001/*
002 * The contents of this file are subject to the terms of the Common Development and
003 * Distribution License (the License). You may not use this file except in compliance with the
004 * License.
005 *
006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
007 * specific language governing permission and limitations under the License.
008 *
009 * When distributing Covered Software, include this CDDL Header Notice in each file and include
010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
011 * Header, with the fields enclosed by brackets [] replaced by your own identifying
012 * information: "Portions copyright [year] [name of copyright owner]".
013 *
014 * Copyright 2014-2015 ForgeRock AS.
015 */
016
017package org.forgerock.openig.filter.oauth2.challenge;
018
019import org.forgerock.http.protocol.Response;
020import org.forgerock.http.protocol.Status;
021
022/**
023 * Builds an error {@link Response} when the request is invalid (missing param, malformed, ...).
024 * <p>
025 * Example:
026 * <pre>
027 *     {@code
028 *     HTTP/1.1 400 Bad Request
029 *     WWW-Authenticate: Bearer realm="example",
030 *                              error="invalid_request",
031 *                              error_description="...."
032 *     }
033 * </pre>
034 */
035public class InvalidRequestChallengeHandler extends AuthenticateChallengeHandler {
036
037    private static final String INVALID_REQUEST_DESCRIPTION = "The request is missing a required parameter, "
038            + "includes an unsupported parameter or parameter value, repeats the same parameter, "
039            + "uses more than one method for including an access token, or is otherwise malformed.";
040
041    /**
042     * Builds a new InvalidRequestChallengeHandler with a default error description and no error page URI.
043     *
044     * @param realm
045     *         mandatory realm value.
046     */
047    public InvalidRequestChallengeHandler(final String realm) {
048        this(realm, null);
049    }
050
051    /**
052     * Builds a new InvalidRequestChallengeHandler with a default error description.
053     *
054     * @param realm
055     *         mandatory realm value.
056     * @param invalidRequestUri
057     *         error uri page (will be omitted if {@literal null})
058     */
059    public InvalidRequestChallengeHandler(final String realm,
060                                          final String invalidRequestUri) {
061        this(realm, INVALID_REQUEST_DESCRIPTION, invalidRequestUri);
062    }
063
064    /**
065     * Builds a new InvalidRequestChallengeHandler.
066     *
067     * @param realm
068     *         mandatory realm value.
069     * @param description
070     *         error description (will be omitted if {@literal null})
071     * @param invalidRequestUri
072     *         error uri page (will be omitted if {@literal null})
073     */
074    public InvalidRequestChallengeHandler(final String realm,
075                                          final String description,
076                                          final String invalidRequestUri) {
077        super(realm, "invalid_request", description, invalidRequestUri);
078    }
079
080    @Override
081    protected Response createResponse() {
082        Response response = new Response();
083        response.setStatus(Status.BAD_REQUEST);
084        return response;
085    }
086
087}