Announcement Announcement Module
No announcement yet.
UserRedirectRequiredException instead of AccessTokenRequiredException? Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • UserRedirectRequiredException instead of AccessTokenRequiredException?

    After upgrading the RC2a, the redirect does not work in my project (I must admit that things that we do in our system are not that simple as the tonr/sparklr....).
    However, till now, when our client-app tried to reach the protected resource, and token was not available, he threw AccessTokenRequiredException and transfer in the ctor an instance of AuthorizationCodeResourceDetails (AFAIK this way the filter Oauth2ClientContextFilter who catched this exception could invoke the redirect). The interesting thing is, that in M6, this filter used to look for AccessTokenRequiredException, and now in RC2a I see that he searches for UserRedirectRequiredException! the filter code is:
    UserRedirectRequiredException redirect = (UserRedirectRequiredException) throwableAnalyzer.getFirstThrowableOfType(UserRedirectRequiredException.class, causeChain);
    Can you please say a few words about this change? why did you change it, etc. who throws this exception in the oAuth2 implementation? when we still use AccessTokenRequiredException? should I now throw the "redirectEx" instead of the "accessTokenRequiredEx"?

  • #2
    I think UserRedirectRequiredException does what it says on the can. If you have custom components throwing exceptions that want to be handled by the client context filter that's the one you should throw. The framework should provide components that throw the right exceptions, and all the tests look fine, so if you have an edge case please provide some more detail (e.g. in JIRA).

    Note that RC3 is the most recent release (but I doubt if there is any change in this area).


    • #3
      out of curiosity - can you say why it was changes from AccessTokenRequiredException to UserRedirectRequiredException?


      • #4
        Because UserRedirectRequiredException tells me that a redirect is required. AccessTokenRequiredException might not imply a redirect, just a missing access token.