001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2016, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.oauth2.sdk.auth.verifier; 019 020 021import com.nimbusds.oauth2.sdk.ErrorObject; 022import com.nimbusds.oauth2.sdk.GeneralException; 023import com.nimbusds.oauth2.sdk.OAuth2Error; 024 025 026/** 027 * Invalid client exception. Selected static instances are provided to speed up 028 * exception processing. 029 */ 030public class InvalidClientException extends GeneralException { 031 032 033 /** 034 * Bad {@code client_id}. 035 */ 036 public static final InvalidClientException BAD_ID = new InvalidClientException("Bad client ID"); 037 038 039 /** 040 * The client is not registered for the requested authentication 041 * method. 042 */ 043 public static final InvalidClientException NOT_REGISTERED_FOR_AUTH_METHOD = new InvalidClientException("The client is not registered for the requested authentication method"); 044 045 046 /** 047 * The client has no registered {@code client_secret}. 048 */ 049 public static final InvalidClientException NO_REGISTERED_SECRET = new InvalidClientException("The client has no registered secret"); 050 051 052 /** 053 * The client has no registered JWK set. 054 */ 055 public static final InvalidClientException NO_REGISTERED_JWK_SET = new InvalidClientException("The client has no registered JWK set"); 056 057 058 /** 059 * Expired {@code client_secret}. 060 */ 061 public static final InvalidClientException EXPIRED_SECRET = new InvalidClientException("Expired client secret"); 062 063 064 /** 065 * Bad {@code client_secret}. 066 */ 067 public static final InvalidClientException BAD_SECRET = new InvalidClientException("Bad client secret"); 068 069 070 /** 071 * Bad JWT HMAC. 072 */ 073 public static final InvalidClientException BAD_JWT_HMAC = new InvalidClientException("Bad JWT HMAC"); 074 075 076 /** 077 * No matching public JWKs for JWT signature verification found. 078 */ 079 public static final InvalidClientException NO_MATCHING_JWK = new InvalidClientException("No matching JWKs found"); 080 081 082 /** 083 * Bad JWT signature. 084 */ 085 public static final InvalidClientException BAD_JWT_SIGNATURE = new InvalidClientException("Bad JWT signature"); 086 087 088 /** 089 * Bad self-signed client X.509 certificate. 090 */ 091 public static final InvalidClientException BAD_SELF_SIGNED_CLIENT_CERTIFICATE = new InvalidClientException("Couldn't validate client X.509 certificate signature: No matching registered client JWK found"); 092 093 094 /** 095 * Creates a new invalid client exception. 096 * 097 * @param message The message. Will not be appended to the OAuth 2.0 098 * error description to be prevent exposing details 099 * about why authentication didn't succeed to the 100 * client. 101 */ 102 public InvalidClientException(final String message) { 103 super(message); 104 } 105 106 107 /** 108 * Returns an OAuth 2.0 error object representation. 109 * 110 * @return {@link OAuth2Error#INVALID_CLIENT}. 111 */ 112 @Override 113 public ErrorObject getErrorObject() { 114 return OAuth2Error.INVALID_CLIENT; 115 } 116}