@POST
@Consumes({UmaConstants.JSON_MEDIA_TYPE})
@Produces({UmaConstants.JSON_MEDIA_TYPE})
@ApiOperation(
value = "Registers permission using the POST method",
consumes = UmaConstants.JSON_MEDIA_TYPE,
produces = UmaConstants.JSON_MEDIA_TYPE,
notes =
"The resource server uses the POST method at the endpoint. The body of the HTTP request message contains a JSON object providing the requested permission, using a format derived from the scope description format specified in [OAuth-resource-reg], as follows. The object has the following properties:")
@ApiResponses(
value = {
@ApiResponse(code = 401, message = "Unauthorized"),
@ApiResponse(code = 400, message = "Bad Request")
})
public Response registerResourceSetPermission(
@Context HttpServletRequest request,
@HeaderParam("Authorization") String authorization,
@HeaderParam("Host") String amHost,
@ApiParam(
value =
"The identifier for a resource set to which this client is seeking access. The identifier MUST correspond to a resource set that was previously registered.",
required = true)
RegisterPermissionRequest resourceSetPermissionRequest) {
try {
umaValidationService.validateAuthorizationWithProtectScope(authorization);
String validatedAmHost = umaValidationService.validateAmHost(amHost);
umaValidationService.validateAuthorizationWithProtectScope(authorization);
umaValidationService.validateResourceSet(resourceSetPermissionRequest);
return registerResourceSetPermissionImpl(
request, authorization, validatedAmHost, resourceSetPermissionRequest);
} catch (Exception ex) {
if (ex instanceof WebApplicationException) {
throw (WebApplicationException) ex;
}
log.error("Exception happened", ex);
throw new WebApplicationException(
Response.status(Response.Status.INTERNAL_SERVER_ERROR)
.entity(
errorResponseFactory.getUmaJsonErrorResponse(UmaErrorResponseType.SERVER_ERROR))
.build());
}
}
private void handleExternalScopes(List<String> p_scopeUrls, List<String> result)
throws LDAPException {
for (String scopeUrl : p_scopeUrls) {
final Filter filter = Filter.create(String.format("&(oxUrl=%s)", scopeUrl));
final List<ScopeDescription> entries =
ldapEntryManager.findEntries(baseDn(), ScopeDescription.class, filter);
if (entries != null && !entries.isEmpty()) {
result.add(entries.get(0).getDn());
} else { // scope is not in ldap, add it dynamically
final Boolean addAutomatically =
ConfigurationFactory.instance().getConfiguration().getUmaAddScopesAutomatically();
if (addAutomatically != null && addAutomatically) {
final String inum = inumService.generateInum();
final ScopeDescription newScope = new ScopeDescription();
newScope.setInum(inum);
newScope.setUrl(scopeUrl);
newScope.setDisplayName(
scopeUrl); // temp solution : need extract info from scope description on resource
// server
newScope.setId(
UmaScopeType.EXTERNAL_AUTO
.getValue()); // dummy id : not sure what to put right now as id is required by
// @NotNull annotation
newScope.setType(InternalExternal.EXTERNAL_AUTO);
final boolean persisted = persist(newScope);
if (persisted) {
result.add(newScope.getDn());
}
} else {
throw new WebApplicationException(
Response.status(Response.Status.BAD_REQUEST)
.entity(
errorResponseFactory.getUmaJsonErrorResponse(
UmaErrorResponseType.INVALID_RESOURCE_SET_SCOPE))
.build());
}
}
}
}
