Search in sources :

Example 6 with AuthorizationException

use of uk.nhs.digital.intranet.model.exception.AuthorizationException in project hippo by NHS-digital-website.

the class MicrosoftGraphAuthorizationProvider method getAccessToken.

private AccessToken getAccessToken(MultiValueMap<String, String> map) throws AuthorizationException {
    final HttpHeaders headers = new HttpHeaders();
    headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
    final HttpEntity<MultiValueMap<String, String>> httpRequest = new HttpEntity<>(map, headers);
    try {
        final ResponseEntity<TokenResponse> responseEntity = restTemplate.postForEntity(URI.create(baseUri + "token"), httpRequest, TokenResponse.class);
        final TokenResponse tokenResponse = responseEntity.getBody();
        Assert.notNull(tokenResponse, "Received null response from Microsoft Graph API.");
        return new AccessToken(tokenResponse.getAccessToken(), tokenResponse.getRefreshToken(), tokenResponse.getExpiresIn());
    } catch (final HttpStatusCodeException e) {
        throw new AuthorizationException(e.getStatusCode(), e);
    }
}
Also used : HttpHeaders(org.springframework.http.HttpHeaders) HttpEntity(org.springframework.http.HttpEntity) TokenResponse(uk.nhs.digital.intranet.json.TokenResponse) AuthorizationException(uk.nhs.digital.intranet.model.exception.AuthorizationException) AccessToken(uk.nhs.digital.intranet.model.AccessToken) HttpStatusCodeException(org.springframework.web.client.HttpStatusCodeException) MultiValueMap(org.springframework.util.MultiValueMap) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap)

Example 7 with AuthorizationException

use of uk.nhs.digital.intranet.model.exception.AuthorizationException in project hippo by NHS-digital-website.

the class AccessTokenValve method invoke.

@Override
public void invoke(final ValveContext context) throws ContainerException {
    try {
        final HstRequestContext requestContext = context.getRequestContext();
        final Optional<Cookie> cookieOptional = getCookie(requestContext.getServletRequest(), Constants.ACCESS_TOKEN_COOKIE_NAME);
        if (cookieOptional.isPresent()) {
            final Cookie cookie = cookieOptional.get();
            AccessToken accessToken = encoder.decode(cookie.getValue());
            if (accessToken.isExpired()) {
                try {
                    accessToken = getNewAccessToken(requestContext, accessToken);
                } catch (final AuthorizationException e) {
                    LOGGER.warn("Refresh token expired or not existent. User will need to login again.");
                    removeAccessToken(requestContext);
                    return;
                }
            }
            requestContext.setAttribute(Constants.ACCESS_TOKEN_PROPERTY_NAME, accessToken.getToken());
        }
    } finally {
        context.invokeNext();
    }
}
Also used : Cookie(javax.servlet.http.Cookie) AuthorizationException(uk.nhs.digital.intranet.model.exception.AuthorizationException) AccessToken(uk.nhs.digital.intranet.model.AccessToken) HstRequestContext(org.hippoecm.hst.core.request.HstRequestContext)

Aggregations

AuthorizationException (uk.nhs.digital.intranet.model.exception.AuthorizationException)7 AccessToken (uk.nhs.digital.intranet.model.AccessToken)6 Cookie (javax.servlet.http.Cookie)4 Test (org.junit.Test)3 HstRequestContext (org.hippoecm.hst.core.request.HstRequestContext)1 HttpEntity (org.springframework.http.HttpEntity)1 HttpHeaders (org.springframework.http.HttpHeaders)1 LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)1 MultiValueMap (org.springframework.util.MultiValueMap)1 HttpStatusCodeException (org.springframework.web.client.HttpStatusCodeException)1 TokenResponse (uk.nhs.digital.intranet.json.TokenResponse)1