Package org.forgerock.http.oauth2

Class OAuth2Error

  • All Implemented Interfaces:
    Serializable
    public final class OAuth2Error
extends Object
implements Serializable
    Describes an error which occurred during an OAuth 2.0 authorization request or when performing an authorized request. More specifically, errors are communicated:
    • as query parameters in a failed authorization call-back. These errors are defined in RFC 6749 # 4.1.2 and comprise of an error code, optional error description, and optional error URI
    • as JSON encoded content in a failed access token request or failed refresh token request. These errors are defined in RFC 6749 # 5.2 and comprise of an error code, optional error description, and optional error URI
    • using the WWW-Authenticate response header in response to a failed attempt to access an OAuth 2.0 protected resource on a resource server. These errors are defined in RFC 6750 # 3.1 and comprise of an optional error code, optional error description, optional error URI, optional list of required scopes, and optional realm.
    See Also:
    RFC 6749 # 4.1.2 - The OAuth 2.0 Authorization Framework, RFC 6749 # 5.2 - The OAuth 2.0 Authorization Framework, RFC 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage, Serialized Form

    • Method Detail

      • bestEffortResourceServerError

        public static OAuth2Error bestEffortResourceServerError​(Status status,
                                                        OAuth2Error incomplete)
        Returns an OAuth 2.0 resource server error whose values are determined on a best-effort basis from the provided incomplete error and HTTP status code.
        Parameters:
        status - The HTTP status code.
        incomplete - The incomplete and possibly null error.
        Returns:
        A non-null error whose error code has been determined from the HTTP status code.

      • newAuthorizationServerError

        public static OAuth2Error newAuthorizationServerError​(String error,
                                                      String errorDescription)
        Returns an OAuth 2.0 error suitable for inclusion in authorization call-back responses and access token and refresh token responses.
        Parameters:
        error - The error code specifying the cause of the failure.
        errorDescription - The human-readable ASCII text providing additional information, or null.
        Returns:
        The OAuth 2.0 error.
        Throws:
        NullPointerException - If error was null.

      • newAuthorizationServerError

        public static OAuth2Error newAuthorizationServerError​(String error,
                                                      String errorDescription,
                                                      String errorUri)
        Returns an OAuth 2.0 error suitable for inclusion in authorization call-back responses and access token and refresh token responses.
        Parameters:
        error - The error code specifying the cause of the failure.
        errorDescription - The human-readable ASCII text providing additional information, or null.
        errorUri - A URI identifying a human-readable web page with information about the error, or null.
        Returns:
        The OAuth 2.0 error.
        Throws:
        NullPointerException - If error was null.

      • newResourceServerError

        public static OAuth2Error newResourceServerError​(String realm,
                                                 List<String> scope,
                                                 String error,
                                                 String errorDescription,
                                                 String errorUri)
        Returns an OAuth 2.0 error suitable for inclusion in resource server WWW-Authenticate response headers.
        Parameters:
        realm - The scope of protection required to access the protected resource, or null.
        scope - The required scope(s) of the access token for accessing the requested resource, or null.
        error - The error code specifying the cause of the failure, or null.
        errorDescription - The human-readable ASCII text providing additional information, or null.
        errorUri - A URI identifying a human-readable web page with information about the error, or null.
        Returns:
        The OAuth 2.0 error.

      • valueOf

        public static OAuth2Error valueOf​(String s)
        Parses the provided toString() representation as an OAuth 2.0 error.
        Parameters:
        s - The string to parse.
        Returns:
        The parsed OAuth 2.0 error.

      • valueOfForm

        public static OAuth2Error valueOfForm​(Form form)
        Parses the Form representation of an authorization call-back error as an OAuth 2.0 error. Only the error, error description, and error URI fields will be included.
        Parameters:
        form - The Form representation of an authorization call-back error.
        Returns:
        The parsed OAuth 2.0 error.

      • valueOfJsonContent

        public static OAuth2Error valueOfJsonContent​(Map<String,​Object> json)
        Parses the JSON representation of an access token error response as an OAuth 2.0 error. Only the error, error description, and error URI fields will be included.
        Parameters:
        json - The JSON representation of an access token error response.
        Returns:
        The parsed OAuth 2.0 error.
        Throws:
        IllegalArgumentException - If the JSON content was malformed.

      • valueOfWWWAuthenticateHeader

        public static OAuth2Error valueOfWWWAuthenticateHeader​(String s)
        Parses the provided WWW-Authenticate header content as an OAuth 2.0 error.
        Parameters:
        s - The string containing the WWW-Authenticate header content.
        Returns:
        The parsed OAuth 2.0 error.
        Throws:
        IllegalArgumentException - If the header value was malformed.

      • getError

        public String getError()
        Returns the error code specifying the cause of the failure.
        Returns:
        The error code specifying the cause of the failure, or null if no error code was provided (which may be the case for WWW-Authenticate headers).

      • getErrorDescription

        public String getErrorDescription()
        Returns the human-readable ASCII text providing additional information, used to assist the client developer in understanding the error that occurred.
        Returns:
        The human-readable ASCII text providing additional information, or null if no description was provided.

      • getErrorUri

        public String getErrorUri()
        Returns a URI identifying a human-readable web page with information about the error, used to provide the client developer with additional information about the error.
        Returns:
        A URI identifying a human-readable web page with information about the error, or null if no error URI was provided.

      • getRealm

        public String getRealm()
        Returns the scope of protection required to access the protected resource. The realm is only included with WWW-Authenticate headers in response to a failure to access a protected resource.
        Returns:
        The scope of protection required to access the protected resource, or null if no realm was provided (which will always be the case for authorization call-back failures and access/refresh token requests).

      • getScope

        public List<String> getScope()
        Returns the required scope of the access token for accessing the requested resource. The scope is only included with WWW-Authenticate headers in response to a failure to access a protected resource.
        Returns:
        The required scope of the access token for accessing the requested resource, which may be empty (never null) if no scope was provided (which will always be the case for authorization call-back failures and access/refresh token requests).

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Object

      • is

        public boolean is​(String error)
        Returns true if this error includes an error code and it matches the provided error code.
        Parameters:
        error - The error code.
        Returns:
        true if this error includes an error code and it matches the provided error code.

      • toForm

        public Form toForm()
        Returns the form representation of this error suitable for inclusion in an authorization call-back query. Only the error, error description, and error URI fields will be included.
        Returns:
        The form representation of this error suitable for inclusion in an authorization call-back query.

      • toJsonContent

        public Map<String,​Object> toJsonContent()
        Returns the JSON representation of this error formatted as an access token error response. Only the error, error description, and error URI fields will be included.
        Returns:
        The JSON representation of this error formatted as an access token error response.

      • toWWWAuthenticateHeader

        @Deprecated
public String toWWWAuthenticateHeader()
        Deprecated.
        Use asWwwAuthenticateHeader() instead.
        Returns the string representation of this error formatted as a WWW-Authenticate header.
        Returns:
        The string representation of this error formatted as a WWW-Authenticate header.

      • asWwwAuthenticateHeader

        public WwwAuthenticateHeader asWwwAuthenticateHeader()
        Returns a representation of this error as a WWW-Authenticate header.
        Returns:
        The representation of this error as a WWW-Authenticate header.