New checks for "invalid_grant" and "access_denied" error together with ""Token is not active"", "Invalid bearer token" and "not_authorized" descriptions
This commit is contained in:
parent
a8c38ee12e
commit
1fb2b2408e
|
@ -2,6 +2,9 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
|
||||||
|
|
||||||
# Changelog for "oidc-library"
|
# Changelog for "oidc-library"
|
||||||
|
|
||||||
|
## [v1.1.1]
|
||||||
|
- New checks for "invalid_grant" and "access_denied" error together with ""Token is not active"", "Invalid bearer token" and "not_authorized" descriptions (#20407)
|
||||||
|
|
||||||
## [v1.1.0]
|
## [v1.1.0]
|
||||||
- Added avatar configuration and retrieve helper methods (#19726)
|
- Added avatar configuration and retrieve helper methods (#19726)
|
||||||
|
|
||||||
|
|
17
pom.xml
17
pom.xml
|
@ -13,7 +13,8 @@
|
||||||
|
|
||||||
<groupId>org.gcube.common</groupId>
|
<groupId>org.gcube.common</groupId>
|
||||||
<artifactId>oidc-library</artifactId>
|
<artifactId>oidc-library</artifactId>
|
||||||
<version>1.1.0</version>
|
<version>1.1.1</version>
|
||||||
|
|
||||||
<dependencyManagement>
|
<dependencyManagement>
|
||||||
<dependencies>
|
<dependencies>
|
||||||
<dependency>
|
<dependency>
|
||||||
|
@ -25,11 +26,13 @@
|
||||||
</dependency>
|
</dependency>
|
||||||
</dependencies>
|
</dependencies>
|
||||||
</dependencyManagement>
|
</dependencyManagement>
|
||||||
<scm>
|
|
||||||
<connection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.artifactId}.git</connection>
|
<scm>
|
||||||
<developerConnection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.artifactId}.git</developerConnection>
|
<connection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.artifactId}.git</connection>
|
||||||
<url>https://code-repo.d4science.org/gCubeSystem/${project.artifactId}</url>
|
<developerConnection>scm:git:https://code-repo.d4science.org/gCubeSystem/${project.artifactId}.git</developerConnection>
|
||||||
</scm>
|
<url>https://code-repo.d4science.org/gCubeSystem/${project.artifactId}</url>
|
||||||
|
</scm>
|
||||||
|
|
||||||
<dependencies>
|
<dependencies>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.slf4j</groupId>
|
<groupId>org.slf4j</groupId>
|
||||||
|
@ -54,5 +57,7 @@
|
||||||
<scope>test</scope>
|
<scope>test</scope>
|
||||||
</dependency>
|
</dependency>
|
||||||
</dependencies>
|
</dependencies>
|
||||||
|
|
||||||
<build />
|
<build />
|
||||||
|
|
||||||
</project>
|
</project>
|
|
@ -30,8 +30,11 @@ public class OpenIdConnectRESTHelper {
|
||||||
|
|
||||||
private static final String RESPONSE_ERROR_KEY = "error";
|
private static final String RESPONSE_ERROR_KEY = "error";
|
||||||
private static final String RESPONSE_ERROR_INVALID_GRANT = "invalid_grant";
|
private static final String RESPONSE_ERROR_INVALID_GRANT = "invalid_grant";
|
||||||
|
private static final String RESPONSE_ERROR_ACCESS_DENIED = "access_denied";
|
||||||
private static final String RESPONSE_ERROR_DESCRIPTION_KEY = "error_description";
|
private static final String RESPONSE_ERROR_DESCRIPTION_KEY = "error_description";
|
||||||
private static final String RESPONSE_ERROR_MESSAGE_TINA = "Token is not active";
|
private static final String RESPONSE_ERROR_DESCRIPTION_TINA = "Token is not active";
|
||||||
|
private static final String RESPONSE_ERROR_DESCRIPTION_IBT = "Invalid bearer token";
|
||||||
|
private static final String RESPONSE_ERROR_DESCRIPTION_NOT_AUTHORIZED = "not_authorized";
|
||||||
|
|
||||||
public static String buildLoginRequestURL(URL loginURL, String clientId, String state, String redirectURI)
|
public static String buildLoginRequestURL(URL loginURL, String clientId, String state, String redirectURI)
|
||||||
throws UnsupportedEncodingException {
|
throws UnsupportedEncodingException {
|
||||||
|
@ -294,14 +297,30 @@ public class OpenIdConnectRESTHelper {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
public static boolean isTokenNotActiveError(String jsonString) {
|
protected static boolean matchesErrorAndDescription(String jsonString, String expectedError,
|
||||||
|
String exepectedErrorDescription) {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
JSONObject json = (JSONObject) new JSONParser().parse(jsonString);
|
JSONObject json = (JSONObject) new JSONParser().parse(jsonString);
|
||||||
return RESPONSE_ERROR_INVALID_GRANT.equals(json.get(RESPONSE_ERROR_KEY))
|
return expectedError.equals(json.get(RESPONSE_ERROR_KEY))
|
||||||
&& RESPONSE_ERROR_MESSAGE_TINA.equals(json.get(RESPONSE_ERROR_DESCRIPTION_KEY));
|
&& (exepectedErrorDescription == null
|
||||||
|
|| exepectedErrorDescription.equals(json.get(RESPONSE_ERROR_DESCRIPTION_KEY)));
|
||||||
} catch (ParseException e) {
|
} catch (ParseException e) {
|
||||||
// Is an unparseable JSON
|
// Is an unparseable JSON
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static boolean isTokenNotActiveError(String jsonString) {
|
||||||
|
return matchesErrorAndDescription(jsonString, RESPONSE_ERROR_INVALID_GRANT, RESPONSE_ERROR_DESCRIPTION_TINA);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static boolean isInvalidBearerTokenError(String jsonString) {
|
||||||
|
return matchesErrorAndDescription(jsonString, RESPONSE_ERROR_INVALID_GRANT, RESPONSE_ERROR_DESCRIPTION_IBT);
|
||||||
|
}
|
||||||
|
|
||||||
|
public static boolean isAccessDeniedNotAuthorizedError(String jsonString) {
|
||||||
|
return matchesErrorAndDescription(jsonString, RESPONSE_ERROR_ACCESS_DENIED,
|
||||||
|
RESPONSE_ERROR_DESCRIPTION_NOT_AUTHORIZED);
|
||||||
|
}
|
||||||
}
|
}
|
Loading…
Reference in New Issue