttpClient in project pwm by pwm-project.

the class ApplianceStatusChecker method readApplianceHealthStatus.

private List<HealthRecord> readApplianceHealthStatus(final PwmApplication pwmApplication) throws IOException, PwmUnrecoverableException, PwmOperationalException {
    final List<HealthRecord> healthRecords = new ArrayList<>();
    final String url = figureUrl(pwmApplication);
    final Map<String, String> requestHeaders = Collections.singletonMap("sspr-authorization-token", getApplianceAccessToken(pwmApplication));
    final PwmHttpClientConfiguration pwmHttpClientConfiguration = PwmHttpClientConfiguration.builder().promiscuous(true).build();
    final PwmHttpClient pwmHttpClient = new PwmHttpClient(pwmApplication, SessionLabel.HEALTH_SESSION_LABEL, pwmHttpClientConfiguration);
    final PwmHttpClientRequest pwmHttpClientRequest = new PwmHttpClientRequest(HttpMethod.GET, url, null, requestHeaders);
    final PwmHttpClientResponse response = pwmHttpClient.makeRequest(pwmHttpClientRequest);
    LOGGER.trace(SessionLabel.HEALTH_SESSION_LABEL, "https response from appliance server request: " + response.getBody());
    final String jsonString = response.getBody();
    LOGGER.debug("response from /sspr/appliance-update-status: " + jsonString);
    final UpdateStatus updateStatus = JsonUtil.deserialize(jsonString, UpdateStatus.class);
    if (updateStatus.pendingInstallation) {
        healthRecords.add(HealthRecord.forMessage(HealthMessage.Appliance_PendingUpdates));
    }
    if (!updateStatus.autoUpdatesEnabled) {
        healthRecords.add(HealthRecord.forMessage(HealthMessage.Appliance_UpdatesNotEnabled));
    }
    if (!updateStatus.updateServiceConfigured) {
        healthRecords.add(HealthRecord.forMessage(HealthMessage.Appliance_UpdateServiceNotConfigured));
    }
    return healthRecords;
}
Also used : PwmHttpClient(password.pwm.http.client.PwmHttpClient) PwmHttpClientRequest(password.pwm.http.client.PwmHttpClientRequest) ArrayList(java.util.ArrayList) PwmHttpClientConfiguration(password.pwm.http.client.PwmHttpClientConfiguration) PwmHttpClientResponse(password.pwm.http.client.PwmHttpClientResponse)

Example 2 with PwmHttpClient

use of password.pwm.http.client.PwmHttpClient in project pwm by pwm-project.

the class CaptchaUtility method verifyReCaptcha.

