Package org.wso2.carbon.identity.base

Examples of org.wso2.carbon.identity.base.IdentityException

206
207
208
209
210
211
212
213
            String value = authReq.getDestinationUrl(true);
            return value;
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            // Present error to the user
            throw new IdentityException(e.getMessage(), e);
        }
    }
View Full Code Here
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
            mode = response.getParameterValue(IdentityConstants.OpenId.ATTR_MODE);

            if (mode != null && IdentityConstants.OpenId.CANCEL.equals(mode)) {
                // User has denied sending his profile info :(
                throw new IdentityException("User has denied sending his profile info");
            }

            authSuccess = (AuthSuccess) verifyOpenID(request, response);

            claimList = new ArrayList<ClaimDTO>();

            for (Object alias : authSuccess.getExtensions()) {
                extension = OpenIDExtensionFactory.getInstance().getExtension((String) alias,
                        authSuccess);
                if (extension != null)
                    extension.setSessionAttributes(claimList);
            }

            openID = new OpenIDDTO();
            openID.setOpenID(authSuccess.getIdentity());
            openID.setClaims(claimList.toArray(new ClaimDTO[claimList.size()]));

            return openID;

        } catch (OpenIDException e) {
            log.error(e.getMessage());
            // Present error to the user.
            throw new IdentityException("OpenID authentication failed", e);
        }
    }
View Full Code Here
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
                if(authnMode.equals(SAMLSSOConstants.AuthnModes.OPENID) && !isExistingSession){
                    AuthnRequestProcessor authnRequestProcessor = new AuthnRequestProcessor();
                    try {
                        return authnRequestProcessor.process(validationResp, sessionId, rpSessionId, authnMode);
                    } catch (Exception e) {
                        throw new IdentityException("Error processing the Authentication Request", e);
                    }
                }
                if (isExistingSession) {
                    AuthnRequestProcessor authnRequestProcessor = new AuthnRequestProcessor();
                    try {
                        return authnRequestProcessor.process(validationResp, sessionId, rpSessionId, authnMode);
                    } catch (Exception e) {
                        throw new IdentityException("Error processing the Authentication Request", e);
                    }
                }
            }
            validationResp.setRpSessionId(rpSessionId);
            return validationResp;
View Full Code Here
76
77
78
79
80
81
82
83
        AuthnRequestProcessor authnRequestProcessor = new AuthnRequestProcessor();
        try {
            return authnRequestProcessor.process(authReqDTO, sessionId, false,
                                                 SAMLSSOConstants.AuthnModes.USERNAME_PASSWORD);
        } catch (Exception e) {
            throw new IdentityException("Error when authenticating the users", e);
        }
    }
View Full Code Here
367
368
369
370
371
372
373
374
375
376
                } else {
                    return doOpenIDSignUp(dto.getUserName(), dto.getOpenID());
                }
            }
        } catch (Exception e) {
            throw new IdentityException(e.getMessage(), e);
        }

        return false;
    }
View Full Code Here
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
        String cookie = null;
        ConfigurationContext configContext = null;
        String serverURL = null;

        if (request == null || response == null) {
            throw new IdentityException("Required attributes missing");
        }

        try {
            session = request.getSession();
            serverURL = CarbonUIUtil.getServerURL(session.getServletContext(), session);
            configContext = (ConfigurationContext) session.getServletContext().getAttribute(
                    CarbonConstants.CONFIGURATION_CONTEXT);
            cookie = (String) session.getAttribute(OpenIDAdminClient.OPENID_ADMIN_COOKIE);
            client = new OpenIDAdminClient(configContext, serverURL, cookie);

            if (OpenId.COMPLETE.equals(session.getAttribute(OpenId.ACTION))
                    || OpenId.CANCEL.equals(session.getAttribute(OpenId.ACTION))) {
                // Ready for authentication.
                paramList = (ParameterList) session.getAttribute(OpenId.PARAM_LIST);
            } else {
                // Extract the parameters from the request.Authentication not
                // completed.
                paramList = new ParameterList(request.getParameterMap());
            }

            if (paramList == null) {
                responseText = getErrorResponseText("Invalid OpenID authentication request");
                if (log.isDebugEnabled()) {
                    log.debug("Invalid OpenID authentication request :" + responseText);
                }
                directResponse(response, responseText);
                return null;
            }

