Rob Winch
parent
1c9b627267
commit
646b3e48b3
|
|
@ -15,6 +15,7 @@
|
|||
*/
|
||||
package org.springframework.security.oauth2.client.web;
|
||||
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.crypto.keygen.StringKeyGenerator;
|
||||
import org.springframework.security.oauth2.client.registration.ClientRegistration;
|
||||
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
|
||||
|
|
@ -148,7 +149,7 @@ public class AuthorizationCodeRequestRedirectFilter extends OncePerRequestFilter
|
|||
if (logger.isDebugEnabled()) {
|
||||
logger.debug("Authorization Request failed: " + failed.toString(), failed);
|
||||
}
|
||||
response.sendError(HttpServletResponse.SC_BAD_REQUEST, failed.getMessage());
|
||||
response.sendError(HttpStatus.BAD_REQUEST.value(), HttpStatus.BAD_REQUEST.getReasonPhrase());
|
||||
}
|
||||
|
||||
private String expandRedirectUri(HttpServletRequest request, ClientRegistration clientRegistration) {
|
||||
|
|
|
|||
|
|
@ -25,6 +25,7 @@ import javax.servlet.http.HttpServletResponse;
|
|||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.security.web.WebAttributes;
|
||||
|
||||
|
|
@ -65,15 +66,15 @@ public class AccessDeniedHandlerImpl implements AccessDeniedHandler {
|
|||
accessDeniedException);
|
||||
|
||||
// Set the 403 status code.
|
||||
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
|
||||
response.setStatus(HttpStatus.FORBIDDEN.value());
|
||||
|
||||
// forward to error page.
|
||||
RequestDispatcher dispatcher = request.getRequestDispatcher(errorPage);
|
||||
dispatcher.forward(request, response);
|
||||
}
|
||||
else {
|
||||
response.sendError(HttpServletResponse.SC_FORBIDDEN,
|
||||
accessDeniedException.getMessage());
|
||||
response.sendError(HttpStatus.FORBIDDEN.value(),
|
||||
HttpStatus.FORBIDDEN.getReasonPhrase());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ import javax.servlet.http.HttpSession;
|
|||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.WebAttributes;
|
||||
import org.springframework.security.web.DefaultRedirectStrategy;
|
||||
|
|
@ -74,8 +75,8 @@ public class SimpleUrlAuthenticationFailureHandler implements
|
|||
if (defaultFailureUrl == null) {
|
||||
logger.debug("No failure URL set, sending 401 Unauthorized error");
|
||||
|
||||
response.sendError(HttpServletResponse.SC_UNAUTHORIZED,
|
||||
"Authentication Failed: " + exception.getMessage());
|
||||
response.sendError(HttpStatus.UNAUTHORIZED.value(),
|
||||
HttpStatus.UNAUTHORIZED.getReasonPhrase());
|
||||
}
|
||||
else {
|
||||
saveException(request, exception);
|
||||
|
|
|
|||
|
|
@ -22,6 +22,7 @@ import javax.servlet.ServletException;
|
|||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
|
|
@ -57,8 +58,7 @@ public class BasicAuthenticationEntryPoint implements AuthenticationEntryPoint,
|
|||
public void commence(HttpServletRequest request, HttpServletResponse response,
|
||||
AuthenticationException authException) throws IOException, ServletException {
|
||||
response.addHeader("WWW-Authenticate", "Basic realm=\"" + realmName + "\"");
|
||||
response.sendError(HttpServletResponse.SC_UNAUTHORIZED,
|
||||
authException.getMessage());
|
||||
response.sendError(HttpStatus.UNAUTHORIZED.value(), HttpStatus.UNAUTHORIZED.getReasonPhrase());
|
||||
}
|
||||
|
||||
public String getRealmName() {
|
||||
|
|
|
|||
|
|
@ -27,6 +27,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.core.Ordered;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.AuthenticationEntryPoint;
|
||||
|
||||
|
|
@ -109,8 +110,8 @@ public class DigestAuthenticationEntryPoint implements AuthenticationEntryPoint,
|
|||
}
|
||||
|
||||
httpResponse.addHeader("WWW-Authenticate", authenticateHeader);
|
||||
httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED,
|
||||
authException.getMessage());
|
||||
httpResponse.sendError(HttpStatus.UNAUTHORIZED.value(),
|
||||
HttpStatus.UNAUTHORIZED.getReasonPhrase());
|
||||
}
|
||||
|
||||
public String getKey() {
|
||||
|
|
|
|||
|
|
@ -18,6 +18,7 @@ package org.springframework.security.web.authentication.www;
|
|||
|
||||
import org.junit.Test;
|
||||
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.authentication.DisabledException;
|
||||
|
|
@ -65,11 +66,10 @@ public class BasicAuthenticationEntryPointTests {
|
|||
|
||||
// ep.afterPropertiesSet();
|
||||
|
||||
String msg = "These are the jokes kid";
|
||||
ep.commence(request, response, new DisabledException(msg));
|
||||
ep.commence(request, response, new DisabledException("These are the jokes kid"));
|
||||
|
||||
assertThat(response.getStatus()).isEqualTo(401);
|
||||
assertThat(response.getErrorMessage()).isEqualTo(msg);
|
||||
assertThat(response.getErrorMessage()).isEqualTo(HttpStatus.UNAUTHORIZED.getReasonPhrase());
|
||||
|
||||
assertThat(response.getHeader("WWW-Authenticate"))
|
||||
.isEqualTo("Basic realm=\"hello\"");
|
||||
|
|
|
|||
Loading…
Reference in New Issue