Package org.springframework.security.oauth2.core

Interface OAuth2ErrorCodes

  • public interface OAuth2ErrorCodes
    Standard error codes defined by the OAuth 2.0 Authorization Framework.
    Since:
    5.0

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static java.lang.String ACCESS_DENIED
      access_denied - The resource owner or authorization server denied the request.
      static java.lang.String INSUFFICIENT_SCOPE
      insufficient_scope - The request requires higher privileges than provided by the access token.
      static java.lang.String INVALID_CLIENT
      invalid_client - Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method).
      static java.lang.String INVALID_GRANT
      invalid_grant - The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
      static java.lang.String INVALID_REQUEST
      invalid_request - The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.
      static java.lang.String INVALID_SCOPE
      invalid_scope - The requested scope is invalid, unknown, malformed or exceeds the scope granted by the resource owner.
      static java.lang.String INVALID_TOKEN
      invalid_token - The access token provided is expired, revoked, malformed, or invalid for other reasons.
      static java.lang.String SERVER_ERROR
      server_error - The authorization server encountered an unexpected condition that prevented it from fulfilling the request.
      static java.lang.String TEMPORARILY_UNAVAILABLE
      temporarily_unavailable - The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server.
      static java.lang.String UNAUTHORIZED_CLIENT
      unauthorized_client - The client is not authorized to request an authorization code or access token using this method.
      static java.lang.String UNSUPPORTED_GRANT_TYPE
      unsupported_grant_type - The authorization grant type is not supported by the authorization server.
      static java.lang.String UNSUPPORTED_RESPONSE_TYPE
      unsupported_response_type - The authorization server does not support obtaining an authorization code or access token using this method.
      static java.lang.String UNSUPPORTED_TOKEN_TYPE
      unsupported_token_type - The authorization server does not support the revocation of the presented token type.

    • Field Detail

      • INVALID_REQUEST

        static final java.lang.String INVALID_REQUEST
        invalid_request - The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.
        See Also:
        Constant Field Values

      • UNAUTHORIZED_CLIENT

        static final java.lang.String UNAUTHORIZED_CLIENT
        unauthorized_client - The client is not authorized to request an authorization code or access token using this method.
        See Also:
        Constant Field Values

      • ACCESS_DENIED

        static final java.lang.String ACCESS_DENIED
        access_denied - The resource owner or authorization server denied the request.
        See Also:
        Constant Field Values

      • UNSUPPORTED_RESPONSE_TYPE

        static final java.lang.String UNSUPPORTED_RESPONSE_TYPE
        unsupported_response_type - The authorization server does not support obtaining an authorization code or access token using this method.
        See Also:
        Constant Field Values

      • INVALID_SCOPE

        static final java.lang.String INVALID_SCOPE
        invalid_scope - The requested scope is invalid, unknown, malformed or exceeds the scope granted by the resource owner.
        See Also:
        Constant Field Values

      • INSUFFICIENT_SCOPE

        static final java.lang.String INSUFFICIENT_SCOPE
        insufficient_scope - The request requires higher privileges than provided by the access token. The resource server SHOULD respond with the HTTP 403 (Forbidden) status code and MAY include the "scope" attribute with the scope necessary to access the protected resource.
        See Also:
        RFC-6750 - Section 3.1 - Error Codes, Constant Field Values

      • INVALID_TOKEN

        static final java.lang.String INVALID_TOKEN
        invalid_token - The access token provided is expired, revoked, malformed, or invalid for other reasons. The resource SHOULD respond with the HTTP 401 (Unauthorized) status code. The client MAY request a new access token and retry the protected resource request.
        See Also:
        RFC-6750 - Section 3.1 - Error Codes, Constant Field Values

      • SERVER_ERROR

        static final java.lang.String SERVER_ERROR
        server_error - The authorization server encountered an unexpected condition that prevented it from fulfilling the request. (This error code is needed because a 500 Internal Server Error HTTP status code cannot be returned to the client via a HTTP redirect.)
        See Also:
        Constant Field Values

      • TEMPORARILY_UNAVAILABLE

        static final java.lang.String TEMPORARILY_UNAVAILABLE
        temporarily_unavailable - The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server. (This error code is needed because a 503 Service Unavailable HTTP status code cannot be returned to the client via an HTTP redirect.)
        See Also:
        Constant Field Values

      • INVALID_CLIENT

        static final java.lang.String INVALID_CLIENT
        invalid_client - Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return a HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the "Authorization" request header field, the authorization server MUST respond with a HTTP 401 (Unauthorized) status code and include the "WWW-Authenticate" response header field matching the authentication scheme used by the client.
        See Also:
        Constant Field Values

      • INVALID_GRANT

        static final java.lang.String INVALID_GRANT
        invalid_grant - The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
        See Also:
        Constant Field Values

      • UNSUPPORTED_GRANT_TYPE

        static final java.lang.String UNSUPPORTED_GRANT_TYPE
        unsupported_grant_type - The authorization grant type is not supported by the authorization server.
        See Also:
        Constant Field Values