List of usage examples for org.springframework.security.oauth2.common.exceptions UnapprovedClientAuthenticationException getMessage
public String getMessage()
From source file:org.cloudfoundry.identity.uaa.authentication.BackwardsCompatibleTokenEndpointAuthenticationFilter.java
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException { final HttpServletRequest request = (HttpServletRequest) req; final HttpServletResponse response = (HttpServletResponse) res; try {/* w ww .j a va2s . c o m*/ Authentication userAuthentication = extractCredentials(request, response); if (userAuthentication != null) { Authentication clientAuth = SecurityContextHolder.getContext().getAuthentication(); if (clientAuth == null) { throw new BadCredentialsException( "No client authentication found. Remember to put a filter upstream of the TokenEndpointAuthenticationFilter."); } Map<String, String> map = getSingleValueMap(request); map.put(OAuth2Utils.CLIENT_ID, clientAuth.getName()); SecurityContextHolder.getContext().setAuthentication(userAuthentication); AuthorizationRequest authorizationRequest = oAuth2RequestFactory.createAuthorizationRequest(map); //authorizationRequest.setScope(getScope(request)); if (clientAuth.isAuthenticated()) { // Ensure the OAuth2Authentication is authenticated authorizationRequest.setApproved(true); } OAuth2Request storedOAuth2Request = oAuth2RequestFactory.createOAuth2Request(authorizationRequest); SecurityContextHolder.getContext() .setAuthentication(new OAuth2Authentication(storedOAuth2Request, userAuthentication)); onSuccessfulAuthentication(request, response, userAuthentication); } } catch (UnauthorizedClientException failed) { //happens when all went well, but the client is not authorized for the identity provider UnapprovedClientAuthenticationException ex = new UnapprovedClientAuthenticationException( failed.getMessage(), failed); SecurityContextHolder.clearContext(); logger.debug("Authentication request for failed: " + failed); onUnsuccessfulAuthentication(request, response, ex); authenticationEntryPoint.commence(request, response, ex); return; } catch (AuthenticationException failed) { SecurityContextHolder.clearContext(); logger.debug("Authentication request for failed: " + failed); onUnsuccessfulAuthentication(request, response, failed); authenticationEntryPoint.commence(request, response, failed); return; } catch (InvalidScopeException ex) { String message = ex.getMessage(); response.sendError(UNAUTHORIZED.value(), message); return; } chain.doFilter(request, response); }