How to inject custom WebResponseExceptionTranslator implementation into TokenEndpoin?

[hipsterJoe]

Hello everyone,

For some reason I need to return 401.1 HTTP status code instead of default 401 in case of invalid user credentials.
I found that WebResponseExceptionTranslator is responsible for translation OAuth2 exceptions into HTTP statuses.

AFAIK, there is no possibility to configure actual WebResponseExceptionTranslator implementation in oauth2:authorization-server config element.
The only workaround I see here is to inject custom implementation from some bean with dependence on TokenEndpoint like

@Component
@Scope("singleton")
@Lazy(false)
public class ExceptionTranslatorFix implements InitializingBean{

@Autowired
private TokenEndpoint tokenEndpoint;


public afterPropertiesSet(){
Validate.notNull(tokenEndpoint);
tokenEnpoint.setgetExceptionTranslator(customExcep tionTranslator)
}

}


But even this dirty workaround doesn't work because TokenEndpoint has ho setter fo exception translator.

How can I get custom translator injected? Or there is some other way to customize HTTP statuses?

Thanks in advance,
Vitaliy

[Dave Syer]

TokenEndpoint does have a setter, but the name is wrong (providerExceptionHandler). Raise a JIRA to get that fixed? And see if it works for you.

But I think the 401 comes from the Spring Security authentication filters in the case of the ToklenEndpoint, so you probably need to customize something else anyway. The sparklr sample uses an OAuth2AuthenticationEntryPoint, which has a more obvious setter for the exception translator. Or you could write your own entry point.

[hipsterJoe]

TokenEndpoint does have a setter, but the name is wrong (providerExceptionHandler). Raise a JIRA to get that fixed? And see if it works for you.

But I think the 401 comes from the Spring Security authentication filters in the case of the ToklenEndpoint, so you probably need to customize something else anyway. The sparklr sample uses an OAuth2AuthenticationEntryPoint, which has a more obvious setter for the exception translator. Or you could write your own entry point.

Thank you for the quick response, Dave

I have BasicAuthenticationFilter in filter chain but exception is raised in TokenEndpoint (when Authentication object is not in place or Authentication.isAuthenticated() is false).
I think it will be perfect to have a simple way to set exception translator into TokenEndpoint through xml authorization-server configuration.
I'm not sure that I'm have access to project Jira to create ticket.

[Dave Syer]

There should be an authentication in place before you hist the TokenEndpoint, otherwise it is not secure. So I think the answer should lie in the entry point. Maybe you can share your config?

I'm not sure that I'm have access to project Jira to create ticket.

It's a public JIRA https://jira.springsource.org/browse/SECOAUTH. What's the problem?