I've written a custom ResponseErrorHandler and configured it on an OAuth2RestTemplate. I am making calls to an Spring OAuth2 resource. In addition to Spring OAuth2 errors, the resource endpoints return application specific errors non-oauth errors. For example, I have method level security configured, and when a user tries to load an entity they don't have permission to, a spring AccessDeniedException is thrown and a 403 error is returned along with some metadata in json format. To handle the error, OAuth2ErrorHandler first calls hasError() on my custom error handler. Then handleError is called. The handleError method on OAuth2ErrorHandler assumes that the error is an OAuth2Exception and deserializes it using OAuth2ExceptionJackson2Deserializer. From what I can tell, the deserializer doesn't ever return null and so the error handler always throws an exception before the custom error handler is invoked. Is this the expected behavior?

If so, it seems like I will have to handle OAuth2Exception as a special case and inspect the additionalParams field to get the custom error. Alternatively, instead of adding the custom error handler, I will have to extend OAuth2ErrorHandler to change its behavior.