Handling Exception - when admin user is not found in UG as it needs to be activated via external provider.
Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/b583207a Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/b583207a Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/b583207a Branch: refs/heads/apigee-sso-provider Commit: b583207ab9ce373300af0e19ea9a04014461a431 Parents: 3ba4e59 Author: Ayesha Dastagiri <[email protected]> Authored: Fri Jul 8 08:34:03 2016 -0700 Committer: Ayesha Dastagiri <[email protected]> Committed: Fri Jul 8 08:34:03 2016 -0700 ---------------------------------------------------------------------- .../org/apache/usergrid/rest/exceptions/AuthErrorInfo.java | 1 + .../shiro/filters/OAuth2AccessTokenSecurityFilter.java | 6 +++++- .../org/apache/usergrid/security/sso/ApigeeSSO2Provider.java | 3 ++- .../usergrid/security/tokens/cassandra/TokenServiceImpl.java | 7 ++++++- 4 files changed, 14 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/usergrid/blob/b583207a/stack/rest/src/main/java/org/apache/usergrid/rest/exceptions/AuthErrorInfo.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/exceptions/AuthErrorInfo.java b/stack/rest/src/main/java/org/apache/usergrid/rest/exceptions/AuthErrorInfo.java index 5aff66d..8b7b969 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/exceptions/AuthErrorInfo.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/exceptions/AuthErrorInfo.java @@ -43,6 +43,7 @@ public enum AuthErrorInfo { INVALID_USERNAME_OR_PASSWORD_ERROR( "auth_invalid_username_or_password", "Unable to authenticate due to username or password being incorrect" ), // UNVERIFIED_OAUTH_ERROR( "auth_unverified_oath", "Unable to authenticate OAuth credentials" ), // + EXTERNALSSOPROVIDER_UNACTIVATED_ADMINUSER("externalssoprovider_unactivated_adminuser","Admin user needs to be activated via the external provider"), NO_DOMAIN_ERROR( "auth_no_application", "Unable to authenticate due to application not found" ), // NOT_DOMAIN_OWNER_ERROR( "auth_not_application_owner", "" ), // EXPIRED_ACCESS_TOKEN_ERROR( "expired_token", "Unable to authenticate due to expired access token" ), // http://git-wip-us.apache.org/repos/asf/usergrid/blob/b583207a/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/OAuth2AccessTokenSecurityFilter.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/OAuth2AccessTokenSecurityFilter.java b/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/OAuth2AccessTokenSecurityFilter.java index ca040e8..4132dd3 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/OAuth2AccessTokenSecurityFilter.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/OAuth2AccessTokenSecurityFilter.java @@ -27,6 +27,7 @@ import org.apache.shiro.subject.Subject; import org.apache.usergrid.management.ApplicationInfo; import org.apache.usergrid.management.OrganizationInfo; import org.apache.usergrid.management.UserInfo; +import org.apache.usergrid.management.exceptions.ExternalSSOProviderAdminUserNotFoundExceptions; import org.apache.usergrid.management.exceptions.ManagementException; import org.apache.usergrid.security.AuthPrincipalInfo; import org.apache.usergrid.security.AuthPrincipalType; @@ -108,7 +109,10 @@ public class OAuth2AccessTokenSecurityFilter extends SecurityFilter implements C throw mappableSecurityException( EXPIRED_ACCESS_TOKEN_ERROR ); } catch (InvalidTokenException ite) { throw mappableSecurityException( INVALID_AUTH_ERROR ); - } catch (IndexOutOfBoundsException ioobe) { + } + catch (ExternalSSOProviderAdminUserNotFoundExceptions eAdminUserNotFound){ + throw mappableSecurityException(EXTERNALSSOPROVIDER_UNACTIVATED_ADMINUSER); + } catch(IndexOutOfBoundsException ioobe) { // token is just some rubbish string throw mappableSecurityException( BAD_ACCESS_TOKEN_ERROR ); } catch (Exception e) { http://git-wip-us.apache.org/repos/asf/usergrid/blob/b583207a/stack/services/src/main/java/org/apache/usergrid/security/sso/ApigeeSSO2Provider.java ---------------------------------------------------------------------- diff --git a/stack/services/src/main/java/org/apache/usergrid/security/sso/ApigeeSSO2Provider.java b/stack/services/src/main/java/org/apache/usergrid/security/sso/ApigeeSSO2Provider.java index de10591..9871cc7 100644 --- a/stack/services/src/main/java/org/apache/usergrid/security/sso/ApigeeSSO2Provider.java +++ b/stack/services/src/main/java/org/apache/usergrid/security/sso/ApigeeSSO2Provider.java @@ -20,6 +20,7 @@ import io.jsonwebtoken.*; import org.apache.usergrid.corepersistence.util.CpNamingUtils; import org.apache.usergrid.management.ManagementService; import org.apache.usergrid.management.UserInfo; +import org.apache.usergrid.management.exceptions.ExternalSSOProviderAdminUserNotFoundExceptions; import org.apache.usergrid.security.AuthPrincipalInfo; import org.apache.usergrid.security.AuthPrincipalType; import org.apache.usergrid.security.tokens.TokenInfo; @@ -81,7 +82,7 @@ public class ApigeeSSO2Provider implements ExternalSSOProvider { UserInfo userInfo = validateAndReturnUserInfo(token, ttl); if(userInfo == null){ - throw new RuntimeException("Unable to load user from token: "+token); + throw new ExternalSSOProviderAdminUserNotFoundExceptions("Unable to load user from token: "+token); } return new TokenInfo(UUIDUtils.newTimeUUID(), "access", 1, 1, 1, ttl, http://git-wip-us.apache.org/repos/asf/usergrid/blob/b583207a/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java ---------------------------------------------------------------------- diff --git a/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java b/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java index 14d685c..dc61b7f 100644 --- a/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java +++ b/stack/services/src/main/java/org/apache/usergrid/security/tokens/cassandra/TokenServiceImpl.java @@ -794,7 +794,12 @@ public class TokenServiceImpl implements TokenService { } private String getExternalSSOProvider(){ - return properties.getProperty(USERGRID_EXTERNAL_PROVIDER); + try { + return properties.getProperty(USERGRID_EXTERNAL_PROVIDER); + } + catch(NullPointerException e ){ + throw new IllegalArgumentException("External SSO provider is enabled but the provider name is empty"); + } } /**
