@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
endpoints.tokenStore(tokenStore)
.authenticationManager(authenticationManager)
.userDetailsService(userDetailsService)
.tokenGranter(tokenGranter)
.exceptionTranslator(new oAuth2ResponseExceptionTranslator());
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.oauth2.common.DefaultThrowableAnalyzer;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.exceptions.InsufficientScopeException;
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
import org.springframework.security.web.util.ThrowableAnalyzer;
import org.springframework.stereotype.Component;
import java.util.concurrent.ConcurrentHashMap;
@Component
public class OAuth2ResponseExceptionTranslator implements WebResponseExceptionTranslator {
private final ThrowableAnalyzer throwableAnalyzer = new DefaultThrowableAnalyzer();
public static final String ERROR = "error";
public static final String DESCRIPTION = "error_description";
public static final String URI = "error_uri";
public static final String INVALID_REQUEST = "invalid_request";
public static final String INVALID_CLIENT = "invalid_client";
public static final String INVALID_GRANT = "invalid_grant";
public static final String UNAUTHORIZED_CLIENT = "unauthorized_client";
public static final String UNSUPPORTED_GRANT_TYPE = "unsupported_grant_type";
public static final String INVALID_SCOPE = "invalid_scope";
public static final String INSUFFICIENT_SCOPE = "insufficient_scope";
public static final String INVALID_TOKEN = "invalid_token";
public static final String REDIRECT_URI_MISMATCH = "redirect_uri_mismatch";
public static final String UNSUPPORTED_RESPONSE_TYPE = "unsupported_response_type";
public static final String ACCESS_DENIED = "access_denied";
public static final String METHOD_NOT_ALLOWED = "method_not_allowed";
public static final String SERVER_ERROR = "server_error";
public static final String UNAUTHORIZED = "unauthorized";
private static final ConcurrentHashMap<String, String> OAUTH2_ERROR_MAP = new ConcurrentHashMap<>();
static {
OAUTH2_ERROR_MAP.put(INVALID_CLIENT, "无效的客户端");
OAUTH2_ERROR_MAP.put(INVALID_GRANT, "登录密码错误");
OAUTH2_ERROR_MAP.put(INVALID_SCOPE, "权限不足");
OAUTH2_ERROR_MAP.put(UNSUPPORTED_GRANT_TYPE, "不支持的授权模式类型");
OAUTH2_ERROR_MAP.put(ACCESS_DENIED, "验证码不正确");
OAUTH2_ERROR_MAP.put(METHOD_NOT_ALLOWED, "方法不允许访问");
OAUTH2_ERROR_MAP.put(SERVER_ERROR, "服务器内部异常");
OAUTH2_ERROR_MAP.put(UNAUTHORIZED, "未授权");
}
@Override
public ResponseEntity<OAuth2Exception> translate(Exception e) {
Throwable[] causeChain = throwableAnalyzer.determineCauseChain(e);
OAuth2Exception ase = (OAuth2Exception) throwableAnalyzer.getFirstThrowableOfType(OAuth2Exception.class, causeChain);
if (ase != null) {
return handleOAuth2Exception(ase);
}
System.out.println(e+"==========================");
return new ResponseEntity<>(new OAuth2Exception(e.getMessage(),e),HttpStatus.BAD_REQUEST);
}
private ResponseEntity<OAuth2Exception> handleOAuth2Exception(OAuth2Exception e) {
int status = e.getHttpErrorCode();
HttpHeaders headers = new HttpHeaders();
headers.set("Cache-Control", "no-store");
headers.set("Pragma", "no-cache");
if (status == HttpStatus.UNAUTHORIZED.value() || (e instanceof InsufficientScopeException)) {
headers.set("WWW-Authenticate", String.format("%s %s", OAuth2AccessToken.BEARER_TYPE, e.getSummary()));
}
String oAuth2ErrorMessage = OAUTH2_ERROR_MAP.getOrDefault(e.getOAuth2ErrorCode(),"未知异常:" + e.getOAuth2ErrorCode());
OAuth2Exception responseBody = new OAuth2Exception(oAuth2ErrorMessage,e);
return new ResponseEntity<>(responseBody, headers, HttpStatus.valueOf(status));
}
}
扫一扫
2512
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
