Package org.springframework.security.oauth2.common.exceptions

Examples of org.springframework.security.oauth2.common.exceptions.InvalidGrantException


  @Override
  public ClientDetailsEntity loadClientByClientId(String clientId) throws OAuth2Exception, InvalidClientException, IllegalArgumentException {
    if (!Strings.isNullOrEmpty(clientId)) {
      ClientDetailsEntity client = clientRepository.getClientByClientId(clientId);
      if (client == null) {
        throw new InvalidClientException("Client with id " + clientId + " was not found");
      }
      else {
        return client;
      }
    }
View Full Code Here


   */
  @Override
  public void deleteClient(ClientDetailsEntity client) throws InvalidClientException {

    if (clientRepository.getById(client.getId()) == null) {
      throw new InvalidClientException("Client with id " + client.getClientId() + " was not found");
    }

    // clean out any tokens that this client had issued
    tokenRepository.clearTokensForClient(client);

View Full Code Here

    query.setParameter("code", code);

    AuthorizationCodeEntity result = JpaUtil.getSingleResult(query.getResultList());

    if (result == null) {
      throw new InvalidGrantException("JpaAuthorizationCodeRepository: no authorization code found for value " + code);
    }

    OAuth2Authentication authRequest = result.getAuthentication();

    manager.remove(result);
View Full Code Here

  public String resolveRedirect(String requestedRedirect, ClientDetails client) throws OAuth2Exception {

    Set<String> authorizedGrantTypes = client.getAuthorizedGrantTypes();
    if (authorizedGrantTypes.isEmpty()) {
      throw new InvalidGrantException("A client must have at least one authorized grant type.");
    }
    if (!containsRedirectGrantType(authorizedGrantTypes)) {
      throw new InvalidGrantException(
          "A redirect_uri can only be used by implicit or authorization_code grant types.");
    }

    Set<String> redirectUris = client.getRegisteredRedirectUri();
View Full Code Here

  public OAuth2Authentication consumeAuthorizationCode(String code)
      throws InvalidGrantException {
    OAuth2Authentication auth = this.remove(code);
    if (auth == null) {
      throw new InvalidGrantException("Invalid authorization code: " + code);
    }
    return auth;
  }
View Full Code Here

      throw new InvalidRequestException("An authorization code must be supplied.");
    }

    OAuth2Authentication storedAuth = authorizationCodeServices.consumeAuthorizationCode(authorizationCode);
    if (storedAuth == null) {
      throw new InvalidGrantException("Invalid authorization code: " + authorizationCode);
    }

    OAuth2Request pendingOAuth2Request = storedAuth.getOAuth2Request();
    // https://jira.springsource.org/browse/SECOAUTH-333
    // This might be null, if the authorization was done without the redirect_uri parameter
View Full Code Here

    }
    if (!StringUtils.hasText(tokenRequest.getGrantType())) {
      throw new InvalidRequestException("Missing grant type");
    }
    if (tokenRequest.getGrantType().equals("implicit")) {
      throw new InvalidGrantException("Implicit grant type not supported from token endpoint");
    }

    if (isAuthCodeRequest(parameters)) {
      // The scope was requested or determined during the authorization step
      if (!tokenRequest.getScope().isEmpty()) {
View Full Code Here

    try {
      userAuth = authenticationManager.authenticate(userAuth);
    }
    catch (AccountStatusException ase) {
      //covers expired, locked, disabled cases (mentioned in section 5.2, draft 31)
      throw new InvalidGrantException(ase.getMessage());
    }
    catch (BadCredentialsException e) {
      // If the username/password are wrong the spec says we should send 400/invlid grant
      throw new InvalidGrantException(e.getMessage());
    }
    if (userAuth == null || !userAuth.isAuthenticated()) {
      throw new InvalidGrantException("Could not authenticate user: " + username);
    }
   
    OAuth2Request storedOAuth2Request = getRequestFactory().createOAuth2Request(client, tokenRequest);   
    return new OAuth2Authentication(storedOAuth2Request, userAuth);
  }
View Full Code Here

  public OAuth2AccessToken refreshAccessToken(String refreshTokenValue, TokenRequest tokenRequest)
      throws AuthenticationException {

    if (!supportRefreshToken) {
      throw new InvalidGrantException("Invalid refresh token: " + refreshTokenValue);
    }

    OAuth2RefreshToken refreshToken = tokenStore.readRefreshToken(refreshTokenValue);
    if (refreshToken == null) {
      throw new InvalidGrantException("Invalid refresh token: " + refreshTokenValue);
    }

    OAuth2Authentication authentication = tokenStore.readAuthenticationForRefreshToken(refreshToken);
    String clientId = authentication.getOAuth2Request().getClientId();
    if (clientId == null || !clientId.equals(tokenRequest.getClientId())) {
      throw new InvalidGrantException("Wrong client for this refresh token: " + refreshTokenValue);
    }

    // clear out any access tokens already associated with the refresh
    // token.
    tokenStore.removeAccessTokenUsingRefreshToken(refreshToken);
View Full Code Here

    assertEquals(expected, getOutput());
  }

  @Test
  public void writeInvalidGrant() throws Exception {
    OAuth2Exception oauthException = new InvalidGrantException(DETAILS);
    String expected = createResponse(oauthException.getOAuth2ErrorCode());
    converter.write(oauthException, contentType, outputMessage);
    assertEquals(expected, getOutput());
  }
View Full Code Here

TOP

Related Classes of org.springframework.security.oauth2.common.exceptions.InvalidGrantException

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.