001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2014-2015 ForgeRock AS. 015 */ 016 017package org.forgerock.openig.filter.oauth2.challenge; 018 019import org.forgerock.http.protocol.Response; 020import org.forgerock.http.protocol.Status; 021 022/** 023 * Builds an error {@link Response} when the request is invalid (missing param, malformed, ...). 024 * <p> 025 * Example: 026 * <pre> 027 * {@code 028 * HTTP/1.1 400 Bad Request 029 * WWW-Authenticate: Bearer realm="example", 030 * error="invalid_request", 031 * error_description="...." 032 * } 033 * </pre> 034 */ 035public class InvalidRequestChallengeHandler extends AuthenticateChallengeHandler { 036 037 private static final String INVALID_REQUEST_DESCRIPTION = "The request is missing a required parameter, " 038 + "includes an unsupported parameter or parameter value, repeats the same parameter, " 039 + "uses more than one method for including an access token, or is otherwise malformed."; 040 041 /** 042 * Builds a new InvalidRequestChallengeHandler with a default error description and no error page URI. 043 * 044 * @param realm 045 * mandatory realm value. 046 */ 047 public InvalidRequestChallengeHandler(final String realm) { 048 this(realm, null); 049 } 050 051 /** 052 * Builds a new InvalidRequestChallengeHandler with a default error description. 053 * 054 * @param realm 055 * mandatory realm value. 056 * @param invalidRequestUri 057 * error uri page (will be omitted if {@literal null}) 058 */ 059 public InvalidRequestChallengeHandler(final String realm, 060 final String invalidRequestUri) { 061 this(realm, INVALID_REQUEST_DESCRIPTION, invalidRequestUri); 062 } 063 064 /** 065 * Builds a new InvalidRequestChallengeHandler. 066 * 067 * @param realm 068 * mandatory realm value. 069 * @param description 070 * error description (will be omitted if {@literal null}) 071 * @param invalidRequestUri 072 * error uri page (will be omitted if {@literal null}) 073 */ 074 public InvalidRequestChallengeHandler(final String realm, 075 final String description, 076 final String invalidRequestUri) { 077 super(realm, "invalid_request", description, invalidRequestUri); 078 } 079 080 @Override 081 protected Response createResponse() { 082 Response response = new Response(); 083 response.setStatus(Status.BAD_REQUEST); 084 return response; 085 } 086 087}