use of org.wso2.carbon.identity.oauth.common.exception.OAuthClientException in project identity-inbound-auth-oauth by wso2-extensions.
the class OAuthRevocationEndpoint method validateAuthorizationHeader.
private void validateAuthorizationHeader(HttpServletRequest request, MultivaluedMap<String, String> paramMap, String callback) throws RevokeEndpointAccessDeniedException {
try {
// The client MUST NOT use more than one authentication method in each request
if (isClientCredentialsExistsAsParams(paramMap)) {
if (log.isDebugEnabled()) {
log.debug("Client Id and Client Secret found in request body and Authorization header" + ". Credentials should be sent in either request body or Authorization header, not both");
}
throw new RevokeEndpointAccessDeniedException("Client Authentication failed.", null, callback);
}
String[] credentials = getClientCredentials(request);
// add the credentials available in Authorization header to the parameter map
paramMap.add(OAuth.OAUTH_CLIENT_ID, credentials[0]);
paramMap.add(OAuth.OAUTH_CLIENT_SECRET, credentials[1]);
if (log.isDebugEnabled()) {
log.debug("Client credentials extracted from the Authorization Header");
}
} catch (OAuthClientException e) {
// malformed credential string is considered as an auth failure.
if (log.isDebugEnabled()) {
log.debug("Error while extracting credentials from authorization header", e);
}
throw new RevokeEndpointAccessDeniedException("Client Authentication failed. Invalid Authorization Header.", null, callback);
}
}
Aggregations