001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2016, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.oauth2.sdk.auth.verifier; 019 020 021import com.nimbusds.oauth2.sdk.ErrorObject; 022import com.nimbusds.oauth2.sdk.GeneralException; 023import com.nimbusds.oauth2.sdk.OAuth2Error; 024 025 026/** 027 * Invalid client exception. Selected static instances are provided to speed up 028 * exception processing. 029 */ 030public class InvalidClientException extends GeneralException { 031 032 033 private static final long serialVersionUID = 6966319043404932893L; 034 035 036 /** 037 * Bad {@code client_id}. 038 */ 039 public static final InvalidClientException BAD_ID = new InvalidClientException("Bad client ID"); 040 041 042 /** 043 * The client is not registered for the requested authentication 044 * method. 045 */ 046 public static final InvalidClientException NOT_REGISTERED_FOR_AUTH_METHOD = new InvalidClientException("The client is not registered for the requested authentication method"); 047 048 049 /** 050 * The client has no registered {@code client_secret}. 051 */ 052 public static final InvalidClientException NO_REGISTERED_SECRET = new InvalidClientException("The client has no registered secret"); 053 054 055 /** 056 * The client has no registered JWK set. 057 */ 058 public static final InvalidClientException NO_REGISTERED_JWK_SET = new InvalidClientException("The client has no registered JWK set"); 059 060 061 /** 062 * Expired {@code client_secret}. 063 */ 064 public static final InvalidClientException EXPIRED_SECRET = new InvalidClientException("Expired client secret"); 065 066 067 /** 068 * Bad {@code client_secret}. 069 */ 070 public static final InvalidClientException BAD_SECRET = new InvalidClientException("Bad client secret"); 071 072 073 /** 074 * Bad JWT HMAC. 075 */ 076 public static final InvalidClientException BAD_JWT_HMAC = new InvalidClientException("Bad JWT HMAC"); 077 078 079 /** 080 * No matching public JWKs for JWT signature verification found. 081 */ 082 public static final InvalidClientException NO_MATCHING_JWK = new InvalidClientException("No matching JWKs found"); 083 084 085 /** 086 * Bad JWT signature. 087 */ 088 public static final InvalidClientException BAD_JWT_SIGNATURE = new InvalidClientException("Bad JWT signature"); 089 090 091 /** 092 * Bad self-signed client X.509 certificate. 093 */ 094 public static final InvalidClientException BAD_SELF_SIGNED_CLIENT_CERTIFICATE = new InvalidClientException("Couldn't validate client X.509 certificate signature: No matching registered client JWK found"); 095 096 097 /** 098 * Creates a new invalid client exception. 099 * 100 * @param message The message. Will not be appended to the OAuth 2.0 101 * error description to be prevent exposing details 102 * about why authentication didn't succeed to the 103 * client. 104 */ 105 public InvalidClientException(final String message) { 106 super(message); 107 } 108 109 110 /** 111 * Returns an OAuth 2.0 error object representation. 112 * 113 * @return {@link OAuth2Error#INVALID_CLIENT}. 114 */ 115 @Override 116 public ErrorObject getErrorObject() { 117 return OAuth2Error.INVALID_CLIENT; 118 } 119}