            String mode = paramList.hasParameter(OpenId.ATTR_MODE) ? paramList
                    .getParameterValue(OpenId.ATTR_MODE) : null;

            if (log.isDebugEnabled()) {
                log.debug("OpenID authentication mode :" + mode);
            }

            if (OpenId.ASSOCIATE.equals(mode)) {
                responseText = client.getOpenIDAssociationResponse(OpenIDUtil
                        .getOpenIDAuthRequest(request));
                if (log.isDebugEnabled()) {
                    log.debug("Association created successfully");
                }
            } else if (OpenId.CHECKID_SETUP.equals(mode) || OpenId.CHECKID_IMMEDIATE.equals(mode)) {
                return checkSetupOrImmediate(request, paramList);
            } else if (OpenId.CHECK_AUTHENTICATION.equals(mode)) {
                responseText = client.verify(OpenIDUtil.getOpenIDAuthRequest(request));
                if (log.isDebugEnabled()) {
                    log.debug("Authentication verified successfully");
                }
            } else {
                // Error response - oops..!!! we did not get a valid OpenID
                // mode.
                responseText = getErrorResponseText("No valid OpenID found in the authentication request");
                if (log.isDebugEnabled()) {
                    log.debug("No valid OpenID found in the authentication request");
                }
            }
        } catch (Exception e) {
            responseText = getErrorResponseText(e.getMessage());
        }

        try {
            // Return the result to the user.
            directResponse(response, responseText);
        } catch (IOException e) {
            log.error(e.getMessage());
            throw new IdentityException("OpenID redirect reponse failed");
        }

        return null;
    }
View Full Code Here
220
221
222
223
224
225
226
227
228
229
230
        if (log.isDebugEnabled()) {
            log.debug("Authentication check for OpenID " + openId);
        }

        if (openId == null) {
            throw new IdentityException("Required attributes missing");
        }

        if (log.isDebugEnabled()) {
            log.debug("Authentication check for user " + openId);
        }
View Full Code Here
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
      // Set the default value
      issuerPolicy = TokenVerifierConstants.SELF_AND_MANGED;
    } else if (!(issuerPolicy.equals(TokenVerifierConstants.SELF_ONLY)
        || issuerPolicy.equals(TokenVerifierConstants.MANGED_ONLY) || issuerPolicy
        .equals(TokenVerifierConstants.SELF_AND_MANGED))) {
      throw new IdentityException("Invalid Issuer Policy!");
    }

    try {
      store = KeyStore.getInstance(storeType);
      stream = new FileInputStream(keyStore);
      store.load(stream, storePass.toCharArray());
      privateKey = (PrivateKey) store.getKey(keyAlias, keyPass.toCharArray());
      trustStore = store;
    } catch (Exception e) {
      throw new IdentityException("Cannot load the private key", e);
    } finally {
      if (stream != null) {
        try {
          stream.close();
        } catch (IOException e) {
          log.error("Error while closing system keystore file", e);
        }
      }
    }

    // Step 2: Reading Token validate policy - Promiscuous/BlackList/WhiteList/CertValidate

    // Promiscuous - In this mode, all tokens that has a valid signature are allowed
    // CertValidate - In this mode, all tokens that has a valid signature by an IdP who has a
    // trusted certificate are allowed
    // WhiteList - First CertValidity checked and after that if the issuer
    // DN is in the white list, the token is allowed
    // BlackList - First CertValidity checked and after that if the issuer
    // DN is not listed in the BlackList, the token is allowed

    validatePolicy = IdentityUtil.getProperty(ServerConfig.TOKEN_VALIDATE_POLICY);

    if (validatePolicy == null || validatePolicy.trim().length() == 0) {
      validatePolicy = TokenVerifierConstants.CERT_VALIDATE;
    }

