Package com.authlete.common.types

Enum ErrorCode

    • Enum Constant Detail

      • access_denied

        public static final ErrorCode access_denied
        The resource owner or authorization server denied the request.

      • account_selection_required

        public static final ErrorCode account_selection_required
        The End-User is REQUIRED to select a session at the Authorization Server. The End-User MAY be authenticated at the Authorization Server with different associated accounts, but the End-User did not select a session. This error MAY be returned when the prompt parameter value in the Authentication Request is none, but the Authentication Request cannot be completed without displaying a user interface to prompt for a session to use.

      • consent_required

        public static final ErrorCode consent_required
        The Authorization Server requires End-User consent. This error MAY be returned when the prompt parameter value in the Authentication Request is none, but the Authentication Request cannot be completed without displaying a user interface for End-User consent.

      • insufficient_scope

        public static final ErrorCode insufficient_scope
        The request requires higher privileges than provided by the access token.

      • interaction_required

        public static final ErrorCode interaction_required
        The Authorization Server requires End-User interaction of some form to proceed. This error MAY be returned when the prompt parameter value in the Authentication Request is none, but the Authentication Request cannot be completed without displaying a user interface for End-User interaction.

      • invalid_client

        public static final ErrorCode invalid_client
        Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the "Authorization" request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code and include the "WWW-Authenticate" response header field matching the authentication scheme used by the client.

      • invalid_grant

        public static final ErrorCode invalid_grant
        The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.

      • invalid_request

        public static final ErrorCode invalid_request
        The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed.

      • invalid_request_uri

        public static final ErrorCode invalid_request_uri
        The request_uri in the Authorization Request returns an error or contains invalid data.

      • invalid_request_object

        public static final ErrorCode invalid_request_object
        The request parameter contains an invalid Request Object.

      • invalid_scope

        public static final ErrorCode invalid_scope
        The requested scope is invalid, unknown, or malformed.

      • invalid_token

        public static final ErrorCode invalid_token
        The access token provided is expired, revoked, malformed, or invalid for other reasons.

      • login_required

        public static final ErrorCode login_required
        The Authorization Server requires End-User authentication. This error MAY be returned when the prompt parameter value in the Authentication Request is none, but the Authentication Request cannot be completed without displaying a user interface for End-User authentication.

      • registration_not_supported

        public static final ErrorCode registration_not_supported
        The OP does not support use of the registration parameter defined in Section 7.2.1.

      • request_not_supported

        public static final ErrorCode request_not_supported
        The OP does not support use of the request parameter defined in Section 6.

      • request_uri_not_supported

        public static final ErrorCode request_uri_not_supported
        The OP does not support use of the request_uri parameter defined in Section 6.

      • server_error

        public static final ErrorCode server_error
        The authorization server encountered an unexpected condition that prevented it from fulfilling the request. (This error code is needed because a 500 Internal Server Error HTTP status code cannot be returned to the client via an HTTP redirect.)

      • temporarily_unavailable

        public static final ErrorCode temporarily_unavailable
        The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server. (This error code is needed because a 503 Service Unavailable HTTP status code cannot be returned to the client via an HTTP redirect.)

      • unauthorized_client

        public static final ErrorCode unauthorized_client
        The client is not authorized to request an authorization code or an access token using this method.

      • unsupported_grant_type

        public static final ErrorCode unsupported_grant_type
        The authorization grant type is not supported by the authorization server.

      • unsupported_response_type

        public static final ErrorCode unsupported_response_type
        The authorization server does not support obtaining an authorization code or an access token using this method.

      • expired_login_hint_token

        public static final ErrorCode expired_login_hint_token
        The provided login_hint_token has expired.

        This error code is defined in the CIBA Core specification.

        Since:
        2.32

      • unknown_user_id

        public static final ErrorCode unknown_user_id
        The OpenID provider is not able to identify which end-user the client wished to be authenticated by means of the hint provided in the request (login_hint_token, id_token_hint or login_hint).

        This error code is defined in the CIBA Core specification.

        Since:
        2.32

      • missing_user_code

        public static final ErrorCode missing_user_code
        A user code is not included in the backchannel authentication request.