public static boolean verifyReCaptcha(final PwmRequest pwmRequest, final String recaptchaResponse) throws PwmUnrecoverableException {
    if (!captchaEnabledForRequest(pwmRequest)) {
        return true;
    }
    final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
    final PasswordData privateKey = pwmApplication.getConfig().readSettingAsPassword(PwmSetting.RECAPTCHA_KEY_PRIVATE);
    final StringBuilder bodyText = new StringBuilder();
    bodyText.append("secret=").append(privateKey.getStringValue());
    bodyText.append("&");
    bodyText.append("remoteip=").append(pwmRequest.getSessionLabel().getSrcAddress());
    bodyText.append("&");
    bodyText.append("response=").append(recaptchaResponse);
    try {
        final PwmHttpClientRequest clientRequest = new PwmHttpClientRequest(HttpMethod.POST, pwmApplication.getConfig().readAppProperty(AppProperty.RECAPTCHA_VALIDATE_URL), bodyText.toString(), Collections.singletonMap("Content-Type", HttpContentType.form.getHeaderValue()));
        LOGGER.debug(pwmRequest, "sending reCaptcha verification request");
        final PwmHttpClient client = new PwmHttpClient(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel());
        final PwmHttpClientResponse clientResponse = client.makeRequest(clientRequest);
        if (clientResponse.getStatusCode() != HttpServletResponse.SC_OK) {
            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_CAPTCHA_API_ERROR, "unexpected HTTP status code (" + clientResponse.getStatusCode() + ")"));
        }
        final JsonElement responseJson = new JsonParser().parse(clientResponse.getBody());
        final JsonObject topObject = responseJson.getAsJsonObject();
        if (topObject != null && topObject.has("success")) {
            final boolean success = topObject.get("success").getAsBoolean();
            if (success) {
                writeCaptchaSkipCookie(pwmRequest);
                return true;
            }
            if (topObject.has("error-codes")) {
                final List<String> errorCodes = new ArrayList<>();
                for (final JsonElement element : topObject.get("error-codes").getAsJsonArray()) {
                    final String errorCode = element.getAsString();
                    errorCodes.add(errorCode);
                }
                LOGGER.debug(pwmRequest, "recaptcha error codes: " + JsonUtil.serializeCollection(errorCodes));
            }
        }
    } catch (Exception e) {
        final String errorMsg = "unexpected error during reCaptcha API execution: " + e.getMessage();
        LOGGER.error(errorMsg, e);
        final ErrorInformation errorInfo = new ErrorInformation(PwmError.ERROR_CAPTCHA_API_ERROR, errorMsg);
        final PwmUnrecoverableException pwmE = new PwmUnrecoverableException(errorInfo);
        pwmE.initCause(e);
        throw pwmE;
    }
    return false;
}
Also used : PwmApplication(password.pwm.PwmApplication) PwmHttpClientRequest(password.pwm.http.client.PwmHttpClientRequest) ArrayList(java.util.ArrayList) JsonObject(com.google.gson.JsonObject) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmHttpClientResponse(password.pwm.http.client.PwmHttpClientResponse) ServletException(javax.servlet.ServletException) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) IOException(java.io.IOException) ErrorInformation(password.pwm.error.ErrorInformation) PwmHttpClient(password.pwm.http.client.PwmHttpClient) JsonElement(com.google.gson.JsonElement) JsonParser(com.google.gson.JsonParser)

Example 3 with PwmHttpClient

use of password.pwm.http.client.PwmHttpClient in project pwm by pwm-project.

the class HttpTelemetrySender method publish.

@Override
public void publish(final TelemetryPublishBean statsPublishBean) throws PwmUnrecoverableException {
    final PwmHttpClientConfiguration pwmHttpClientConfiguration = PwmHttpClientConfiguration.builder().promiscuous(true).build();
    final PwmHttpClient pwmHttpClient = new PwmHttpClient(pwmApplication, SessionLabel.TELEMETRY_SESSION_LABEL, pwmHttpClientConfiguration);
    final String body = JsonUtil.serialize(statsPublishBean);
    final Map<String, String> headers = new HashMap<>();
    headers.put(HttpHeader.Content_Type.getHttpName(), HttpContentType.json.getHeaderValue());
    headers.put(HttpHeader.Accept.getHttpName(), PwmConstants.AcceptValue.json.getHeaderValue());
    final PwmHttpClientRequest pwmHttpClientRequest = new PwmHttpClientRequest(HttpMethod.POST, settings.getUrl(), body, headers);
    LOGGER.trace(SessionLabel.TELEMETRY_SESSION_LABEL, "preparing to send telemetry data to '" + settings.getUrl() + ")");
    pwmHttpClient.makeRequest(pwmHttpClientRequest);
    LOGGER.trace(SessionLabel.TELEMETRY_SESSION_LABEL, "sent telemetry data to '" + settings.getUrl() + ")");
}
Also used : PwmHttpClient(password.pwm.http.client.PwmHttpClient) PwmHttpClientRequest(password.pwm.http.client.PwmHttpClientRequest) HashMap(java.util.HashMap) PwmHttpClientConfiguration(password.pwm.http.client.PwmHttpClientConfiguration)

Example 4 with PwmHttpClient

use of password.pwm.http.client.PwmHttpClient in project pwm by pwm-project.

