@Override public void validateMethod(HttpServletRequest request) throws OAuthProblemException { // Check if the method is POST, PUT, or DELETE String method = request.getMethod(); if (!(OAuth.HttpMethod.POST.equals(method) || OAuth.HttpMethod.PUT.equals(method) || OAuth.HttpMethod .DELETE.equals(method))) { throw OAuthProblemException .error(OAuthError.TokenResponse.INVALID_REQUEST) .description("Incorrect method. POST, PUT, DELETE are supported."); } }
@Override public void validateMethod(HttpServletRequest request) throws OAuthProblemException { String method = request.getMethod(); if (!OAuth.HttpMethod.GET.equals(method) && !OAuth.HttpMethod.POST.equals(method)) { throw OAuthProblemException.error(OAuthError.CodeResponse.INVALID_REQUEST) .description("Method not correct."); } }
@Override public void validateMethod(HttpServletRequest request) throws OAuthProblemException { String method = request.getMethod(); if (!OAuth.HttpMethod.GET.equals(method) && !OAuth.HttpMethod.POST.equals(method)) { throw OAuthProblemException.error(OAuthError.CodeResponse.INVALID_REQUEST) .description("Method not correct."); } }
private void validateAccessToken(String owner, String token) throws OAuthProblemException { if (!storage.accessTokenExists(owner, token)) { throw OAuthProblemException.error("Invalid resource owner or access token"); } } }
@Override public void validateMethod(HttpServletRequest request) throws OAuthProblemException { String method = request.getMethod(); if (!OAuth.HttpMethod.GET.equals(method) && !OAuth.HttpMethod.POST.equals(method)) { throw OAuthProblemException.error(OAuthError.CodeResponse.INVALID_REQUEST) .description("Method not correct."); } }
private void validateAccessToken(String owner, String token) throws OAuthProblemException { if (!storage.accessTokenExists(owner, token)) { throw OAuthProblemException.error("Invalid resource owner or access token"); } } }
protected void setBody(String body) throws OAuthProblemException { try { this.body = body; parameters = JSONUtils.parseJSON(body); } catch (Throwable e) { throw OAuthProblemException.error(OAuthError.CodeResponse.UNSUPPORTED_RESPONSE_TYPE, "Invalid response! Response body is not " + OAuth.ContentType.JSON + " encoded"); } }
@Override public void validateMethod(HttpServletRequest request) throws OAuthProblemException { String method = request.getMethod(); if (!method.equals(OAuth.HttpMethod.GET) && !method.equals(OAuth.HttpMethod.POST)) { throw OAuthProblemException.error(OAuthError.CodeResponse.INVALID_REQUEST) .description("Method not correct."); } }
/** * Creates invalid_request exception with given message * * @param message error message * @return OAuthException */ public static OAuthProblemException handleOAuthProblemException(String message) { return OAuthProblemException.error(OAuthError.TokenResponse.INVALID_REQUEST) .description(message); }
/** * Creates invalid_request exception with given message * * @param message error message * @return OAuthException */ public static OAuthProblemException handleOAuthProblemException(String message) { return OAuthProblemException.error(OAuthError.TokenResponse.INVALID_REQUEST) .description(message); }
@Override public void validateMethod(HttpServletRequest request) throws OAuthProblemException { String method = request.getMethod(); if (!OAuth.HttpMethod.GET.equals(method) && !OAuth.HttpMethod.POST.equals(method)) { throw OAuthProblemException.error(OAuthError.CodeResponse.INVALID_REQUEST) .description("Method not correct."); } }
@Override public void validateMethod(HttpServletRequest request) throws OAuthProblemException { String method = request.getMethod(); if (!OAuth.HttpMethod.GET.equals(method) && !OAuth.HttpMethod.POST.equals(method)) { throw OAuthProblemException.error(OAuthError.CodeResponse.INVALID_REQUEST) .description("Method not correct."); } }
@Override public void validateRequiredParameters(HttpServletRequest request) throws OAuthProblemException { super.validateRequiredParameters(request); String clientID = request.getParameter(CLIENT_ID); // For code token response type, the scope parameter should contain 'openid' as one of the scopes. String openIdScope = request.getParameter(SCOPE); if (StringUtils.isBlank(openIdScope) || !isContainOIDCScope(openIdScope)) { throw OAuthProblemException.error(OAuthError.TokenResponse.INVALID_REQUEST) .description("Request with \'client_id\' = \'" + clientID + "\' has " + "\'response_type\' for \'hybrid flow\'; but \'openid\' scope not found."); } }
public void validateRequiredParameters(HttpServletRequest request) throws OAuthProblemException { super.validateRequiredParameters(request); // for id_token response type, the scope parameter should contain 'openid' as one of the scopes. String openIdScope = request.getParameter(SCOPE); if (StringUtils.isBlank(openIdScope) || !containOIDCScope(openIdScope)) { throw OAuthProblemException.error(OAuthError.TokenResponse.INVALID_REQUEST) .description("\'response_type\' contains \'id_token\'; but \'openid\' scope not found."); } }
private void validateClientCredentials(OAuthTokenRequest request) throws OAuthProblemException { if (!storage.clientExists(request.getClientId(), request.getClientSecret())) { String message = String.format("No client with name %s registered or invalid client secret provided", request.getClientId()); throw OAuthProblemException.error(message); } }
private void validateResourceOwnerCredentials(OAuthTokenRequest request) throws OAuthProblemException { if (!storage.resourceOwnerExists(request.getUsername(), request.getPassword())) { String message = String.format("No resource owner with name %s registered or invalid password provided", request.getUsername()); throw OAuthProblemException.error(message); } } }
private void validateClientCredentials(OAuthTokenRequest request) throws OAuthProblemException { if (!storage.clientExists(request.getClientId(), request.getClientSecret())) { String message = String.format("No client with name %s registered or invalid client secret provided", request.getClientId()); throw OAuthProblemException.error(message); } }
private void validateResourceOwnerCredentials(OAuthTokenRequest request) throws OAuthProblemException { if (!storage.resourceOwnerExists(request.getUsername(), request.getPassword())) { String message = String.format("No resource owner with name %s registered or invalid password provided", request.getUsername()); throw OAuthProblemException.error(message); } } }
@Override public void validateContentType(HttpServletRequest request) throws OAuthProblemException { if (OAuthUtils.isMultipart(request)) { throw OAuthProblemException.error(OAuthError.CodeResponse.INVALID_REQUEST). description("Request is not single part."); } super.validateContentType(request); }
public void validateErrorResponse(OAuthClientResponse response) throws OAuthProblemException { String error = response.getParam(OAuthError.OAUTH_ERROR); if (!OAuthUtils.isEmpty(error)) { String errorDesc = response.getParam(OAuthError.OAUTH_ERROR_DESCRIPTION); String errorUri = response.getParam(OAuthError.OAUTH_ERROR_URI); String state = response.getParam(OAuth.OAUTH_STATE); throw OAuthProblemException.error(error).description(errorDesc).uri(errorUri).responseStatus(response.getResponseCode()).state(state); } }