Examples of com.nimbusds.oauth2.sdk.token.BearerTokenError

• com.nimbusds.oauth2.sdk.Scope
  OAuth 2.0 bearer token error. Used to indicate that access to a resource protected by a Bearer access token is denied, due to the request or token being invalid, or due to the access token having insufficient scope.

  Standard bearer access token errors:

  • {@link #MISSING_TOKEN}
  • {@link #INVALID_REQUEST}
  • {@link #INVALID_TOKEN}
  • {@link #INSUFFICIENT_SCOPE}

  Example HTTP response:

   HTTP/1.1 401 Unauthorized WWW-Authenticate: Bearer realm="example.com", error="invalid_token", error_description="The access token expired" 

  Related specifications:

  • OAuth 2.0 Bearer Token Usage (RFC 6750), section 3.1.

    try {
      return JWTParser.parse(content);

    } catch (java.text.ParseException e) {

      throw new ParseException(e.getMessage(), e);
    }
  }

    try {
      return new URI(getGeneric(o, key, String.class));

    } catch (URISyntaxException e) {

      throw new ParseException(e.getMessage(), e);
    }
  }

    try {
      return new URL(getGeneric(o, key, String.class));

    } catch (MalformedURLException e) {

      throw new ParseException(e.getMessage(), e);
    }
  }

      return new InternetAddress(getGeneric(o, key, String.class), strict);

    } catch (AddressException e) {

      throw new ParseException(e.getMessage(), e);
    }
  }

    try {
      return list.toArray(new String[0]);

    } catch (ArrayStoreException e) {

      throw new ParseException("JSON object member with key \"" + key + "\" is not an array of strings");
    }
  }

      try {
        set.add((String)item);

      } catch (Exception e) {

        throw new ParseException("JSON object member wit key \"" + key + "\" is not an array of strings");
      }

    }

    return set;

   */
  public static void ensureContentType(final ContentType expected, final ContentType found)
    throws ParseException {

    if (found == null)
      throw new ParseException("Missing HTTP Content-Type header");

    if (! expected.match(found))
      throw new ParseException("The HTTP Content-Type header must be " + expected);
  }

  public void testParseError()
    throws Exception {

    URI redirectURI = new URI("https://example.com/in");
    ResponseType rt = new ResponseType(ResponseType.Value.CODE);
    State state = new State("xyz");

    AuthenticationErrorResponse errorResponse = new AuthenticationErrorResponse(redirectURI, OAuth2Error.ACCESS_DENIED, rt, state);

    HTTPResponse httpResponse = errorResponse.toHTTPResponse();

    ClaimsRequest cr = new ClaimsRequest();
    cr.addIDTokenClaim(new ClaimsRequest.Entry("email", ClaimRequirement.ESSENTIAL));

    AuthenticationRequest authRequest = new AuthenticationRequest.Builder(
      new ResponseType("code"),
      new Scope("openid", "email"),
      new ClientID("123"),
      new URI("https://client.com/cb")).claims(cr).build();

    ClaimsRequest claimsRequest = ClaimsRequest.resolve(authRequest);

  public void testResolveSimple()
    throws Exception {

    Scope scope = Scope.parse("openid");

    ClaimsRequest cr = ClaimsRequest.resolve(ResponseType.parse("code"), scope);

    System.out.println("Claims request for scope openid: " + cr.toJSONObject());