the class OAuthMachine method makeHttpRequest.

private static PwmHttpClientResponse makeHttpRequest(final PwmRequest pwmRequest, final String debugText, final OAuthSettings settings, final String requestUrl, final Map<String, String> requestParams) throws PwmUnrecoverableException {
    final String requestBody = PwmURL.appendAndEncodeUrlParameters("", requestParams);
    final List<X509Certificate> certs = settings.getCertificates();
    final PwmHttpClientRequest pwmHttpClientRequest;
    {
        final Map<String, String> headers = new HashMap<>();
        headers.put(HttpHeader.Authorization.getHttpName(), new BasicAuthInfo(settings.getClientID(), settings.getSecret()).toAuthHeader());
        headers.put(HttpHeader.Content_Type.getHttpName(), HttpContentType.form.getHeaderValue());
        pwmHttpClientRequest = new PwmHttpClientRequest(HttpMethod.POST, requestUrl, requestBody, headers);
    }
    final PwmHttpClientResponse pwmHttpClientResponse;
    try {
        final PwmHttpClientConfiguration config = PwmHttpClientConfiguration.builder().certificates(JavaHelper.isEmpty(certs) ? null : certs).maskBodyDebugOutput(true).build();
        final PwmHttpClient pwmHttpClient = new PwmHttpClient(pwmRequest.getPwmApplication(), pwmRequest.getSessionLabel(), config);
        pwmHttpClientResponse = pwmHttpClient.makeRequest(pwmHttpClientRequest);
    } catch (PwmException e) {
        final String errorMsg = "error during " + debugText + " http request to oauth server, remote error: " + e.getErrorInformation().toDebugStr();
        throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_OAUTH_ERROR, errorMsg));
    }
    if (pwmHttpClientResponse.getStatusCode() != HttpStatus.SC_OK) {
        throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_OAUTH_ERROR, "unexpected HTTP status code (" + pwmHttpClientResponse.getStatusCode() + ") during " + debugText + " request to " + requestUrl));
    }
    return pwmHttpClientResponse;
}
Also used : PwmHttpClientRequest(password.pwm.http.client.PwmHttpClientRequest) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmHttpClientResponse(password.pwm.http.client.PwmHttpClientResponse) X509Certificate(java.security.cert.X509Certificate) PwmException(password.pwm.error.PwmException) ErrorInformation(password.pwm.error.ErrorInformation) PwmHttpClient(password.pwm.http.client.PwmHttpClient) PwmHttpClientConfiguration(password.pwm.http.client.PwmHttpClientConfiguration) BasicAuthInfo(password.pwm.util.BasicAuthInfo) HashMap(java.util.HashMap) LinkedHashMap(java.util.LinkedHashMap) Map(java.util.Map)

Example 5 with PwmHttpClient

use of password.pwm.http.client.PwmHttpClient in project pwm by pwm-project.

the class ActionExecutor method executeWebserviceAction.

