OAuthProblemException.java revision c29b77a9e8ee6009f6ceb8f91edb135796708ce5
/*
* DO NOT REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2012 ForgeRock Inc. All rights reserved.
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*/
/**
* @author $author$
* @version $Revision$ $Date$
*/
public class OAuthProblemException extends ResourceException {
private static final long serialVersionUID = 1934721539808864898L;
public enum OAuthError {
"The request is missing a required parameter, includes an invalid parameter value, or is otherwise malformed.",
""),
"The client is not authorized to request an authorization code using this method.",
""),
"The resource owner or authorization server denied the request.", ""),
"The authorization server does not support obtaining an authorization code using this method.",
""),
"The requested scope is invalid, unknown, or malformed.", ""),
"The authorization server encountered an unexpected condition which prevented it from fulfilling the request.",
""),
"The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server.",
""),
"The access token provided is expired, revoked, malformed, or invalid for other reasons.",
"", 401),
"The request requires higher privileges than provided by the access token.", "",
403),
"The request requires higher privileges than provided by the access token.", "",
401),
"The client identifier provided is invalid, the client failed to authenticate, the client did not include its credentials, provided multiple client credentials, or used unsupported credentials type.",
"", 403),
"The authenticated client is not authorized to use the access grant type provided.",
"", 403),
"The provided access grant is invalid, expired, or revoked.", "", 403),
"The provided access grant is invalid, expired, or revoked (e.g. invalid assertion, expired authorization token, bad end-user password credentials, or mismatching authorization code and redirection URI).",
"The redirection URI provided does not match a pre-registered value.", ""),
"The requested authentication type is not supported by the authorization server.",
"The request is for data which does not exist.", "", 404);
}
}
/**
* Create a new exception from the given {@code request} parameter.
*
* @param request
* @return new instance of OAuthProblemException
*/
return new OAuthProblemException(this, request);
}
}
}
private String description;
//
// private Status status;
private URI redirectTargetPattern;
//
// Constructors
this.description = null;
String.class);
this.state =
this.scope =
} else {
this.redirectTargetPattern = null;
}
}
this.description = null;
this.redirectTargetPattern = null;
}
cause);
this.description = null;
this.redirectTargetPattern = null;
}
// ConsumerFlow builder
this.description = description;
return this;
}
return this;
}
return this;
}
return this;
}
return this;
}
return this;
}
// Getters
return getStatus().getReasonPhrase();
}
public String getDescription() {
}
public String getErrorUri() {
}
return state;
}
return scope;
}
}
return parameters;
}
public URI getRedirectUri() {
return redirectTargetPattern;
}
/**
* {@inheritDoc}
*/
if (null == description) {
return super.getStatus();
} else {
}
}
/**
* Save the exception into the request.
* <p/>
* Save the OAuthProblemException into the attributes and the
* {@link OAuthProblemException#popException(org.restlet.Request)} method
* retreive it.
*
* @throws ResourceException
* if the embedded request is null
*/
} else {
this);
}
return ErrorServerResource.class;
}
/**
* Used for formatting error according to chapter 5.2.
*
* @see <a
* href="http://tools.ietf.org/html/draft-ietf-oauth-v2-24#section-5.2">5.2.
* Error Response</a>
*/
}
}
return response;
}
/**
* Used for formatting error according to chapter 4.2.2.1.
* <p/>
* Authorization Code (Query) HTTP/1.1 302 Found Location:
* <p/>
* Implicit (Fragment) HTTP/1.1 302 Found Location:
* https://client.example.com/cb#error=access_denied&state=xyz
*
* @see <a
* href="http://tools.ietf.org/html/draft-ietf-oauth-v2-24#section-4.2.2.1">4.2.2.1.
* Error Response</a>
*/
public Form getErrorForm() {
}
}
// TODO could automatically check for state....
}
return response;
}
//
}
}
}
/**
* Creates invalid_request exception with given message
*
* @param message
* error message
* @return new instance of OAuthProblemException
*/
}
/**
* Creates OAuthProblemException that contains set of missing oauth
* parameters
*
* @param missingParams
* missing oauth parameters
* @return OAuthProblemException with user friendly message about missing
* oauth parameters
*/
}
}
}
new StringBuilder("Bad request content type. Expecting: ")
}
public static OAuthProblemException handleNotAllowedParametersOAuthException(
if (notAllowedParams != null) {
}
}
}
if (o instanceof OAuthProblemException) {
return (OAuthProblemException) o;
}
return null;
}
}