io.fusionauth.domain.oauth2.OAuthError Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of fusionauth-java-client Show documentation
Show all versions of fusionauth-java-client Show documentation
The Java Client library provides a native Java binding to the FusionAuth REST API.
/*
* Copyright (c) 2018-2019, FusionAuth, All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
* either express or implied. See the License for the specific
* language governing permissions and limitations under the License.
*/
package io.fusionauth.domain.oauth2;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.inversoft.json.JacksonConstructor;
import com.inversoft.json.ToString;
/**
* @author Daniel DeGroff
*/
public class OAuthError implements OAuthResponse {
@JsonProperty("change_password_id")
public String changePasswordId;
@JsonProperty("error_description")
public String description;
public OAuthErrorType error;
@SuppressWarnings("unused")
@JsonProperty("error_uri")
public String errorURI;
@JsonProperty("error_reason")
public OAuthErrorReason reason;
@JsonProperty("two_factor_id")
public String twoFactorId;
@JacksonConstructor
public OAuthError() {
}
public OAuthError(OAuthErrorType error, OAuthErrorReason reason, String description) {
this.error = error;
this.reason = reason;
this.description = description;
}
public OAuthError(OAuthErrorType error, String description) {
this.description = description;
this.error = error;
}
public String toString() {
return ToString.toString(this);
}
public enum OAuthErrorReason {
auth_code_not_found,
access_token_malformed,
access_token_expired,
access_token_unavailable_for_processing,
access_token_failed_processing,
refresh_token_not_found,
refresh_token_type_not_supported,
// Invalid request parameters
invalid_client_id,
invalid_user_credentials,
invalid_grant_type,
invalid_origin,
invalid_origin_opaque,
invalid_pkce_code_verifier,
invalid_pkce_code_challenge,
invalid_pkce_code_challenge_method,
invalid_redirect_uri,
invalid_response_mode,
invalid_response_type,
invalid_id_token_hint,
invalid_post_logout_redirect_uri,
invalid_device_code,
invalid_user_code,
invalid_additional_client_id,
invalid_target_entity_scope,
invalid_entity_permission_scope,
// Grant disabled
grant_type_disabled,
// Missing request parameters
missing_client_id,
missing_client_secret,
missing_code,
missing_code_challenge,
missing_code_verifier,
missing_device_code,
missing_grant_type,
missing_redirect_uri,
missing_refresh_token,
missing_response_type,
missing_token,
missing_user_code,
missing_verification_uri,
login_prevented,
not_licensed,
user_code_expired,
user_expired,
user_locked,
user_not_found,
// Bad client authentication
client_authentication_missing,
invalid_client_authentication_scheme,
invalid_client_authentication,
client_id_mismatch,
// Change password reasons
change_password_administrative,
change_password_breached,
change_password_expired,
change_password_validation,
unknown
}
public enum OAuthErrorType {
// RFC 6749 Error Response types
invalid_request,
invalid_client,
invalid_grant,
// Described in section 5.3.3 of the OpenID Connect Core https://openid.net/specs/openid-connect-core-1_0.html#UserInfoError
invalid_token,
unauthorized_client,
invalid_scope,
server_error,
unsupported_grant_type,
unsupported_response_type,
// RFC 6749 does not account for these states, so we invented them.
change_password_required,
not_licensed,
two_factor_required,
// RFC 8628 Device Authorization
authorization_pending,
expired_token,
// Used in Introspect validation. See section 2.1 of RFC 7662 https://tools.ietf.org/html/rfc7662
// - Values for 'token_type_hint' are defined by RFC 7009 "OAuth Token Type Hints". https://tools.ietf.org/html/rfc7009
// - Validation for this field is described in section 4.1.1 of RFC 7009.
unsupported_token_type
}
}