Examples of org.springframework.security.oauth2.common.exceptions.InvalidRequestException

• org.springframework.security.oauth2.common.exceptions.InvalidRequestException
  @author Dave Syer

   */
  @Override
  public void deleteClient(ClientDetailsEntity client) throws InvalidClientException {

    if (clientRepository.getById(client.getId()) == null) {
      throw new InvalidClientException("Client with id " + client.getClientId() + " was not found");
    }

    // clean out any tokens that this client had issued
    tokenRepository.clearTokensForClient(client);

    query.setParameter("code", code);

    AuthorizationCodeEntity result = JpaUtil.getSingleResult(query.getResultList());

    if (result == null) {
      throw new InvalidGrantException("JpaAuthorizationCodeRepository: no authorization code found for value " + code);
    }

    OAuth2Authentication authRequest = result.getAuthentication();

    manager.remove(result);

  public String resolveRedirect(String requestedRedirect, ClientDetails client) throws OAuth2Exception {

    Set<String> authorizedGrantTypes = client.getAuthorizedGrantTypes();
    if (authorizedGrantTypes.isEmpty()) {
      throw new InvalidGrantException("A client must have at least one authorized grant type.");
    }
    if (!containsRedirectGrantType(authorizedGrantTypes)) {
      throw new InvalidGrantException(
          "A redirect_uri can only be used by implicit or authorization_code grant types.");
    }

    Set<String> redirectUris = client.getRegisteredRedirectUri();

  @Override
  public String resolveRedirect(String requestedRedirect, ClientDetails client) throws OAuth2Exception {
    String redirect = super.resolveRedirect(requestedRedirect, client);
    if (blacklistService.isBlacklisted(redirect)) {
      // don't let it go through
      throw new InvalidRequestException("The supplied redirect_uri is not allowed on this server.");
    } else {
      // not blacklisted, passed the parent test, we're fine
      return redirect;
    }
  }

    }
    else if (StringUtils.hasText(requestedRedirect)) {
      return requestedRedirect;
    }
    else {
      throw new InvalidRequestException("A redirect_uri must be supplied.");
    }

  }

    Map<String, String> parameters = tokenRequest.getRequestParameters();
    String authorizationCode = parameters.get("code");
    String redirectUri = parameters.get(OAuth2Utils.REDIRECT_URI);

    if (authorizationCode == null) {
      throw new InvalidRequestException("An authorization code must be supplied.");
    }

    OAuth2Authentication storedAuth = authorizationCodeServices.consumeAuthorizationCode(authorizationCode);
    if (storedAuth == null) {
      throw new InvalidGrantException("Invalid authorization code: " + authorizationCode);

    }
    if (authenticatedClient != null) {
      oAuth2RequestValidator.validateScope(tokenRequest, authenticatedClient);
    }
    if (!StringUtils.hasText(tokenRequest.getGrantType())) {
      throw new InvalidRequestException("Missing grant type");
    }
    if (tokenRequest.getGrantType().equals("implicit")) {
      throw new InvalidGrantException("Implicit grant type not supported from token endpoint");
    }

    AuthorizationRequest authorizationRequest = (AuthorizationRequest) model.get("authorizationRequest");

    if (authorizationRequest == null) {
      sessionStatus.setComplete();
      throw new InvalidRequestException("Cannot approve uninitialized authorization request.");
    }

    try {
      Set<String> responseTypes = authorizationRequest.getResponseTypes();

      authorizationRequest.setApprovalParameters(approvalParameters);
      authorizationRequest = userApprovalHandler.updateAfterApproval(authorizationRequest,
          (Authentication) principal);
      boolean approved = userApprovalHandler.isApproved(authorizationRequest, (Authentication) principal);
      authorizationRequest.setApproved(approved);

      if (authorizationRequest.getRedirectUri() == null) {
        sessionStatus.setComplete();
        throw new InvalidRequestException("Cannot approve request when no redirect URI is provided.");
      }

      if (!authorizationRequest.isApproved()) {
        return new RedirectView(getUnsuccessfulRedirect(authorizationRequest,
            new UserDeniedAuthorizationException("User denied access"), responseTypes.contains("token")),

    Map<String, Object> vars = new HashMap<String, Object>();

    String requestedRedirect = authorizationRequest.getRedirectUri();
    if (accessToken == null) {
      throw new InvalidRequestException("An implicit grant could not be made");
    }
    StringBuilder url = new StringBuilder(requestedRedirect);
    if (requestedRedirect.contains("#")) {
      url.append("&");
    }

    Object preservedState = request.getPreservedState();
    if (request.getStateKey() != null) {
      // The token endpoint has no use for the state so we don't send it back, but we are using it
      // for CSRF detection client side...
      if (preservedState == null) {
        throw new InvalidRequestException(
            "Possible CSRF detected - state parameter was present but no state could be found");
      }
    }

    // Extracting the redirect URI from a saved request should ignore the current URI, so it's not simply a call to