Java tutorial
/** * personium.io * Copyright 2014 FUJITSU LIMITED * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.fujitsu.dc.core; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.ResponseBuilder; import org.apache.http.HttpStatus; import org.json.simple.JSONObject; import com.fujitsu.dc.core.DcCoreMessageUtils.Severity; import com.fujitsu.dc.core.auth.OAuth2Helper.Error; import com.fujitsu.dc.core.auth.OAuth2Helper.Key; import com.fujitsu.dc.core.auth.OAuth2Helper.Scheme; /** * ?. */ /** * @author naoki */ @SuppressWarnings("serial") public final class DcCoreAuthnException extends DcCoreException { /** * Grant-Type??. */ public static final DcCoreAuthnException UNSUPPORTED_GRANT_TYPE = create("PR400-AN-0001", Error.UNSUPPORTED_GRANT_TYPE); /** * dc_target?. */ public static final DcCoreAuthnException INVALID_TARGET = create("PR400-AN-0002", Error.INVALID_REQUEST); /** * Client Sercret . */ public static final DcCoreAuthnException CLIENT_SERCRET_PARSE_ERROR = create("PR400-AN-0003", Error.INVALID_CLIENT); /** * Client Sercret ??. */ public static final DcCoreAuthnException CLIENT_SERCRET_EXPIRED = create("PR400-AN-0004", Error.INVALID_CLIENT); /** * Client Sercret ??. */ public static final DcCoreAuthnException CLIENT_SERCRET_DSIG_INVALID = create("PR400-AN-0005", Error.INVALID_CLIENT); /** * Client Sercret ?Issuer?ID??????. */ public static final DcCoreAuthnException CLIENT_SERCRET_ISSUER_MISMATCH = create("PR400-AN-0006", Error.INVALID_CLIENT); /** * Client Sercret ?????. */ public static final DcCoreAuthnException CLIENT_SERCRET_TARGET_WRONG = create("PR400-AN-0007", Error.INVALID_CLIENT); /** * ?????????. */ public static final DcCoreAuthnException TC_ACCESS_REPRESENTING_OWNER = create("PR400-AN-0008", Error.INVALID_GRANT); /** * . */ public static final DcCoreAuthnException TOKEN_PARSE_ERROR = create("PR400-AN-0009", Error.INVALID_GRANT); /** * ?. */ public static final DcCoreAuthnException TOKEN_EXPIRED = create("PR400-AN-0010", Error.INVALID_GRANT); /** * ??. */ public static final DcCoreAuthnException TOKEN_DSIG_INVALID = create("PR400-AN-0011", Error.INVALID_GRANT); /** * ?????. * {0}:?URL */ public static final DcCoreAuthnException TOKEN_TARGET_WRONG = create("PR400-AN-0012", Error.INVALID_GRANT); /** * ???. */ public static final DcCoreAuthnException NOT_REFRESH_TOKEN = create("PR400-AN-0013", Error.INVALID_GRANT); /** * ??????????. */ public static final DcCoreAuthnException NOT_ALLOWED_REPRESENT_OWNER = create("PR400-AN-0014", Error.INVALID_GRANT); /** * ??????????. */ public static final DcCoreAuthnException NO_CELL_OWNER = create("PR400-AN-0015", Error.INVALID_GRANT); /** * ??. * {0}:?? */ public static final DcCoreAuthnException REQUIRED_PARAM_MISSING = create("PR400-AN-0016", Error.INVALID_REQUEST); /** * ?. */ public static final DcCoreAuthnException AUTHN_FAILED = create("PR400-AN-0017", Error.INVALID_GRANT); /** * ??. */ public static final DcCoreAuthnException AUTH_HEADER_IS_INVALID = create("PR400-AN-0018", Error.INVALID_CLIENT); /** * Account. */ public static final DcCoreAuthnException ACCOUNT_LOCK_ERROR = create("PR400-AN-0019", Error.INVALID_GRANT); /** * ??. */ public static void loadConfig() { } String error; String realm; /** * . * @param status HTTP? * @param severity * @param code * @param message * @param error OAuth?? * @param realm WWWW-Authenticate??????realm? */ DcCoreAuthnException(final String code, final Severity severity, final String message, final int status, final String error, final String realm) { super(code, severity, message, status); this.error = error; this.realm = realm; } /** * realm???. * @param realm2set realm * @return CoreAuthnException */ public DcCoreAuthnException realm(String realm2set) { // ? return new DcCoreAuthnException(this.code, this.severity, this.message, this.status, this.error, realm2set); } @SuppressWarnings("unchecked") @Override public Response createResponse() { JSONObject errorJson = new JSONObject(); errorJson.put(Key.ERROR, this.error); String errDesc = String.format("[%s] - %s", this.code, this.message); errorJson.put(Key.ERROR_DESCRIPTION, errDesc); int statusCode = parseCode(this.code); ResponseBuilder rb = Response.status(statusCode) .header(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON).entity(errorJson.toJSONString()); // ??????WWW-Authenticate?? // __auth?????(401?)????? Auth Scheme?Basic???????????? if (this.realm != null && statusCode == HttpStatus.SC_UNAUTHORIZED) { rb = rb.header(HttpHeaders.WWW_AUTHENTICATE, Scheme.BASIC + " realm=\"" + this.realm + "\""); } return rb.build(); } /** * ?????????. * @param t * @return DcCoreException */ public DcCoreException reason(final Throwable t) { // ??? DcCoreException ret = new DcCoreAuthnException(this.code, this.severity, this.message, this.status, this.error, this.realm); // ret.setStackTrace(t.getStackTrace()); return ret; } /** * . * @param code DC * @param error OAuth2 * @return DcCoreException */ public static DcCoreAuthnException create(String code, String error) { int statusCode = DcCoreException.parseCode(code); // ?? Severity severity = DcCoreMessageUtils.getSeverity(code); if (severity == null) { // ???????????? severity = decideSeverity(statusCode); } // ?? String message = DcCoreMessageUtils.getMessage(code); return new DcCoreAuthnException(code, severity, message, statusCode, error, null); } }