Class BearerTokenAccessDeniedHandler
java.lang.Object
org.springframework.security.oauth2.server.resource.web.access.BearerTokenAccessDeniedHandler
- All Implemented Interfaces:
AccessDeniedHandler
Translates any
AccessDeniedException
into an HTTP response in accordance with
RFC 6750
Section 3: The WWW-Authenticate.
So long as the class can prove that the request has a valid OAuth 2.0
Authentication
, then will return an
insufficient
scope error; otherwise, it will simply indicate the scheme (Bearer) and any
configured realm.
- Since:
- 5.1
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionvoid
handle
(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, AccessDeniedException accessDeniedException) Collect error details from the provided parameters and format according to RFC 6750, specificallyerror
,error_description
,error_uri
, andscope
.void
setRealmName
(String realmName) Set the default realm name to use in the bearer token error response
-
Constructor Details
-
BearerTokenAccessDeniedHandler
public BearerTokenAccessDeniedHandler()
-
-
Method Details
-
handle
public void handle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, AccessDeniedException accessDeniedException) Collect error details from the provided parameters and format according to RFC 6750, specificallyerror
,error_description
,error_uri
, andscope
.- Specified by:
handle
in interfaceAccessDeniedHandler
- Parameters:
request
- that resulted in anAccessDeniedException
response
- so that the user agent can be advised of the failureaccessDeniedException
- that caused the invocation
-
setRealmName
Set the default realm name to use in the bearer token error response- Parameters:
realmName
-
-