com.nimbusds.openid.connect.sdk.OIDCError Maven / Gradle / Ivy

Go to download
Show more of this group Show more artifacts with this name
Show all versions of oauth2-oidc-sdk Show documentation
OAuth 2.0 SDK with OpenID Connection extensions for developing client and server applications.
There is a newer version: 11.19.1
/*
 * oauth2-oidc-sdk
 *
 * Copyright 2012-2016, Connect2id Ltd and contributors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
 * this file except in compliance with the License. You may obtain a copy of the
 * License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software distributed
 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
 * specific language governing permissions and limitations under the License.
 */

package com.nimbusds.openid.connect.sdk;


import com.nimbusds.oauth2.sdk.ErrorObject;
import com.nimbusds.oauth2.sdk.http.HTTPResponse;


/**
 * OpenID Connect specific errors.
 *
 * Related specifications:
 *
 * 

 *     OpenID Connect Core 1.0, section 3.1.2.6.
 * 
 */
public final class OIDCError {

	
	// Authentication endpoint
	
	/**
	 * The authorisation server requires end-user interaction of some form 
	 * to proceed. This error may be returned when the {@link Prompt} 
	 * parameter in the {@link AuthenticationRequest} is set to
	 * {@link Prompt.Type#NONE none} to request that the authorisation 
	 * server should not display any user interfaces to the end-user, but 
	 * the {@link AuthenticationRequest} cannot be completed without
	 * displaying a user interface for end-user interaction.
	 */
	public static final ErrorObject INTERACTION_REQUIRED =
		new ErrorObject("interaction_required", "User interaction required", HTTPResponse.SC_FOUND);

	/**
	 * The authorisation server requires end-user authentication. This 
	 * error may be returned when the prompt parameter in the 
	 * {@link AuthenticationRequest} is set to {@link Prompt.Type#NONE}
	 * to request that the authorisation server should not display any user 
	 * interfaces to the end-user, but the {@link AuthenticationRequest}
	 * cannot be completed without displaying a user interface for user 
	 * authentication.
	 */
	public static final ErrorObject LOGIN_REQUIRED =
		new ErrorObject("login_required", "Login required", HTTPResponse.SC_FOUND);

	
	/**
	 * The end-user is required to select a session at the authorisation 
	 * server. The end-user may be authenticated at the authorisation 
	 * server with different associated accounts, but the end-user did not 
	 * select a session. This error may be returned when the prompt 
	 * parameter in the {@link AuthenticationRequest} is set to
	 * {@link Prompt.Type#NONE} to request that the authorisation server 
	 * should not display any user interfaces to the end-user, but the 
	 * {@link AuthenticationRequest} cannot be completed without
	 * displaying a user interface to prompt for a session to use.
	 */
	public static final ErrorObject ACCOUNT_SELECTION_REQUIRED =
		new ErrorObject("account_selection_required", "Session selection required", HTTPResponse.SC_FOUND);

	
	/**
	 * The authorisation server requires end-user consent. This error may 
	 * be returned when the prompt parameter in the 
	 * {@link AuthenticationRequest} is set to {@link Prompt.Type#NONE}
	 * to request that the authorisation server should not display any 
	 * user interfaces to the end-user, but the 
	 * {@link AuthenticationRequest} cannot be completed without
	 * displaying a user interface for end-user consent.
	 */
	public static final ErrorObject	CONSENT_REQUIRED =
		new ErrorObject("consent_required", "Consent required", HTTPResponse.SC_FOUND);


	/**
	 * The {@code request_uri} in the {@link AuthenticationRequest}
	 * returns an error or invalid data.
	 */
	public static final ErrorObject INVALID_REQUEST_URI =
		new ErrorObject("invalid_request_uri", "Invalid OpenID request URI", HTTPResponse.SC_FOUND);

	
	/**
	 * The {@code request} parameter in the {@link AuthenticationRequest}
	 * contains an invalid OpenID Connect request object.
	 */
	public static final ErrorObject	INVALID_REQUEST_OBJECT =
		new ErrorObject("invalid_request_object", "Invalid OpenID request JWT", HTTPResponse.SC_FOUND);

	
	/**
	 * The {@code registration} parameter in the 
	 * {@link AuthenticationRequest} is not supported. Applies only to
	 * self-issued OpenID providers.
	 */
	public static final ErrorObject REGISTRATION_NOT_SUPPORTED =
		new ErrorObject("registration_not_supported", "Registration parameter not supported", HTTPResponse.SC_FOUND);
	
	
	/**
	 * The {@code request} parameter in the 
	 * {@link AuthenticationRequest} is not supported.
	 */
	public static final ErrorObject REQUEST_NOT_SUPPORTED =
		new ErrorObject("request_not_supported", "Request parameter not supported", HTTPResponse.SC_FOUND);
	
	
	/**
	 * The {@code request_uri} parameter in the 
	 * {@link AuthenticationRequest} is not supported.
	 */
	public static final ErrorObject REQUEST_URI_NOT_SUPPORTED =
		new ErrorObject("request_uri_not_supported", "Request URI parameter not supported", HTTPResponse.SC_FOUND);

	
	/**
	 * Prevents public instantiation.
	 */
	private OIDCError() { }
}