This page is under construction
This page describes a mechanism to send custom error codes to client side in case of defined/identified errors, using a custom grant handler. This simply uses the previous mobile grant sample and add the specific error codes/messages.
Resources:
Here is the Maven buildable source, compatible with WSO2 Identity Server 5.1.0 version. The attached jar file can be directly used as well.
Buildable Source | custom-grant.zip |
---|---|
Built Jar File | custom-grant-1.0.0.jar |
Sample Code:
Following is the relevant code segment in the sample class "org.wso2.sample.identity.oauth2.grant.mobile.MobileGrant" inside validateGrant method.
if(mobileNumber != null) { //validate mobile number authStatus = isValidMobileNumber(mobileNumber); if(authStatus) { // if valid set authorized mobile number as grant user AuthenticatedUser mobileUser = new AuthenticatedUser(); mobileUser.setUserName(mobileNumber); oAuthTokenReqMessageContext.setAuthorizedUser(mobileUser); oAuthTokenReqMessageContext.setScope(oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().getScope()); } else{ ResponseHeader responseHeader = new ResponseHeader(); responseHeader.setKey("SampleHeader-999"); responseHeader.setValue("Provided Mobile Number is Invalid."); oAuthTokenReqMessageContext.addProperty("RESPONSE_HEADERS", new ResponseHeader[]{responseHeader}); } }
Note the lines from 71-75 which sets a custom response header in case of an invalid mobile number sent.
Try out Scenario:
Happy Path:
curl --user <Client_id>:<Client_secret> -k -d "grant_type=mobile&mobileNumber=0333444" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:9443/oauth2/token
Errorneous Path:
curl -v --user vSfeQ9jfNodY1tv9KLNNxLOw7kwa:CEUWu7fDNy_RYg5lO_mp8PLf7nQa -k -d "grant_type=mobile&mobileNumber=0363444" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:9443/oauth2/token
Note that this is errorneous according to the custom grant we have, as the mobile number does not start with '033'. With the -v option in cURL command we can see the header of the response, which is as below for this.
> POST /oauth2/token HTTP/1.1 > Authorization: Basic dlNmZVE5amZOb2RZMXR2OUtMTk54TE93N2t3YTpDRVVXdTdmRE55X1JZZzVsT19tcDhQTGY3blFh > User-Agent: curl/7.29.0 > Host: localhost:9443 > Accept: */* > Content-Type: application/x-www-form-urlencoded > Content-Length: 38 > * upload completely sent off: 38 out of 38 bytes < HTTP/1.1 400 Bad Request < Date: Wed, 13 Jan 2016 06:05:33 GMT < SampleHeader-999: Provided Mobile Number is Invalid. < Content-Type: application/json < Content-Length: 87 < Connection: close < Server: WSO2 Carbon Server < * Closing connection 0 * SSLv3, TLS alert, Client hello (1): {"error":"invalid_grant","error_description":"Provided Authorization Grant is invalid"}
Note the custom header appearing in the headers at line 12 as we set in code.
Similarly this can be used to transfer any custom information to the client, in a flexible manner.