protected AuthzClient validateClientSecret(Request request, Response response, AuthzClientCredentials credentials) throws Throwable {
String clientId = credentials.getClientId();
if (Strings.isEmpty(clientId)) {
handleError(request, response, new RequestOAuth2Params(request),
getOauth2Error(key -> OAuth2Errors.invalidRequestError(request, key, "client_id required"), INVALID_REQUEST_CLIENT_ID_REQUIRED));
return null;
}
String clientSecret = credentials.getClientSecret();
if (Strings.isEmpty(clientSecret)) {
handleError(request, response, new RequestOAuth2Params(request),
getOauth2Error(key -> OAuth2Errors.invalidRequestError(request, key, "client_secret required"), INVALID_REQUEST_CLIENT_SECRET_REQUIRED));
return null;
}
AuthzClientAuthenticationContext context = new DefaultAuthzClientAuthenticationContext(request, response);
AuthzClient client = clientManager.authenticate(context, credentials);
if (!context.errors().isEmpty()) {
NamedError error = context.errors().first();
handleError(request, response, new RequestOAuth2Params(request), getOauth2Error(key -> OAuth2ErrorBuilder.createUnauthorized()
.withError(error.getCode())
.withErrorDescription(error.getMessage())
.withMessageKey(key)
.build(),
error.getName()));
return null;
}
return client;
}