org.springframework.security.oauth2.common.exceptions.UnauthorizedClientException Java Examples

The following examples show how to use org.springframework.security.oauth2.common.exceptions.UnauthorizedClientException. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: RefreshTokenFilter.java    From cubeai with Apache License 2.0 6 votes vote down vote up
/**
 * Refresh the access and refresh tokens if they are about to expire.
 *
 * @param httpServletRequest  the servlet request holding the current cookies. If no refresh cookie is present,
 *                            then we are out of luck.
 * @param httpServletResponse the servlet response that gets the new set-cookie headers, if they had to be
 *                            refreshed.
 * @return a new request to use downstream that contains the new cookies, if they had to be refreshed.
 * @throws InvalidTokenException if the tokens could not be refreshed.
 */
public HttpServletRequest refreshTokensIfExpiring(HttpServletRequest httpServletRequest, HttpServletResponse
    httpServletResponse) {
    HttpServletRequest newHttpServletRequest = httpServletRequest;
    //get access token from cookie
    Cookie accessTokenCookie = OAuth2CookieHelper.getAccessTokenCookie(httpServletRequest);
    if (mustRefreshToken(accessTokenCookie)) {        //we either have no access token, or it is expired, or it is about to expire
        //get the refresh token cookie and, if present, request new tokens
        Cookie refreshCookie = OAuth2CookieHelper.getRefreshTokenCookie(httpServletRequest);
        if (refreshCookie != null) {
            try {
                newHttpServletRequest = authenticationService.refreshToken(httpServletRequest, httpServletResponse, refreshCookie);
            } catch (HttpClientErrorException ex) {
                throw new UnauthorizedClientException("could not refresh OAuth2 token", ex);
            }
        } else if (accessTokenCookie != null) {
            log.warn("access token found, but no refresh token, stripping them all");
            OAuth2AccessToken token = tokenStore.readAccessToken(accessTokenCookie.getValue());
            if (token.isExpired()) {
                throw new InvalidTokenException("access token has expired, but there's no refresh token");
            }
        }
    }
    return newHttpServletRequest;
}
 
Example #2
Source File: RefreshTokenFilter.java    From tutorials with MIT License 6 votes vote down vote up
/**
 * Refresh the access and refresh tokens if they are about to expire.
 *
 * @param httpServletRequest  the servlet request holding the current cookies. If no refresh cookie is present,
 *                            then we are out of luck.
 * @param httpServletResponse the servlet response that gets the new set-cookie headers, if they had to be
 *                            refreshed.
 * @return a new request to use downstream that contains the new cookies, if they had to be refreshed.
 * @throws InvalidTokenException if the tokens could not be refreshed.
 */
public HttpServletRequest refreshTokensIfExpiring(HttpServletRequest httpServletRequest, HttpServletResponse
    httpServletResponse) {
    HttpServletRequest newHttpServletRequest = httpServletRequest;
    //get access token from cookie
    Cookie accessTokenCookie = OAuth2CookieHelper.getAccessTokenCookie(httpServletRequest);
    if (mustRefreshToken(accessTokenCookie)) {        //we either have no access token, or it is expired, or it is about to expire
        //get the refresh token cookie and, if present, request new tokens
        Cookie refreshCookie = OAuth2CookieHelper.getRefreshTokenCookie(httpServletRequest);
        if (refreshCookie != null) {
            try {
                newHttpServletRequest = authenticationService.refreshToken(httpServletRequest, httpServletResponse, refreshCookie);
            } catch (HttpClientErrorException ex) {
                throw new UnauthorizedClientException("could not refresh OAuth2 token", ex);
            }
        } else if (accessTokenCookie != null) {
            log.warn("access token found, but no refresh token, stripping them all");
            OAuth2AccessToken token = tokenStore.readAccessToken(accessTokenCookie.getValue());
            if (token.isExpired()) {
                throw new InvalidTokenException("access token has expired, but there's no refresh token");
            }
        }
    }
    return newHttpServletRequest;
}
 
Example #3
Source File: DefaultWebResponseExceptionTranslator.java    From spring-cloud-shop with MIT License 4 votes vote down vote up
private ResponseEntity handleOAuth2Exception(OAuth2Exception e) throws IOException {

        Response<String> result = new Response<>();
        result.setCode(ERROR_CODE_START);
        if (e instanceof InvalidClientException) {
            result.setMsg("用户名或这密码错误");
        } else if (e instanceof UnauthorizedClientException) {
            result.setMsg("未授权的ClientId");
        } else if (e instanceof InvalidGrantException) {
            result.setMsg("授权失败,用户名或者密码错误");
        } else if (e instanceof InvalidScopeException) {
            result.setMsg("授权客户端错误");
        } else if (e instanceof InvalidTokenException) {
            result.setMsg("授权token错误");
        } else if (e instanceof InvalidRequestException) {
            result.setMsg("授权请求错误");
        } else if (e instanceof RedirectMismatchException) {
            result.setMsg("redirect_uri未匹配");
        } else if (e instanceof UnsupportedGrantTypeException) {
            result.setMsg("不支持此授权类型");
        } else if (e instanceof UnsupportedResponseTypeException) {
            result.setMsg("不支持此类型的授权码");
        } else if (e instanceof UserDeniedAuthorizationException) {
            result.setMsg("您没有访问权限");
        } else {
            result.setCode(ERROR_CODE_START + 1);
            result.setMsg(e.getMessage());
        }

        int status = e.getHttpErrorCode();
        HttpHeaders headers = new HttpHeaders();
        headers.set("Cache-Control", "no-store");
        headers.set("Pragma", "no-cache");
        if (status == HttpStatus.UNAUTHORIZED.value() || (e instanceof InsufficientScopeException)) {
            headers.set("WWW-Authenticate", String.format("%s %s", OAuth2AccessToken.BEARER_TYPE, e.getSummary()));
        }

        return new ResponseEntity<>(result, headers,
                HttpStatus.OK);

    }