OAuth2FailureContext

When an OAuth 2.0 authorization operation fails, the error and error description provided by the authorization service are injected into this context for use downstream.

The amount and type of information in the context depends on when a failure occurs.

This context is created by AuthorizationCodeOAuth2ClientFilter and OAuth2TokenExchangeFilter.

This context supports OAuth 2.0 error messages in the format given by RFC 6749.

Properties

The context is named OAuth2Failure, and is accessible at ${contexts.oauth2Failure}. The context has the following properties:

"error": java.lang.String: The error field name.
"description": java.lang.String: Error description field name.
"exception": org.forgerock.openig.filter.oauth2.client.OAuth2ErrorException: The OAuth 2.0 exception associated with the token exchange error.

Examples

For examples that use ${contexts.oauth2Failure.error} and ${contexts.oauth2Failure.description, refer to the routes in OAuth 2.0 token exchange and Discovery and dynamic registration.

More information

org.forgerock.http.oauth2.OAuth2FailureContext

OAuth2TokenExchangeContext

OAuth2TokenExchangeFilter

RFC 6749: Error Response

PingGateway 2024.9

OAuth2FailureContext

Properties

Examples

More information