        This error code is defined in the CIBA Core specification.

        Since:
        2.32

      • invalid_user_code

        public static final ErrorCode invalid_user_code
        The provided user code is invalid.

        This error code is defined in the CIBA Core specification.

        Since:
        2.32

      • invalid_binding_message

        public static final ErrorCode invalid_binding_message
        The binding message is invalid or unacceptable for use in the context of the given request.

        This error code is defined in the CIBA Core specification.

        Since:
        2.40

      • authorization_pending

        public static final ErrorCode authorization_pending
        The authorization request is still pending as the end-user hasn't yet been authenticated.

        This error code is defined in the CIBA Core specification and the Device Flow specification.

        Since:
        2.32

      • slow_down

        public static final ErrorCode slow_down
        A variant of authorization_pending, the authorization request is still pending and polling should continue, but the interval should be increased.

        This error code is defined in the CIBA Core specification and the Device Flow specification.

        Since:
        2.32

      • expired_token

        public static final ErrorCode expired_token
        The token has expired.

        In the context of CIBA, the token means auth_req_id. In the context of Device Flow, the token means device_code.

        Since:
        2.32

      • transaction_failed

        public static final ErrorCode transaction_failed
        The OpenID Provider encountered an unexpected condition that prevented it from successfully completing the transaction. This general case error code can be used to inform the Client that the CIBA transaction was unsuccessful for reasons other than those explicitly defined by access_denied and expired_token.
        Since:
        2.36

      • invalid_authorization_details

        public static final ErrorCode invalid_authorization_details
        The type field of one or more elements in the authorization_details request parameter is not supported. Details are defined in "OAuth 2.0 Rich Authorization Requests".
        Since:
        2.56

      • invalid_target

        public static final ErrorCode invalid_target
        The requested resource is invalid, missing, unknown, or malformed.

        See RFC 8707 (Resource Indicators for OAuth 2.0) for details.

        Since:
        2.62

      • missing_trust_anchor

        public static final ErrorCode missing_trust_anchor
        No trusted Trust Anchor could be found.
        Since:
        3.33, Authlete 2.3
        See Also:
        OpenID Federation 1.0

      • validation_failed

        public static final ErrorCode validation_failed
        Trust chain validation failed.
        Since:
        3.33, Authlete 2.3
        See Also:
        OpenID Federation 1.0

      • unmet_authentication_requirements

        public static final ErrorCode unmet_authentication_requirements
        The Authorization Server is unable to meet the requirements of the Relying Party for the authentication of the End-User.

        This error code SHALL be used if the Relying Party wants the OP to conform to a certain Authentication Context Class Reference value using an essential claim acr claim as specified in Section 5.5.1.1. of OpenID Connect Core [OpenID.Core] and the OP is unable to meet this requirement and MAY be used in other cases, if appropriate.

        Since:
        3.40, Authlete 2.3
        See Also:
        OpenID Connect Core Error Code unmet_authentication_requirements

      • invalid_proof

        public static final ErrorCode invalid_proof
        The proof in the credential request is invalid.

        For example:

        • No proof is provided (the proof field was not present).
        • The provided proof is not bound to a nonce provided by the server.
        Since:
        3.64, Authlete 3.0
        See Also:
        OpenID for Verifiable Credential Issuance

      • invalid_encryption_parameters

        public static final ErrorCode invalid_encryption_parameters
        The encryption parameters in the credential request are either invalid or missing.
        Since:
        3.76, Authlete 3.0
        See Also:
        OpenID for Verifiable Credential Issuance

    • Method Detail

      • values

        public static ErrorCode[] values()
        Returns an array containing the constants of this enum type, in the order they are declared. This method may be used to iterate over the constants as follows: 
        for (ErrorCode c : ErrorCode.values())
    System.out.println(c);
        Returns:
        an array containing the constants of this enum type, in the order they are declared

      • valueOf

        public static ErrorCode valueOf​(String name)
        Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)
        Parameters:
        name - the name of the enum constant to be returned.
        Returns:
        the enum constant with the specified name
        Throws:
        IllegalArgumentException - if this enum type has no constant with the specified name
        NullPointerException - if the argument is null