Class OAuth2ErrorCodes
java.lang.Object
org.springframework.security.oauth2.core.OAuth2ErrorCodes
Standard error codes defined by the OAuth 2.0 Authorization Framework.
- Since:
- 5.0
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final Stringaccess_denied- The resource owner or authorization server denied the request.static final Stringinsufficient_scope- The request requires higher privileges than provided by the access token.static final Stringinvalid_client- Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method).static final Stringinvalid_grant- The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.static final Stringinvalid_redirect_uri- The value of one or more redirection URIs is invalid.static final Stringinvalid_request- The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.static final Stringinvalid_scope- The requested scope is invalid, unknown, malformed or exceeds the scope granted by the resource owner.static final Stringinvalid_token- The access token provided is expired, revoked, malformed, or invalid for other reasons.static final Stringserver_error- The authorization server encountered an unexpected condition that prevented it from fulfilling the request.static final Stringtemporarily_unavailable- The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server.static final Stringunauthorized_client- The client is not authorized to request an authorization code or access token using this method.static final Stringunsupported_grant_type- The authorization grant type is not supported by the authorization server.static final Stringunsupported_response_type- The authorization server does not support obtaining an authorization code or access token using this method.static final Stringunsupported_token_type- The authorization server does not support the revocation of the presented token type. -
Method Summary
-
Field Details
-
INVALID_REQUEST
invalid_request- The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.- See Also:
-
UNAUTHORIZED_CLIENT
unauthorized_client- The client is not authorized to request an authorization code or access token using this method.- See Also:
-
ACCESS_DENIED
access_denied- The resource owner or authorization server denied the request.- See Also:
-
UNSUPPORTED_RESPONSE_TYPE
unsupported_response_type- The authorization server does not support obtaining an authorization code or access token using this method.- See Also:
-
INVALID_SCOPE
invalid_scope- The requested scope is invalid, unknown, malformed or exceeds the scope granted by the resource owner.- See Also:
-
INSUFFICIENT_SCOPE
insufficient_scope- The request requires higher privileges than provided by the access token. The resource server SHOULD respond with the HTTP 403 (Forbidden) status code and MAY include the "scope" attribute with the scope necessary to access the protected resource. -
INVALID_TOKEN
invalid_token- The access token provided is expired, revoked, malformed, or invalid for other reasons. The resource SHOULD respond with the HTTP 401 (Unauthorized) status code. The client MAY request a new access token and retry the protected resource request. -
SERVER_ERROR
server_error- The authorization server encountered an unexpected condition that prevented it from fulfilling the request. (This error code is needed because a 500 Internal Server Error HTTP status code cannot be returned to the client via a HTTP redirect.)- See Also:
-
TEMPORARILY_UNAVAILABLE
temporarily_unavailable- The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server. (This error code is needed because a 503 Service Unavailable HTTP status code cannot be returned to the client via an HTTP redirect.)- See Also:
-
INVALID_CLIENT
invalid_client- Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return a HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the "Authorization" request header field, the authorization server MUST respond with a HTTP 401 (Unauthorized) status code and include the "WWW-Authenticate" response header field matching the authentication scheme used by the client.- See Also:
-
INVALID_GRANT
invalid_grant- The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.- See Also:
-
UNSUPPORTED_GRANT_TYPE
unsupported_grant_type- The authorization grant type is not supported by the authorization server.- See Also:
-
UNSUPPORTED_TOKEN_TYPE
unsupported_token_type- The authorization server does not support the revocation of the presented token type.- Since:
- 5.5
- See Also:
-
INVALID_REDIRECT_URI
invalid_redirect_uri- The value of one or more redirection URIs is invalid.- Since:
- 5.6
- See Also:
-