org.apache.oltu.oauth2.as.response.OAuthASResponse Java Examples
The following examples show how to use
org.apache.oltu.oauth2.as.response.OAuthASResponse.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: OpenIDConnectUserEndpoint.java From carbon-identity with Apache License 2.0 | 6 votes |
|
/**
* Build the error message response properly
*
* @param e
* @return
* @throws OAuthSystemException
*/
private Response handleError(UserInfoEndpointException e) throws OAuthSystemException {
log.debug(e);
OAuthResponse res = null;
try {
res =
OAuthASResponse.errorResponse(HttpServletResponse.SC_BAD_REQUEST)
.setError(e.getErrorCode()).setErrorDescription(e.getErrorMessage())
.buildJSONMessage();
} catch (OAuthSystemException e1) {
log.error("Error while building the JSON message", e1);
OAuthResponse response =
OAuthASResponse.errorResponse(HttpServletResponse.SC_INTERNAL_SERVER_ERROR)
.setError(OAuth2ErrorCodes.SERVER_ERROR)
.setErrorDescription(e1.getMessage()).buildJSONMessage();
return Response.status(response.getResponseStatus()).entity(response.getBody()).build();
}
return Response.status(res.getResponseStatus()).entity(res.getBody()).build();
}
Example #2
| Source File: OAuth2TokenEndpoint.java From carbon-identity with Apache License 2.0 | 5 votes |
|
private Response handleBasicAuthFailure() throws OAuthSystemException {
OAuthResponse response = OAuthASResponse.errorResponse(HttpServletResponse.SC_UNAUTHORIZED)
.setError(OAuth2ErrorCodes.INVALID_CLIENT)
.setErrorDescription("Client Authentication failed.").buildJSONMessage();
return Response.status(response.getResponseStatus())
.header(OAuthConstants.HTTP_RESP_HEADER_AUTHENTICATE, EndpointUtil.getRealmInfo())
.entity(response.getBody()).build();
}
Example #3
| Source File: OAuth2TokenEndpoint.java From carbon-identity with Apache License 2.0 | 5 votes |
|
private Response handleServerError() throws OAuthSystemException {
OAuthResponse response = OAuthASResponse.errorResponse(HttpServletResponse.SC_INTERNAL_SERVER_ERROR).
setError(OAuth2ErrorCodes.SERVER_ERROR).setErrorDescription("Internal Server Error.").buildJSONMessage();
return Response.status(response.getResponseStatus()).header(OAuthConstants.HTTP_RESP_HEADER_AUTHENTICATE,
EndpointUtil.getRealmInfo()).entity(response.getBody()).build();
}
Example #4
| Source File: OAuth2TokenEndpoint.java From carbon-identity with Apache License 2.0 | 5 votes |
|
private Response handleSQLError() throws OAuthSystemException {
OAuthResponse response = OAuthASResponse.errorResponse(HttpServletResponse.SC_BAD_GATEWAY).
setError(OAuth2ErrorCodes.SERVER_ERROR).setErrorDescription("Service Unavailable Error.").buildJSONMessage();
return Response.status(response.getResponseStatus()).header(OAuthConstants.HTTP_RESP_HEADER_AUTHENTICATE,
EndpointUtil.getRealmInfo()).entity(response.getBody()).build();
}
Example #5
| Source File: OAuth2AuthzEndpoint.java From carbon-identity with Apache License 2.0 | 4 votes |
|
/**
* prompt : none
* The Authorization Server MUST NOT display any authentication
* or consent user interface pages. An error is returned if the
* End-User is not already authenticated or the Client does not
* have pre-configured consent for the requested scopes. This
* can be used as a method to check for existing authentication
* and/or consent.
* <p/>
* prompt : consent
* The Authorization Server MUST prompt the End-User for consent before
* returning information to the Client.
* <p/>
* prompt Error : consent_required
* The Authorization Server requires End-User consent. This
* error MAY be returned when the prompt parameter in the
* Authorization Request is set to none to request that the
* Authorization Server should not display any user
* interfaces to the End-User, but the Authorization Request
* cannot be completed without displaying a user interface
* for End-User consent.
*
* @param sessionDataCacheEntry
* @return
* @throws OAuthSystemException
*/
private String doUserAuthz(HttpServletRequest request, String sessionDataKey,
SessionDataCacheEntry sessionDataCacheEntry)
throws OAuthSystemException {
OAuth2Parameters oauth2Params = sessionDataCacheEntry.getoAuth2Parameters();
AuthenticatedUser user = sessionDataCacheEntry.getLoggedInUser();
String loggedInUser = user.getAuthenticatedSubjectIdentifier();
boolean skipConsent = EndpointUtil.getOAuthServerConfiguration().getOpenIDConnectSkipeUserConsentConfig();
// load the users approved applications to skip consent
String appName = oauth2Params.getApplicationName();
boolean hasUserApproved = OpenIDConnectUserRPStore.getInstance().hasUserApproved(user, appName,
oauth2Params.getClientId());
String consentUrl;
String errorResponse = OAuthASResponse.errorResponse(HttpServletResponse.SC_FOUND)
.setError(OAuth2ErrorCodes.ACCESS_DENIED)
.location(oauth2Params.getRedirectURI())
.setState(oauth2Params.getState()).buildQueryMessage()
.getLocationUri();
consentUrl = EndpointUtil.getUserConsentURL(oauth2Params, loggedInUser, sessionDataKey,
OAuth2Util.isOIDCAuthzRequest(oauth2Params.getScopes()) ? true : false);
//Skip the consent page if User has provided approve always or skip consent from file
if ((OAuthConstants.Prompt.CONSENT).equals(oauth2Params.getPrompt())) {
return consentUrl;
} else if ((OAuthConstants.Prompt.NONE).equals(oauth2Params.getPrompt())) {
//Returning error if the user has not previous session
if (sessionDataCacheEntry.getLoggedInUser() == null) {
return errorResponse;
} else {
if (skipConsent || hasUserApproved) {
return handleUserConsent(request, APPROVE, oauth2Params, sessionDataCacheEntry);
} else {
return errorResponse;
}
}
} else if (((OAuthConstants.Prompt.LOGIN).equals(oauth2Params.getPrompt()) || StringUtils.isBlank(oauth2Params.getPrompt()))) {
if (skipConsent || hasUserApproved) {
return handleUserConsent(request, APPROVE, oauth2Params, sessionDataCacheEntry);
} else {
return consentUrl;
}
} else {
return StringUtils.EMPTY;
}
}
