use of password.pwm.util.BasicAuthInfo in project pwm by pwm-project.
the class ActionExecutor method executeWebserviceAction.
private void executeWebserviceAction(final SessionLabel sessionLabel, final ActionConfiguration actionConfiguration) throws PwmOperationalException, PwmUnrecoverableException {
String url = actionConfiguration.getUrl();
String body = actionConfiguration.getBody();
final Map<String, String> headers = new LinkedHashMap<>();
if (actionConfiguration.getHeaders() != null) {
headers.putAll(actionConfiguration.getHeaders());
}
try {
// expand using pwm macros
if (settings.isExpandPwmMacros()) {
if (settings.getMacroMachine() == null) {
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, "executor specified macro expansion but did not supply macro machine"));
}
final MacroMachine macroMachine = settings.getMacroMachine();
url = macroMachine.expandMacros(url);
body = body == null ? "" : macroMachine.expandMacros(body);
for (final Map.Entry<String, String> entry : headers.entrySet()) {
final String headerName = entry.getKey();
final String headerValue = entry.getValue();
if (headerValue != null) {
headers.put(headerName, macroMachine.expandMacros(headerValue));
}
}
}
// add basic auth header;
if (!StringUtil.isEmpty(actionConfiguration.getUsername()) && !StringUtil.isEmpty(actionConfiguration.getPassword())) {
final String authHeaderValue = new BasicAuthInfo(actionConfiguration.getUsername(), new PasswordData(actionConfiguration.getPassword())).toAuthHeader();
headers.put(HttpHeader.Authorization.getHttpName(), authHeaderValue);
}
final HttpMethod method = HttpMethod.fromString(actionConfiguration.getMethod().toString());
final PwmHttpClientRequest clientRequest = new PwmHttpClientRequest(method, url, body, headers);
final PwmHttpClient client;
{
if (actionConfiguration.getCertificates() != null) {
final PwmHttpClientConfiguration clientConfiguration = PwmHttpClientConfiguration.builder().certificates(actionConfiguration.getCertificates()).build();
client = new PwmHttpClient(pwmApplication, sessionLabel, clientConfiguration);
} else {
client = new PwmHttpClient(pwmApplication, sessionLabel);
}
}
final PwmHttpClientResponse clientResponse = client.makeRequest(clientRequest);
if (clientResponse.getStatusCode() != 200) {
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_SERVICE_UNREACHABLE, "unexpected HTTP status code while calling external web service: " + clientResponse.getStatusCode() + " " + clientResponse.getStatusPhrase()));
}
} catch (PwmException e) {
if (e instanceof PwmOperationalException) {
throw (PwmOperationalException) e;
}
final String errorMsg = "unexpected error during API execution: " + e.getMessage();
LOGGER.error(errorMsg);
throw new PwmOperationalException(new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMsg));
}
}
use of password.pwm.util.BasicAuthInfo in project pwm by pwm-project.
the class RestFormDataClient method invoke.
public FormDataResponseBean invoke(final FormDataRequestBean formDataRequestBean, final Locale locale) throws PwmUnrecoverableException {
final Map<String, String> httpHeaders = new LinkedHashMap<>();
httpHeaders.put(HttpHeader.Accept.getHttpName(), PwmConstants.AcceptValue.json.getHeaderValue());
httpHeaders.put(HttpHeader.Content_Type.getHttpName(), HttpContentType.json.getHeaderValue());
if (locale != null) {
httpHeaders.put(HttpHeader.Accept_Language.getHttpName(), locale.toString());
}
{
final Map<String, String> configuredHeaders = new LinkedHashMap<>(remoteWebServiceConfiguration.getHeaders());
// add basic auth header;
if (!StringUtil.isEmpty(remoteWebServiceConfiguration.getUsername()) && !StringUtil.isEmpty(remoteWebServiceConfiguration.getPassword())) {
final String authHeaderValue = new BasicAuthInfo(remoteWebServiceConfiguration.getUsername(), new PasswordData(remoteWebServiceConfiguration.getPassword())).toAuthHeader();
configuredHeaders.put(HttpHeader.Authorization.getHttpName(), authHeaderValue);
}
httpHeaders.putAll(configuredHeaders);
}
final String jsonRequestBody = JsonUtil.serialize(formDataRequestBean);
final PwmHttpClientRequest pwmHttpClientRequest = new PwmHttpClientRequest(HttpMethod.POST, remoteWebServiceConfiguration.getUrl(), jsonRequestBody, httpHeaders);
final PwmHttpClientResponse httpResponse;
try {
httpResponse = getHttpClient(pwmApplication.getConfig()).makeRequest(pwmHttpClientRequest);
final String responseBody = httpResponse.getBody();
LOGGER.trace("external rest call returned: " + httpResponse.getStatusPhrase() + ", body: " + responseBody);
if (httpResponse.getStatusCode() != 200) {
final String errorMsg = "received non-200 response code (" + httpResponse.getStatusCode() + ") when executing web-service";
LOGGER.error(errorMsg);
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_SERVICE_UNREACHABLE, errorMsg));
}
final FormDataResponseBean formDataResponseBean = JsonUtil.deserialize(responseBody, FormDataResponseBean.class);
return formDataResponseBean;
} catch (PwmUnrecoverableException e) {
final String errorMsg = "http response error while executing external rest call, error: " + e.getMessage();
LOGGER.error(errorMsg);
throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_SERVICE_UNREACHABLE, errorMsg), e);
}
}
use of password.pwm.util.BasicAuthInfo in project pwm by pwm-project.
