Examples of InvalidGrantException


Examples of org.springframework.security.oauth2.common.exceptions.InvalidGrantException

    query.setParameter("code", code);

    AuthorizationCodeEntity result = JpaUtil.getSingleResult(query.getResultList());

    if (result == null) {
      throw new InvalidGrantException("JpaAuthorizationCodeRepository: no authorization code found for value " + code);
    }

    OAuth2Authentication authRequest = result.getAuthentication();

    manager.remove(result);
View Full Code Here

Examples of org.springframework.security.oauth2.common.exceptions.InvalidGrantException

  public String resolveRedirect(String requestedRedirect, ClientDetails client) throws OAuth2Exception {

    Set<String> authorizedGrantTypes = client.getAuthorizedGrantTypes();
    if (authorizedGrantTypes.isEmpty()) {
      throw new InvalidGrantException("A client must have at least one authorized grant type.");
    }
    if (!containsRedirectGrantType(authorizedGrantTypes)) {
      throw new InvalidGrantException(
          "A redirect_uri can only be used by implicit or authorization_code grant types.");
    }

    Set<String> redirectUris = client.getRegisteredRedirectUri();
View Full Code Here

Examples of org.springframework.security.oauth2.common.exceptions.InvalidGrantException

  public OAuth2Authentication consumeAuthorizationCode(String code)
      throws InvalidGrantException {
    OAuth2Authentication auth = this.remove(code);
    if (auth == null) {
      throw new InvalidGrantException("Invalid authorization code: " + code);
    }
    return auth;
  }
View Full Code Here

Examples of org.springframework.security.oauth2.common.exceptions.InvalidGrantException

      throw new InvalidRequestException("An authorization code must be supplied.");
    }

    OAuth2Authentication storedAuth = authorizationCodeServices.consumeAuthorizationCode(authorizationCode);
    if (storedAuth == null) {
      throw new InvalidGrantException("Invalid authorization code: " + authorizationCode);
    }

    OAuth2Request pendingOAuth2Request = storedAuth.getOAuth2Request();
    // https://jira.springsource.org/browse/SECOAUTH-333
    // This might be null, if the authorization was done without the redirect_uri parameter
View Full Code Here

Examples of org.springframework.security.oauth2.common.exceptions.InvalidGrantException

    }
    if (!StringUtils.hasText(tokenRequest.getGrantType())) {
      throw new InvalidRequestException("Missing grant type");
    }
    if (tokenRequest.getGrantType().equals("implicit")) {
      throw new InvalidGrantException("Implicit grant type not supported from token endpoint");
    }

    if (isAuthCodeRequest(parameters)) {
      // The scope was requested or determined during the authorization step
      if (!tokenRequest.getScope().isEmpty()) {
View Full Code Here

Examples of org.springframework.security.oauth2.common.exceptions.InvalidGrantException

    try {
      userAuth = authenticationManager.authenticate(userAuth);
    }
    catch (AccountStatusException ase) {
      //covers expired, locked, disabled cases (mentioned in section 5.2, draft 31)
      throw new InvalidGrantException(ase.getMessage());
    }
    catch (BadCredentialsException e) {
      // If the username/password are wrong the spec says we should send 400/invlid grant
      throw new InvalidGrantException(e.getMessage());
    }
    if (userAuth == null || !userAuth.isAuthenticated()) {
      throw new InvalidGrantException("Could not authenticate user: " + username);
    }
   
    OAuth2Request storedOAuth2Request = getRequestFactory().createOAuth2Request(client, tokenRequest);   
    return new OAuth2Authentication(storedOAuth2Request, userAuth);
  }
View Full Code Here

Examples of org.springframework.security.oauth2.common.exceptions.InvalidGrantException

  public OAuth2AccessToken refreshAccessToken(String refreshTokenValue, TokenRequest tokenRequest)
      throws AuthenticationException {

    if (!supportRefreshToken) {
      throw new InvalidGrantException("Invalid refresh token: " + refreshTokenValue);
    }

    OAuth2RefreshToken refreshToken = tokenStore.readRefreshToken(refreshTokenValue);
    if (refreshToken == null) {
      throw new InvalidGrantException("Invalid refresh token: " + refreshTokenValue);
    }

    OAuth2Authentication authentication = tokenStore.readAuthenticationForRefreshToken(refreshToken);
    String clientId = authentication.getOAuth2Request().getClientId();
    if (clientId == null || !clientId.equals(tokenRequest.getClientId())) {
      throw new InvalidGrantException("Wrong client for this refresh token: " + refreshTokenValue);
    }

    // clear out any access tokens already associated with the refresh
    // token.
    tokenStore.removeAccessTokenUsingRefreshToken(refreshToken);
View Full Code Here

Examples of org.springframework.security.oauth2.common.exceptions.InvalidGrantException

    assertEquals(expected, getOutput());
  }

  @Test
  public void writeInvalidGrant() throws Exception {
    OAuth2Exception oauthException = new InvalidGrantException(DETAILS);
    String expected = createResponse(oauthException.getOAuth2ErrorCode());
    converter.write(oauthException, contentType, outputMessage);
    assertEquals(expected, getOutput());
  }
View Full Code Here

Examples of org.springframework.security.oauth2.common.exceptions.InvalidGrantException

  @Test
  public void readInvalidGrant() throws Exception {
    String accessToken = createResponse(OAuth2Exception.INVALID_GRANT);
    when(inputMessage.getBody()).thenReturn(createInputStream(accessToken));
    @SuppressWarnings("unused")
    InvalidGrantException result = (InvalidGrantException) converter.read(OAuth2Exception.class, inputMessage);
  }
View Full Code Here

Examples of org.springframework.security.oauth2.common.exceptions.InvalidGrantException

  }

  @Test
  public void readValueInvalidGrant() throws Exception {
    String accessToken = createResponse(OAuth2Exception.INVALID_GRANT);
    InvalidGrantException result = (InvalidGrantException) mapper.readValue(accessToken, OAuth2Exception.class);
    assertEquals(DETAILS,result.getMessage());
    assertEquals(null,result.getAdditionalInformation());
  }
View Full Code Here
TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.