Examples with BearerTokenError org.springframework.security.oauth2.server.resource.BearerTokenError used on opensource projects

Example 21 with BearerTokenError

use of org.springframework.security.oauth2.server.resource.BearerTokenError in project spring-security by spring-projects.

the class BearerTokenAuthenticationFilterTests method doFilterWhenAuthenticationFailsWithCustomHandlerThenPropagatesError.

@Test
public void doFilterWhenAuthenticationFailsWithCustomHandlerThenPropagatesError() throws ServletException, IOException {
    BearerTokenError error = new BearerTokenError(BearerTokenErrorCodes.INVALID_TOKEN, HttpStatus.UNAUTHORIZED, "description", "uri");
    OAuth2AuthenticationException exception = new OAuth2AuthenticationException(error);
    given(this.bearerTokenResolver.resolve(this.request)).willReturn("token");
    given(this.authenticationManager.authenticate(any(BearerTokenAuthenticationToken.class))).willThrow(exception);
    BearerTokenAuthenticationFilter filter = addMocks(new BearerTokenAuthenticationFilter(this.authenticationManager));
    filter.setAuthenticationFailureHandler(this.authenticationFailureHandler);
    filter.doFilter(this.request, this.response, this.filterChain);
    verify(this.authenticationFailureHandler).onAuthenticationFailure(this.request, this.response, exception);
}

Example 22 with BearerTokenError

use of org.springframework.security.oauth2.server.resource.BearerTokenError in project spring-security by spring-projects.

the class BearerTokenAuthenticationEntryPoint method commence.

/**
 * Collect error details from the provided parameters and format according to RFC
 * 6750, specifically {@code error}, {@code error_description}, {@code error_uri}, and
 * {@code scope}.
 * @param request that resulted in an <code>AuthenticationException</code>
 * @param response so that the user agent can begin authentication
 * @param authException that caused the invocation
 */
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) {
    HttpStatus status = HttpStatus.UNAUTHORIZED;
    Map<String, String> parameters = new LinkedHashMap<>();
    if (this.realmName != null) {
        parameters.put("realm", this.realmName);
    }
    if (authException instanceof OAuth2AuthenticationException) {
        OAuth2Error error = ((OAuth2AuthenticationException) authException).getError();
        parameters.put("error", error.getErrorCode());
        if (StringUtils.hasText(error.getDescription())) {
            parameters.put("error_description", error.getDescription());
        }
        if (StringUtils.hasText(error.getUri())) {
            parameters.put("error_uri", error.getUri());
        }
        if (error instanceof BearerTokenError) {
            BearerTokenError bearerTokenError = (BearerTokenError) error;
            if (StringUtils.hasText(bearerTokenError.getScope())) {
                parameters.put("scope", bearerTokenError.getScope());
            }
            status = ((BearerTokenError) error).getHttpStatus();
        }
    }
    String wwwAuthenticate = computeWWWAuthenticateHeaderValue(parameters);
    response.addHeader(HttpHeaders.WWW_AUTHENTICATE, wwwAuthenticate);
    response.setStatus(status.value());
}

Example 23 with BearerTokenError

use of org.springframework.security.oauth2.server.resource.BearerTokenError in project spring-security by spring-projects.

the class DefaultBearerTokenResolver method resolve.

@Override
public String resolve(final HttpServletRequest request) {
    final String authorizationHeaderToken = resolveFromAuthorizationHeader(request);
    final String parameterToken = isParameterTokenSupportedForRequest(request) ? resolveFromRequestParameters(request) : null;
    if (authorizationHeaderToken != null) {
        if (parameterToken != null) {
            final BearerTokenError error = BearerTokenErrors.invalidRequest("Found multiple bearer tokens in the request");
            throw new OAuth2AuthenticationException(error);
        }
        return authorizationHeaderToken;
    }
    if (parameterToken != null && isParameterTokenEnabledForRequest(request)) {
        return parameterToken;
    }
    return null;
}

Example 24 with BearerTokenError

use of org.springframework.security.oauth2.server.resource.BearerTokenError in project spring-security by spring-projects.

the class DefaultBearerTokenResolver method resolveFromAuthorizationHeader.

private String resolveFromAuthorizationHeader(HttpServletRequest request) {
    String authorization = request.getHeader(this.bearerTokenHeaderName);
    if (!StringUtils.startsWithIgnoreCase(authorization, "bearer")) {
        return null;
    }
    Matcher matcher = authorizationPattern.matcher(authorization);
    if (!matcher.matches()) {
        BearerTokenError error = BearerTokenErrors.invalidToken("Bearer token is malformed");
        throw new OAuth2AuthenticationException(error);
    }
    return matcher.group("token");
}

Example 25 with BearerTokenError

use of org.springframework.security.oauth2.server.resource.BearerTokenError in project spring-security by spring-projects.

the class DefaultBearerTokenResolver method resolveFromRequestParameters.

private static String resolveFromRequestParameters(HttpServletRequest request) {
    String[] values = request.getParameterValues("access_token");
    if (values == null || values.length == 0) {
        return null;
    }
    if (values.length == 1) {
        return values[0];
    }
    BearerTokenError error = BearerTokenErrors.invalidRequest("Found multiple bearer tokens in the request");
    throw new OAuth2AuthenticationException(error);
}