Java tutorial
/** * personium.io * Copyright 2014 FUJITSU LIMITED * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.fujitsu.dc.core; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.ResponseBuilder; import org.apache.http.HttpStatus; import com.fujitsu.dc.core.DcCoreMessageUtils.Severity; import com.fujitsu.dc.core.auth.OAuth2Helper.AcceptableAuthScheme; import com.fujitsu.dc.core.auth.OAuth2Helper.Scheme; import com.fujitsu.dc.core.exceptions.ODataErrorMessage; /** * ?(PR401-AU-xxxx)?????. */ @SuppressWarnings("serial") public final class DcCoreAuthzException extends DcCoreException { /** * ???. */ public static final DcCoreAuthzException AUTHORIZATION_REQUIRED = create("PR401-AU-0001"); /** * ?. */ public static final DcCoreAuthzException EXPIRED_ACCESS_TOKEN = create("PR401-AU-0002"); /** * AuthenticationScheme?. */ public static final DcCoreAuthzException INVALID_AUTHN_SCHEME = create("PR401-AU-0003"); /** * ???. */ public static final DcCoreAuthzException BASIC_AUTH_FORMAT_ERROR = create("PR401-AU-0004"); /** * . */ public static final DcCoreAuthzException TOKEN_PARSE_ERROR = create("PR401-AU-0006"); /** * ??. */ public static final DcCoreAuthzException ACCESS_WITH_REFRESH_TOKEN = create("PR401-AU-0007"); /** * ??. */ public static final DcCoreAuthzException TOKEN_DISG_ERROR = create("PR401-AU-0008"); /** * ?. */ public static final DcCoreAuthzException COOKIE_AUTHENTICATION_FAILED = create("PR401-AU-0009"); /** * ?(Account). */ public static final DcCoreAuthzException BASIC_AUTHENTICATION_FAILED_IN_ACCOUNT_LOCK = create("PR401-AU-0010"); /** * ?. */ public static final DcCoreAuthzException BASIC_AUTHENTICATION_FAILED = create("PR401-AU-0011"); /** * ??. */ public static void loadConfig() { } String realm; AcceptableAuthScheme authScheme = AcceptableAuthScheme.ALL; // ???Basic/Bearer???????? /** * . * @param status HTTP? * @param severity * @param code * @param message * @param error OAuth?? * @param realm WWWW-Authenticate??????realm? * @param authScheme ???AuthScheme? */ DcCoreAuthzException(final String code, final Severity severity, final String message, final int status, final String realm, final AcceptableAuthScheme authScheme) { super(code, severity, message, status); this.realm = realm; this.authScheme = authScheme; } /** * realm???. * @param realm2set realm * @return CoreAuthnException */ public DcCoreAuthzException realm(String realm2set) { // ? return new DcCoreAuthzException(this.code, this.severity, this.message, this.status, realm2set, AcceptableAuthScheme.ALL); } /** * realm???. * @param realm2set realm * @param acceptableAuthScheme ???AuthScheme? * @return CoreAuthnException */ public DcCoreAuthzException realm(String realm2set, AcceptableAuthScheme acceptableAuthScheme) { // ? return new DcCoreAuthzException(this.code, this.severity, this.message, this.status, realm2set, acceptableAuthScheme); } @Override public Response createResponse() { ResponseBuilder rb = Response.status(HttpStatus.SC_UNAUTHORIZED) .header(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON) .entity(new ODataErrorMessage(code, message)); // ??????WWW-Authenticate?? if (null != this.realm) { switch (this.authScheme) { case BEARER: rb = rb.header(HttpHeaders.WWW_AUTHENTICATE, Scheme.BEARER + " realm=\"" + this.realm + "\""); break; case BASIC: rb = rb.header(HttpHeaders.WWW_AUTHENTICATE, Scheme.BASIC + " realm=\"" + this.realm + "\""); break; default: // ????Bearer/Basic??? rb = rb.header(HttpHeaders.WWW_AUTHENTICATE, Scheme.BEARER + " realm=\"" + this.realm + "\""); rb = rb.header(HttpHeaders.WWW_AUTHENTICATE, Scheme.BASIC + " realm=\"" + this.realm + "\""); break; } } return rb.build(); } /** * ?????????. * @param t * @return DcCoreException */ public DcCoreException reason(final Throwable t) { // ??? DcCoreException ret = new DcCoreAuthzException(this.code, this.severity, this.message, this.status, this.realm, this.authScheme); // ret.setStackTrace(t.getStackTrace()); return ret; } /** * . * @param code DC * @return DcCoreException */ public static DcCoreAuthzException create(String code) { int statusCode = DcCoreException.parseCode(code); // ?? Severity severity = DcCoreMessageUtils.getSeverity(code); if (severity == null) { // ???????????? severity = decideSeverity(statusCode); } // ?? String message = DcCoreMessageUtils.getMessage(code); return new DcCoreAuthzException(code, severity, message, statusCode, null, AcceptableAuthScheme.ALL); } }