com.authlete.common.dto

Class AuthorizationFailResponse

java.lang.Object

com.authlete.common.dto.ApiResponse

com.authlete.common.dto.AuthorizationFailResponse

All Implemented Interfaces:

Serializable

public class AuthorizationFailResponse
extends ApiResponse

Response from Authlete's /auth/authorization/fail API.

Authlete's /auth/authorization/fail API returns JSON which can be mapped to this class. The service implementation should retrieve the value of "action" from the response and take the following steps according to the value.

INTERNAL_SERVER_ERROR

When the value of "action" is "INTERNAL_SERVER_ERROR", it means that the request from the service implementation (AuthorizationFailRequest) was wrong or that an error occurred in Authlete.

In either case, from the viewpoint of the client application, it is an error on the server side. Therefore, the service implementation should generate a response to the client application with the HTTP status of "500 Internal Server Error".

getResponseContent() returns a JSON string which describes the error, so it can be used as the entity body of the response.

The following illustrates the response which the service implementation should generate and return to the client application.

 HTTP/1.1 500 Internal Server Error
 Content-Type: application/json
 Cache-Control: no-store
 Pragma: no-cache

 (The value returned from getResponseContent())

BAD_REQUEST

When the value of "action" is "BAD_REQUEST", it means that the ticket is no longer valid (deleted or expired) and that the reason of the invalidity was probably due to the end-user's too-delayed response to the authorization UI.

The HTTP status of the response returned to the client application should be "400 Bad Request" and the content type should be "application/json" although OAuth 2.0 specification does not mention the format of the error response.

getResponseContent() returns a JSON string which describes the error, so it can be used as the entity body of the response.

The following illustrates the response which the service implementation should generate and return to the client application.

 HTTP/1.1 400 Bad Request
 Content-Type: application/json
 Cache-Control: no-store
 Pragma: no-cache

 (The value returned from getResponseContent())

LOCATION

When the value of "action" is "LOCATION", it means that the response to the client application should be "302 Found" with "Location" header.

getResponseContent() returns a redirect URI to which the error should be reported, so it can be used as the value of "Location" header.

The following illustrates the response which the service implementation should generate and return to the client application.

 HTTP/1.1 302 Found
 Location: (The value returned from getResponseContent())
 Cache-Control: no-store
 Pragma: no-cache

FORM

When the value of "action" is "FORM", it means that the response to the client application should be "200 OK" with an HTML which triggers redirection by JavaScript. This happens when the authorization request from the client contains response_mode=form_post request parameter.

getResponseContent() returns an HTML which satisfies the requirements of response_mode=form_post, so it can be used as the entity body of the response.

The following illustrates the response which the service implementation should generate and return to the client application.

 HTTP/1.1 200 OK
 Content-Type: text/html;charset=UTF-8
 Cache-Control: no-store
 Pragma: no-cache

 (The value returned from getResponseContent())

Author:

Takahiko Kawasaki

See Also:

Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	AuthorizationFailResponse.Action The next action that the service implementation should take.

Constructor Summary

Constructors

Constructor and Description
AuthorizationFailResponse()

Method Summary

Modifier and Type	Method and Description
AuthorizationFailResponse.Action	getAction() Get the next action that the service implementation should take.
String	getResponseContent() Get the response content which can be used to generate a response to the client application.
void	setAction(AuthorizationFailResponse.Action action) Set the next action that the service implementation should take.
void	setResponseContent(String content) Set the response content which can be used to generate a response to the client application.
String	summarize() Get the summary of this instance.

Methods inherited from class com.authlete.common.dto.ApiResponse

getResultCode, getResultMessage, setResultCode, setResultMessage

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthorizationFailResponse

public AuthorizationFailResponse()

Method Detail

getAction

public AuthorizationFailResponse.Action getAction()

Get the next action that the service implementation should take.

setAction

public void setAction(AuthorizationFailResponse.Action action)

Set the next action that the service implementation should take.

getResponseContent

public String getResponseContent()

Get the response content which can be used to generate a response to the client application. The format of the value varies depending on the value of "action".

setResponseContent

public void setResponseContent(String content)

Set the response content which can be used to generate a response to the client application.

summarize

public String summarize()

Get the summary of this instance.