...
This page describes a mechanism to send custom error codes to client side in case of defined/identified errors, using a custom grant handler. This simply uses the previous mobile grant sample and add the specific error codes/messages.
Resources:
Here is the Maven buildable source, compatible with WSO2 Identity Server 5.1.0 version. The attached jar file can be directly used as well.
Buildable Source | custom-grant.zip |
---|---|
Built Jar File | custom-grant-1.0.0.jar |
Sample Code:
Following is the relevant code segment in the sample class "org.wso2.sample.identity.oauth2.grant.mobile.MobileGrant" inside validateGrant method.
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
if(mobileNumber != null) {
//validate mobile number
authStatus = isValidMobileNumber(mobileNumber);
if(authStatus) {
// if valid set authorized mobile number as grant user
AuthenticatedUser mobileUser = new AuthenticatedUser();
mobileUser.setUserName(mobileNumber);
oAuthTokenReqMessageContext.setAuthorizedUser(mobileUser);
oAuthTokenReqMessageContext.setScope(oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().getScope());
} else{
ResponseHeader responseHeader = new ResponseHeader();
responseHeader.setKey("SampleHeader-999");
responseHeader.setValue("Provided Mobile Number is Invalid.");
oAuthTokenReqMessageContext.addProperty("RESPONSE_HEADERS", new ResponseHeader[]{responseHeader});
}
} |
Note the lines from 71-75 which sets a custom response header in case of an invalid mobile number sent.
Try out Scenario:
Happy Path:
Code Block | ||
---|---|---|
| ||
curl --user <Client_id>:<Client_secret> -k -d "grant_type=mobile&mobileNumber=0333444" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:9443/oauth2/token |
Errorneous Path:
Code Block | ||
---|---|---|
| ||
curl -v --user vSfeQ9jfNodY1tv9KLNNxLOw7kwa:CEUWu7fDNy_RYg5lO_mp8PLf7nQa -k -d "grant_type=mobile&mobileNumber=0363444" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:9443/oauth2/token |
Note the this is errorneous according to the custom grant we have, as the mobile number does not start with '033'. With the -v option in cURL command we can see the header of the response, which is as below for this.
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
> POST /oauth2/token HTTP/1.1
> Authorization: Basic dlNmZVE5amZOb2RZMXR2OUtMTk54TE93N2t3YTpDRVVXdTdmRE55X1JZZzVsT19tcDhQTGY3blFh
> User-Agent: curl/7.29.0
> Host: localhost:9443
> Accept: */*
> Content-Type: application/x-www-form-urlencoded
> Content-Length: 38
>
* upload completely sent off: 38 out of 38 bytes
< HTTP/1.1 400 Bad Request
< Date: Wed, 13 Jan 2016 06:05:33 GMT
< SampleHeader-999: Provided Mobile Number is Invalid.
< Content-Type: application/json
< Content-Length: 87
< Connection: close
< Server: WSO2 Carbon Server
<
* Closing connection 0
* SSLv3, TLS alert, Client hello (1):
{"error":"invalid_grant","error_description":"Provided Authorization Grant is invalid"} |
Note the custom header appearing in the headers at line 12 as we set in code.
Similarly this can be used to transfer any custom information to the client, in a flexible manner.