    // Step 3: Reading parameters of each policy

    if (validatePolicy.equals(TokenVerifierConstants.BLACK_LIST)) {
      String value = IdentityUtil.getProperty(ServerConfig.BLACK_LIST);
      if (value != null) {
        blackList = readBlackWhiteList(value);
      }
    } else if (validatePolicy.equals(TokenVerifierConstants.WHITE_LIST)) {
      String value = IdentityUtil.getProperty(ServerConfig.WHITE_LIST);
      if (value != null) {
        whiteList = readBlackWhiteList(value);
      }
    }

    if (validatePolicy.equals(TokenVerifierConstants.WHITE_LIST)
        || validatePolicy.equals(TokenVerifierConstants.BLACK_LIST)
        || validatePolicy.equals(TokenVerifierConstants.CERT_VALIDATE)) {

      String javaHome = null;
      String defaultKeyStore = null;
      FileInputStream fileStream = null;
      KeyStore sysKS = null;

      String defaultStorePass = IdentityUtil.getProperty(ServerConfig.SYSTEM_KEY_STORE_PASS);
      if (defaultStorePass == null) {
        // assume that it hasn't been changed
        defaultStorePass = "changeit";
      }

      javaHome = System.getenv("JAVA_HOME");

      if (javaHome == null) {
        throw new IdentityException("Cannot find JAVA_HOME");
      }

      defaultKeyStore = IdentityUtil.getProperty(ServerConfig.SYSTEM_KEY_STORE);

      if (defaultKeyStore != null && defaultKeyStore.trim().length() > 0) {
        defaultKeyStore = javaHome + defaultKeyStore;
      } else {
        if (File.separator.equals("/")) {
          defaultKeyStore = javaHome + TokenVerifierConstants.CACERTS_STORE_UNIX;
        } else {
          defaultKeyStore = javaHome + TokenVerifierConstants.CACERTS_STORE_WIN;
        }
      }

      try {
        fileStream = new FileInputStream(defaultKeyStore);
        sysKS = KeyStore.getInstance("JKS");
        sysKS.load(fileStream, defaultStorePass.toCharArray());
        this.systemStore = sysKS;
            } catch (RuntimeException e){
                throw e;
      } catch (Exception e) {
        throw new IdentityException("Cannot load system key store");
      } finally {
        if (fileStream != null) {
          try {
            fileStream.close();
          } catch (IOException e) {
View Full Code Here
59
60
61
62
63
64
65
66
67
68
69
        try {
      uri = new URI(rquestUrl);
      path = uri.getPath();
    } catch (URISyntaxException e) {
      throw new IdentityException("Invalid OpenID", e);
    }

    caller = path.substring(path.indexOf(contextPath)
        + contextPath.length(), path.length());
    return caller;
View Full Code Here
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
        try {
            uri = new URI(openID);
        } catch (URISyntaxException e) {
            log.error("Invalid OpenID URL :" + openID, e);
            throw new IdentityException("Invalid OpenID URL");
        }

        try {
            url = uri.normalize().toURL();
            if (url.getQuery() != null || url.getRef() != null) {
                log.error("Invalid user name for OpenID :" + openID);
                throw new IdentityException("Invalid user name for OpenID");
            }
        } catch (MalformedURLException e) {
            log.error("Malformed OpenID URL :" + openID, e);
            throw new IdentityException("Malformed OpenID URL");
        }

        openID = url.toString();

        if (log.isDebugEnabled()) {
View Full Code Here
TOP

Related Classes of org.wso2.carbon.identity.base.IdentityException

  • com.hazelcast.config.Config
  • com.hazelcast.config.GroupConfig
  • com.hazelcast.config.NetworkConfig
  • com.icegreen.greenmail.util.GreenMail
  • org.apache.axis2.client.Options
  • org.apache.axis2.clustering.ClusteringFault
  • org.apache.axis2.description.Parameter
  • org.apache.commons.fileupload.FileItem
  • org.apache.stratos.autoscaler.registry.RegistryManager
  • org.apache.stratos.cartridge.agent.data.publisher.DataPublisher
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.