Skip to content

How-to: Handle errors and customize the OAuth 2.0 Error response #541

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jgrandja opened this issue Dec 17, 2021 · 2 comments
Open

How-to: Handle errors and customize the OAuth 2.0 Error response #541

jgrandja opened this issue Dec 17, 2021 · 2 comments
Labels
type: documentation A documentation update

Comments

@jgrandja
Copy link
Collaborator

Publish a guide on How-to: Handle errors and customize the OAuth 2.0 Error response

Related gh-499
@jgrandja jgrandja added the type: enhancement A general enhancement label Dec 17, 2021
@jgrandja jgrandja added type: documentation A documentation update and removed type: enhancement A general enhancement labels May 27, 2023
@jgrandja jgrandja mentioned this issue May 30, 2023
Open
@ddubson ddubson mentioned this issue Sep 19, 2023
Closed
@jgrandja
Copy link
Collaborator Author

jgrandja commented Jan 30, 2024
edited
Loading

Sample demonstrating how to customize the error response parameters using OAuth2ErrorAuthenticationFailureHandler:

private AuthenticationFailureHandler authenticationFailureHandler = createAuthenticationFailureHandler();

private static AuthenticationFailureHandler createAuthenticationFailureHandler() {
	OAuth2ErrorHttpMessageConverter errorResponseConverter = new OAuth2ErrorHttpMessageConverter();
	errorResponseConverter.setErrorParametersConverter(error -> {
		Map<String, String> parameters = new HashMap<>();
		// Only return the error code
		parameters.put(OAuth2ParameterNames.ERROR, error.getErrorCode());
		return parameters;
	});

	OAuth2ErrorAuthenticationFailureHandler authenticationFailureHandler = new OAuth2ErrorAuthenticationFailureHandler();
	authenticationFailureHandler.setErrorResponseConverter(errorResponseConverter);

	return authenticationFailureHandler;
}

@jgrandja
Copy link
Collaborator Author

Sample demonstrating how to customize the HTTP status for the error response using OAuth2ErrorAuthenticationFailureHandler:

private AuthenticationFailureHandler authenticationFailureHandler = createAuthenticationFailureHandler();

private static AuthenticationFailureHandler createAuthenticationFailureHandler() {
	OAuth2ErrorHttpMessageConverter errorResponseConverter = new OAuth2ErrorHttpMessageConverter() {
		@Override
		protected void writeInternal(OAuth2Error error, HttpOutputMessage outputMessage)
				throws HttpMessageNotWritableException {

			HttpServletResponse servletResponse = ((ServletServerHttpResponse) outputMessage).getServletResponse();
			if (OAuth2ErrorCodes.INVALID_CLIENT.equals(error.getErrorCode())) {
				servletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
			} else {
				servletResponse.setStatus(HttpStatus.BAD_REQUEST.value());
			}
			super.writeInternal(error, outputMessage);
		}

	};

	OAuth2ErrorAuthenticationFailureHandler authenticationFailureHandler = new OAuth2ErrorAuthenticationFailureHandler();
	authenticationFailureHandler.setErrorResponseConverter(errorResponseConverter);

	return authenticationFailureHandler;
}

@jgrandja jgrandja mentioned this issue Jan 30, 2024
Closed
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: documentation A documentation update
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jgrandja