the class RestSetPasswordServer method doSetPassword.
private static RestResultBean doSetPassword(final RestRequest restRequest, final JsonInputData jsonInputData) {
final String password = jsonInputData.getPassword();
final boolean random = jsonInputData.isRandom();
if ((password == null || password.length() < 1) && !random) {
final String errorMessage = "field '" + FIELD_PASSWORD + "' must have a value or field '" + FIELD_RANDOM + "' must be set to true";
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_MISSING_PARAMETER, errorMessage, new String[] { FIELD_PASSWORD });
return RestResultBean.fromError(restRequest, errorInformation);
}
if ((password != null && password.length() > 0) && random) {
final String errorMessage = "field '" + FIELD_PASSWORD + "' cannot have a value or field '" + FIELD_RANDOM + "' must be set to true";
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_MISSING_PARAMETER, errorMessage, new String[] { FIELD_PASSWORD });
return RestResultBean.fromError(restRequest, errorInformation);
}
try {
final TargetUserIdentity targetUserIdentity = RestUtility.resolveRequestedUsername(restRequest, jsonInputData.username);
final PasswordData newPassword;
if (random) {
final PwmPasswordPolicy passwordPolicy = PasswordUtility.readPasswordPolicyForUser(restRequest.getPwmApplication(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), targetUserIdentity.getChaiUser(), restRequest.getLocale());
newPassword = RandomPasswordGenerator.createRandomPassword(restRequest.getSessionLabel(), passwordPolicy, restRequest.getPwmApplication());
} else {
newPassword = new PasswordData(password);
}
final PasswordData oldPassword;
if (targetUserIdentity.isSelf()) {
final BasicAuthInfo basicAuthInfo = BasicAuthInfo.parseAuthHeader(restRequest.getPwmApplication(), restRequest.getHttpServletRequest());
oldPassword = basicAuthInfo == null ? null : basicAuthInfo.getPassword();
} else {
oldPassword = null;
}
final UserInfo userInfo = UserInfoFactory.newUserInfoUsingProxy(restRequest.getPwmApplication(), restRequest.getSessionLabel(), targetUserIdentity.getUserIdentity(), restRequest.getLocale());
PasswordUtility.setPassword(restRequest.getPwmApplication(), restRequest.getSessionLabel(), targetUserIdentity.getChaiProvider(), userInfo, oldPassword, newPassword);
StatisticsManager.incrementStat(restRequest.getPwmApplication(), Statistic.REST_SETPASSWORD);
final JsonInputData jsonResultData = new JsonInputData(targetUserIdentity.getUserIdentity().toDelimitedKey(), null, random);
return RestResultBean.forSuccessMessage(jsonResultData, restRequest, Message.Success_PasswordChange);
} catch (PwmException e) {
LOGGER.error("error during set password REST operation: " + e.getMessage());
return RestResultBean.fromError(restRequest, e.getErrorInformation());
} catch (Exception e) {
final String errorMessage = "unexpected error executing web service: " + e.getMessage();
final ErrorInformation errorInformation = new ErrorInformation(PwmError.ERROR_UNKNOWN, errorMessage);
LOGGER.error("error during set password REST operation: " + e.getMessage(), e);
return RestResultBean.fromError(restRequest, errorInformation);
}
}
Aggregations