Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Add support for handling AccountStatus exceptions (expired, locked).

  • Loading branch information...
commit 0e729754fd24acd155104126dbd3e54fc9ce4069 1 parent d907622
@bimsapi bimsapi authored dsyer committed
View
5 .../springframework/security/oauth2/provider/password/ResourceOwnerPasswordTokenGranter.java
@@ -19,6 +19,7 @@
import java.util.Map;
+import org.springframework.security.authentication.AccountStatusException;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
@@ -57,6 +58,10 @@ protected OAuth2Authentication getOAuth2Authentication(AuthorizationRequest clie
try {
userAuth = authenticationManager.authenticate(userAuth);
}
+ catch (AccountStatusException ase) {
+ //covers expired, locked, disabled cases (mentioned in section 5.2, draft 31)
+ throw new InvalidGrantException(ase.getMessage());
+ }
catch (BadCredentialsException e) {
// If the username/password are wrong the spec says we should send 400/bad grant
throw new InvalidGrantException(e.getMessage());
View
11 ...ingframework/security/oauth2/provider/password/TestResourceOwnerPasswordTokenGranter.java
@@ -21,6 +21,7 @@
import org.junit.Test;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.LockedException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
@@ -89,6 +90,16 @@ public Authentication authenticate(Authentication authentication) throws Authent
}, providerTokenServices, clientDetailsService);
granter.grant("password", authorizationRequest);
}
+
+ @Test(expected = InvalidGrantException.class)
+ public void testAccountLocked() {
+ ResourceOwnerPasswordTokenGranter granter = new ResourceOwnerPasswordTokenGranter(new AuthenticationManager() {
+ public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+ throw new LockedException("test");
+ }
+ }, providerTokenServices, clientDetailsService);
+ granter.grant("password", authorizationRequest);
+ }
@Test(expected = InvalidGrantException.class)
public void testUnauthenticated() {
Please sign in to comment.
Something went wrong with that request. Please try again.