Example usage for org.springframework.security.oauth2.common.exceptions UnapprovedClientAuthenticationException getMessage

List of usage examples for org.springframework.security.oauth2.common.exceptions UnapprovedClientAuthenticationException getMessage

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.oauth2.common.exceptions.*
  5. UnapprovedClientAuthenticationException
  6. getMessage

Introduction

In this page you can find the example usage for org.springframework.security.oauth2.common.exceptions UnapprovedClientAuthenticationException getMessage.

Prototype

public String getMessage()

Source Link

Document

Returns the detail message string of this throwable.

Usage

From source file:org.cloudfoundry.identity.uaa.authentication.BackwardsCompatibleTokenEndpointAuthenticationFilter.java

public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
        throws IOException, ServletException {
    final HttpServletRequest request = (HttpServletRequest) req;
    final HttpServletResponse response = (HttpServletResponse) res;

    try {/* w ww .j a va2s  . c o  m*/
        Authentication userAuthentication = extractCredentials(request, response);

        if (userAuthentication != null) {
            Authentication clientAuth = SecurityContextHolder.getContext().getAuthentication();
            if (clientAuth == null) {
                throw new BadCredentialsException(
                        "No client authentication found. Remember to put a filter upstream of the TokenEndpointAuthenticationFilter.");
            }

            Map<String, String> map = getSingleValueMap(request);
            map.put(OAuth2Utils.CLIENT_ID, clientAuth.getName());

            SecurityContextHolder.getContext().setAuthentication(userAuthentication);
            AuthorizationRequest authorizationRequest = oAuth2RequestFactory.createAuthorizationRequest(map);

            //authorizationRequest.setScope(getScope(request));
            if (clientAuth.isAuthenticated()) {
                // Ensure the OAuth2Authentication is authenticated
                authorizationRequest.setApproved(true);
            }

            OAuth2Request storedOAuth2Request = oAuth2RequestFactory.createOAuth2Request(authorizationRequest);

            SecurityContextHolder.getContext()
                    .setAuthentication(new OAuth2Authentication(storedOAuth2Request, userAuthentication));

            onSuccessfulAuthentication(request, response, userAuthentication);
        }
    } catch (UnauthorizedClientException failed) {
        //happens when all went well, but the client is not authorized for the identity provider
        UnapprovedClientAuthenticationException ex = new UnapprovedClientAuthenticationException(
                failed.getMessage(), failed);
        SecurityContextHolder.clearContext();
        logger.debug("Authentication request for failed: " + failed);
        onUnsuccessfulAuthentication(request, response, ex);
        authenticationEntryPoint.commence(request, response, ex);
        return;
    } catch (AuthenticationException failed) {
        SecurityContextHolder.clearContext();
        logger.debug("Authentication request for failed: " + failed);
        onUnsuccessfulAuthentication(request, response, failed);
        authenticationEntryPoint.commence(request, response, failed);
        return;
    } catch (InvalidScopeException ex) {
        String message = ex.getMessage();
        response.sendError(UNAUTHORIZED.value(), message);
        return;
    }

    chain.doFilter(request, response);
}