001/* 002 * oauth2-oidc-sdk 003 * 004 * Copyright 2012-2016, Connect2id Ltd and contributors. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.oauth2.sdk; 019 020 021import net.jcip.annotations.Immutable; 022 023import com.nimbusds.common.contenttype.ContentType; 024import com.nimbusds.oauth2.sdk.http.HTTPResponse; 025 026 027/** 028 * Pushed authorisation error response. 029 * 030 * <p>Example HTTP response: 031 * 032 * <pre> 033 * HTTP/1.1 400 Bad Request 034 * Content-Type: application/json 035 * Cache-Control: no-cache, no-store 036 * 037 * { 038 * "error ": "invalid_request", 039 * "error_description" : "The redirect_uri is not valid for the given client" 040 * } 041 * </pre> 042 * 043 * <p>Related specifications: 044 * 045 * <ul> 046 * <li>OAuth 2.0 Pushed Authorization Requests 047 * (draft-lodderstedt-oauth-par-01) 048 * </ul> 049 */ 050@Immutable 051public class PushedAuthorizationErrorResponse extends PushedAuthorizationResponse implements ErrorResponse { 052 053 054 /** 055 * The error. 056 */ 057 private final ErrorObject error; 058 059 060 /** 061 * Creates a new pushed authorisation error response. 062 * 063 * @param error The error. Must not be {@code null}. 064 */ 065 public PushedAuthorizationErrorResponse(final ErrorObject error) { 066 067 if (error == null) 068 throw new IllegalArgumentException("The error must not be null"); 069 070 this.error = error; 071 } 072 073 074 @Override 075 public boolean indicatesSuccess() { 076 return false; 077 } 078 079 080 @Override 081 public ErrorObject getErrorObject() { 082 return error; 083 } 084 085 086 @Override 087 public HTTPResponse toHTTPResponse() { 088 089 int statusCode = (error.getHTTPStatusCode() > 0) ? error.getHTTPStatusCode() : HTTPResponse.SC_BAD_REQUEST; 090 HTTPResponse httpResponse = new HTTPResponse(statusCode); 091 httpResponse.setCacheControl("no-store"); 092 httpResponse.setPragma("no-cache"); 093 094 if (getErrorObject().getCode() != null) { 095 httpResponse.setEntityContentType(ContentType.APPLICATION_JSON); 096 httpResponse.setContent(getErrorObject().toJSONObject().toJSONString()); 097 } 098 099 return httpResponse; 100 } 101 102 103 /** 104 * Parses a pushed authorisation error response from the specified HTTP 105 * response. 106 * 107 * @param httpResponse The HTTP response. Must not be {@code null}. 108 * 109 * @return The pushed authorisation error response. 110 * 111 * @throws ParseException If the HTTP response couldn't be parsed to a 112 * pushed authorisation error response. 113 */ 114 public static PushedAuthorizationErrorResponse parse(final HTTPResponse httpResponse) 115 throws ParseException { 116 117 int statusCode = httpResponse.getStatusCode(); 118 119 if (statusCode == HTTPResponse.SC_CREATED || statusCode == HTTPResponse.SC_OK) { 120 throw new ParseException("The HTTP status code must be other than 201 and 200"); 121 } 122 123 ErrorObject errorObject; 124 if (httpResponse.getEntityContentType() != null && ContentType.APPLICATION_JSON.matches(httpResponse.getEntityContentType())) { 125 errorObject = ErrorObject.parse(httpResponse.getContentAsJSONObject()); 126 } else { 127 errorObject = new ErrorObject(null); 128 } 129 130 return new PushedAuthorizationErrorResponse(errorObject.setHTTPStatusCode(statusCode)); 131 } 132}