Response from Authlete's /api/auth/authorization/fail API.
More...
Properties | |
| AuthorizationFailAction | Action [get, set] |
| The next action that the authorization server implementation should take. More... | |
| string | ResponseContent [get, set] |
The response content which can be used to generate a response to the client application. The format of the value varies depending on the value of the Action property. More... | |
 Properties inherited from ApiResponse | |
| string | ResultCode [get, set] |
The code of the result of an Authlete API call. For example, "A004001". More... | |
| string | ResultMessage [get, set] |
| The message of the result of an Authlete API call. For example, "[A001202] /client/get/list,
Authorization header is missing." More... | |
Detailed Description
Response from Authlete's /api/auth/authorization/fail API.
Authlete's /api/auth/authorization/fail API returns JSON which can be mapped to this class. The authorization server implementation should retrieve the value of the action response parameter (which can be obtained via the Action property) from the response and take the following steps according to the value.
When the value of the Action property is AuthorizationFailAction.INTERNAL_SERVER_ERROR, it means that the request from the authorization server implementation was wrong or that an error ocurred in Authlete. In either case, from a viewpoint of the client application, it is an error on the server side. Therefore, the authorization server implementation should generate a response to the client application with the HTTP status of "500 Internal Server Error".
In this case, ResponseContent returns a JSON string which describes the error, so it can be used as the entity body of the response. The following illustrates the response which the authorization server implementation should generate and return to the client application.
When the value of the Action property is AuthorizationFailAction.BAD_REQUEST, it means that the ticket is no longer valid (deleted or expired) and that the reason of the invalidity was probably due to the end-user's too-delayed response to the authorization UI.
The HTTP status of the response returned to the client application should be "400 Bad Request" and the content type should be "application/json" although OAuth 2.0 specification does not mention the format of the error response for this case.
In this case, ResponseContent returns a JSON string which describes the error, so it can be used as the entity body of the response. The following illustrates the response which the authorization server implementation should generate and return to the client application.
When the value of the Action property is AuthorizationFailAction.LOCATION, it means that the response to the client application should be "302 Found" with a "Location" header.
In this case, ResponseContent returns a redirect URI to which the error should be reported, so it can be used as the value of "Location" header. The following illustrates the response which the authorization server implementation should generate and return to the client application.
When the value of the Action property is AuthorizationFailAction.FORM, it means that the response to the client application should be "200 OK" with an HTML which triggers redirection by JavaScript. This happens when the authorization request from the client application contains response_mode=form_post.
In this case, ResponseContent returns an HTML which satisfies the requirements of response_mode=form_post, so it can be used as the entity body of the response. The following illustrates the response which the authorization server implementation should generate and return to the client application.
Property Documentation
◆ Action
|
getset |
The next action that the authorization server implementation should take.
◆ ResponseContent
|
getset |
The response content which can be used to generate a response to the client application. The format of the value varies depending on the value of the Action property.
The documentation for this class was generated from the following file:
- Authlete/Dto/AuthorizationFailResponse.cs
