146 ResourceStore resourceStore = this.
authorization.getStoreFactory().getResourceStore();
147 Resource resource = resourceStore.findById(resourceId,
resourceServer.getId());
149 if (resource == null) {
150 throw new ErrorResponseException(OAuthErrorException.INVALID_REQUEST,
"Resource [" + resourceId +
"] cannot be found", Response.Status.BAD_REQUEST);
153 if (!resource.getOwner().equals(
identity.getId())) {
154 throw new ErrorResponseException(OAuthErrorException.INVALID_REQUEST,
"Only resource owner can access policies for resource [" + resourceId +
"]", Status.BAD_REQUEST);
157 if (!resource.isOwnerManagedAccess()) {
158 throw new ErrorResponseException(OAuthErrorException.INVALID_REQUEST,
"Only resources with owner managed accessed can have policies", Status.BAD_REQUEST);
162 throw new ErrorResponseException(OAuthErrorException.REQUEST_NOT_SUPPORTED,
"Remote Resource Management not enabled on resource server [" +
resourceServer.getId() +
"]", Status.FORBIDDEN);
165 if (representation != null) {
166 Set<String> resourceScopes = resource.getScopes().stream().map(scope -> scope.getName()).collect(Collectors.toSet());
167 Set<String> scopes = representation.getScopes();
169 if (scopes == null || scopes.isEmpty()) {
170 scopes = resourceScopes;
171 representation.setScopes(scopes);
174 if (!resourceScopes.containsAll(scopes)) {
175 throw new ErrorResponseException(OAuthErrorException.INVALID_REQUEST,
"Some of the scopes [" + scopes +
"] are not valid for resource [" + resourceId +
"]", Response.Status.BAD_REQUEST);
final AuthorizationProvider authorization
Definition: UserManagedPermissionService.java:62
final ResourceServer resourceServer
Definition: UserManagedPermissionService.java:60
final Identity identity
Definition: UserManagedPermissionService.java:61