001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2014 ForgeRock AS. 015 */ 016 017package org.forgerock.openig.filter.oauth2.challenge; 018 019import org.forgerock.openig.http.Response; 020 021/** 022 * Builds an error {@link Response} when the request is invalid (missing param, malformed, ...). 023 * <p> 024 * Example: 025 * <pre> 026 * HTTP/1.1 400 Bad Request 027 * WWW-Authenticate: Bearer realm="example", 028 * error="invalid_request", 029 * error_description="...." 030 * </pre> 031 */ 032public class InvalidRequestChallengeHandler extends AuthenticateChallengeHandler { 033 034 private static final String INVALID_REQUEST_DESCRIPTION = "The request is missing a required parameter, " 035 + "includes an unsupported parameter or parameter value, repeats the same parameter, " 036 + "uses more than one method for including an access token, or is otherwise malformed."; 037 038 /** 039 * Builds a new InvalidRequestChallengeHandler with a default error description and no error page URI. 040 * 041 * @param realm 042 * mandatory realm value. 043 */ 044 public InvalidRequestChallengeHandler(final String realm) { 045 this(realm, null); 046 } 047 048 /** 049 * Builds a new InvalidRequestChallengeHandler with a default error description. 050 * 051 * @param realm 052 * mandatory realm value. 053 * @param invalidRequestUri 054 * error uri page (will be omitted if {@literal null}) 055 */ 056 public InvalidRequestChallengeHandler(final String realm, 057 final String invalidRequestUri) { 058 this(realm, INVALID_REQUEST_DESCRIPTION, invalidRequestUri); 059 } 060 061 /** 062 * Builds a new InvalidRequestChallengeHandler. 063 * 064 * @param realm 065 * mandatory realm value. 066 * @param description 067 * error description (will be omitted if {@literal null}) 068 * @param invalidRequestUri 069 * error uri page (will be omitted if {@literal null}) 070 */ 071 public InvalidRequestChallengeHandler(final String realm, 072 final String description, 073 final String invalidRequestUri) { 074 super(realm, "invalid_request", description, invalidRequestUri); 075 } 076 077 @Override 078 protected Response createResponse() { 079 Response response = new Response(); 080 response.setStatus(400); 081 response.setReason("Bad Request"); 082 return response; 083 } 084 085}