com.fujitsu.dc.core.DcCoreAuthzException.java Source code

Java tutorial

Introduction

Here is the source code for com.fujitsu.dc.core.DcCoreAuthzException.java

Source

/**
 * personium.io
 * Copyright 2014 FUJITSU LIMITED
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package com.fujitsu.dc.core;

import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.ResponseBuilder;

import org.apache.http.HttpStatus;

import com.fujitsu.dc.core.DcCoreMessageUtils.Severity;
import com.fujitsu.dc.core.auth.OAuth2Helper.AcceptableAuthScheme;
import com.fujitsu.dc.core.auth.OAuth2Helper.Scheme;
import com.fujitsu.dc.core.exceptions.ODataErrorMessage;

/**
 * ?(PR401-AU-xxxx)?????.
 */
@SuppressWarnings("serial")
public final class DcCoreAuthzException extends DcCoreException {

    /**
     * ???.
     */
    public static final DcCoreAuthzException AUTHORIZATION_REQUIRED = create("PR401-AU-0001");
    /**
     * ?.
     */
    public static final DcCoreAuthzException EXPIRED_ACCESS_TOKEN = create("PR401-AU-0002");
    /**
     * AuthenticationScheme?.
     */
    public static final DcCoreAuthzException INVALID_AUTHN_SCHEME = create("PR401-AU-0003");
    /**
     * ???.
     */
    public static final DcCoreAuthzException BASIC_AUTH_FORMAT_ERROR = create("PR401-AU-0004");

    /**
     * .
     */
    public static final DcCoreAuthzException TOKEN_PARSE_ERROR = create("PR401-AU-0006");
    /**
     * ??.
     */
    public static final DcCoreAuthzException ACCESS_WITH_REFRESH_TOKEN = create("PR401-AU-0007");
    /**
     * ??.
     */
    public static final DcCoreAuthzException TOKEN_DISG_ERROR = create("PR401-AU-0008");
    /**
     * ?.
     */
    public static final DcCoreAuthzException COOKIE_AUTHENTICATION_FAILED = create("PR401-AU-0009");

    /**
     * ?(Account).
     */
    public static final DcCoreAuthzException BASIC_AUTHENTICATION_FAILED_IN_ACCOUNT_LOCK = create("PR401-AU-0010");

    /**
     * ?.
     */
    public static final DcCoreAuthzException BASIC_AUTHENTICATION_FAILED = create("PR401-AU-0011");

    /**
     * ??.
     */
    public static void loadConfig() {
    }

    String realm;
    AcceptableAuthScheme authScheme = AcceptableAuthScheme.ALL; // ???Basic/Bearer????????

    /**
     * .
     * @param status HTTP?
     * @param severity
     * @param code 
     * @param message 
     * @param error OAuth??
     * @param realm WWWW-Authenticate??????realm?
     * @param authScheme ???AuthScheme?
     */
    DcCoreAuthzException(final String code, final Severity severity, final String message, final int status,
            final String realm, final AcceptableAuthScheme authScheme) {
        super(code, severity, message, status);
        this.realm = realm;
        this.authScheme = authScheme;
    }

    /**
     * realm???.
     * @param realm2set realm
     * @return CoreAuthnException
     */
    public DcCoreAuthzException realm(String realm2set) {
        // ?
        return new DcCoreAuthzException(this.code, this.severity, this.message, this.status, realm2set,
                AcceptableAuthScheme.ALL);
    }

    /**
     * realm???.
     * @param realm2set realm
     * @param acceptableAuthScheme ???AuthScheme?
     * @return CoreAuthnException
     */
    public DcCoreAuthzException realm(String realm2set, AcceptableAuthScheme acceptableAuthScheme) {
        // ?
        return new DcCoreAuthzException(this.code, this.severity, this.message, this.status, realm2set,
                acceptableAuthScheme);
    }

    @Override
    public Response createResponse() {
        ResponseBuilder rb = Response.status(HttpStatus.SC_UNAUTHORIZED)
                .header(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON)
                .entity(new ODataErrorMessage(code, message));

        // ??????WWW-Authenticate??
        if (null != this.realm) {
            switch (this.authScheme) {
            case BEARER:
                rb = rb.header(HttpHeaders.WWW_AUTHENTICATE, Scheme.BEARER + " realm=\"" + this.realm + "\"");
                break;
            case BASIC:
                rb = rb.header(HttpHeaders.WWW_AUTHENTICATE, Scheme.BASIC + " realm=\"" + this.realm + "\"");
                break;
            default: // ????Bearer/Basic???
                rb = rb.header(HttpHeaders.WWW_AUTHENTICATE, Scheme.BEARER + " realm=\"" + this.realm + "\"");
                rb = rb.header(HttpHeaders.WWW_AUTHENTICATE, Scheme.BASIC + " realm=\"" + this.realm + "\"");
                break;
            }
        }
        return rb.build();
    }

    /**
     * ?????????.
     * @param t 
     * @return DcCoreException
     */
    public DcCoreException reason(final Throwable t) {
        // ???
        DcCoreException ret = new DcCoreAuthzException(this.code, this.severity, this.message, this.status,
                this.realm, this.authScheme);
        // 
        ret.setStackTrace(t.getStackTrace());
        return ret;
    }

    /**
     * .
     * @param code DC
     * @return DcCoreException
     */
    public static DcCoreAuthzException create(String code) {
        int statusCode = DcCoreException.parseCode(code);

        // ??
        Severity severity = DcCoreMessageUtils.getSeverity(code);
        if (severity == null) {
            // ????????????
            severity = decideSeverity(statusCode);
        }

        // ??
        String message = DcCoreMessageUtils.getMessage(code);

        return new DcCoreAuthzException(code, severity, message, statusCode, null, AcceptableAuthScheme.ALL);
    }
}