private void executeWebserviceAction(final SessionLabel sessionLabel, final ActionConfiguration actionConfiguration) throws PwmOperationalException, PwmUnrecoverableException {
    String url = actionConfiguration.getUrl();
    String body = actionConfiguration.getBody();
    final Map<String, String> headers = new LinkedHashMap<>();
    if (actionConfiguration.getHeaders() != null) {
        headers.putAll(actionConfiguration.getHeaders());
    }
    try {
        // expand using pwm macros
        if (settings.isExpandPwmMacros()) {
            if (settings.getMacroMachine() == null) {
                throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, "executor specified macro expansion but did not supply macro machine"));
            }
            final MacroMachine macroMachine = settings.getMacroMachine();
            url = macroMachine.expandMacros(url);
            body = body == null ? "" : macroMachine.expandMacros(body);
            for (final Map.Entry<String, String> entry : headers.entrySet()) {
                final String headerName = entry.getKey();
                final String headerValue = entry.getValue();
                if (headerValue != null) {
                    headers.put(headerName, macroMachine.expandMacros(headerValue));
                }
            }
        }
        // add basic auth header;
        if (!StringUtil.isEmpty(actionConfiguration.getUsername()) && !StringUtil.isEmpty(actionConfiguration.getPassword())) {
            final String authHeaderValue = new BasicAuthInfo(actionConfiguration.getUsername(), new PasswordData(actionConfiguration.getPassword())).toAuthHeader();
            headers.put(HttpHeader.Authorization.getHttpName(), authHeaderValue);
        }
        final HttpMethod method = HttpMethod.fromString(actionConfiguration.getMethod().toString());
        final PwmHttpClientRequest clientRequest = new PwmHttpClientRequest(method, url, body, headers);
        final PwmHttpClient client;
        {
            if (actionConfiguration.getCertificates() != null) {
                final PwmHttpClientConfiguration clientConfiguration = PwmHttpClientConfiguration.builder().certificates(actionConfiguration.getCertificates()).build();
                client = new PwmHttpClient(pwmApplication, sessionLabel, clientConfiguration);
            } else {
                client = new PwmHttpClient(pwmApplication, sessionLabel);
            }
        }
        final PwmHttpClientResponse clientResponse = client.makeRequest(clientRequest);
        if (clientResponse.getStatusCode() != 200) {
            throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_SERVICE_UNREACHABLE, "unexpected HTTP status code while calling external web service: " + clientResponse.getStatusCode() + " " + clientResponse.getStatusPhrase()));
        }
    } catch (PwmException e) {
        if (e instanceof PwmOperationalException) {
            throw (PwmOperationalException) e;
        }
        final String errorMsg = "unexpected error during API execution: " + e.getMessage();
        LOGGER.error(errorMsg);
        throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg));
    }
}
Also used : PwmHttpClientRequest(password.pwm.http.client.PwmHttpClientRequest) PwmUnrecoverableException(password.pwm.error.PwmUnrecoverableException) PwmHttpClientResponse(password.pwm.http.client.PwmHttpClientResponse) LinkedHashMap(java.util.LinkedHashMap) PwmOperationalException(password.pwm.error.PwmOperationalException) PwmException(password.pwm.error.PwmException) ErrorInformation(password.pwm.error.ErrorInformation) PwmHttpClient(password.pwm.http.client.PwmHttpClient) PasswordData(password.pwm.util.PasswordData) PwmHttpClientConfiguration(password.pwm.http.client.PwmHttpClientConfiguration) MacroMachine(password.pwm.util.macro.MacroMachine) BasicAuthInfo(password.pwm.util.BasicAuthInfo) LinkedHashMap(java.util.LinkedHashMap) Map(java.util.Map) HttpMethod(password.pwm.http.HttpMethod)

Aggregations

PwmHttpClient (password.pwm.http.client.PwmHttpClient)7 PwmHttpClientConfiguration (password.pwm.http.client.PwmHttpClientConfiguration)5 PwmHttpClientRequest (password.pwm.http.client.PwmHttpClientRequest)5 ErrorInformation (password.pwm.error.ErrorInformation)4 PwmUnrecoverableException (password.pwm.error.PwmUnrecoverableException)4 PwmHttpClientResponse (password.pwm.http.client.PwmHttpClientResponse)4 X509Certificate (java.security.cert.X509Certificate)2 ArrayList (java.util.ArrayList)2 HashMap (java.util.HashMap)2 LinkedHashMap (java.util.LinkedHashMap)2 Map (java.util.Map)2 PwmException (password.pwm.error.PwmException)2 BasicAuthInfo (password.pwm.util.BasicAuthInfo)2 JsonElement (com.google.gson.JsonElement)1 JsonObject (com.google.gson.JsonObject)1 JsonParser (com.google.gson.JsonParser)1 IOException (java.io.IOException)1 ServletException (javax.servlet.ServletException)1 PwmApplication (password.pwm.PwmApplication)1 PwmOperationalException (password.pwm.error.PwmOperationalException)1