Stack trace for OAuth2 Exception thrown by Authorization/Token endpoint

[Laures]

I'm very happy with spring-security-oauth2 but some minor things are left.

What do i have to configure to make my spring application turn oauth2exceptions from the authorization/token endpoints into a json/xml responses?

exceptions during authentication are handled by the entrypoint or accessdeniedhandler, but when i cause an exception (for example by calling oauth/authorize without parameters) i see a stacktrace.

Geetings,
Alexander

[Dave Syer]

Both the TokenEndpoint and the AuthorizationEndpoint have a handler for OAuth2Exception. Maybe that feature was added recently and you haven't picked up the changes? Or maybe I didn't understand the question. Can you be a bit more specific about the exception?

[Laures]

simple example:

with the sample app (sparklr): when i call

Code:

http://localhost:8080/sparklr2/oauth/token

(with no parameters, but with authorization) i get a json response.
with my project when i do that i get:

Code:

error="invalid_request", error_description="Missing grant type"
	at org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.getAccessToken(TokenEndpoint.java:82)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        ........

every exception that is thrown by an endpoint results in a stack trace, while all authentication related exceptions result in propper oauth responses.

What am i doing wrong?

Code:

    <!-- Standard token endpoint of Spring Security OAuth 2.0 -->
    <oauth:authorization-server client-details-service-ref="applicationDetailsService" token-services-ref="tokenService"
        user-approval-handler-ref="userApprovalHandler" token-granter-ref="tokenGranter" user-approval-page="forward:/dialog/approve">
        <!-- Dummy-tag to force creation of the authorization endpoint -->
        <oauth:authorization-code authorization-code-services-ref="authorizationCodeService" />
    </oauth:authorization-server>
    <security:http pattern="/oauth/token" create-session="stateless" authentication-manager-ref="clientAuthenticationManager" entry-point-ref="oauthAuthenticationEntryPoint">
        <security:intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY" />
        <security:intercept-url pattern="/oauth/**" access="ROLE_USER" />
        <security:http-basic />
        <security:custom-filter ref="clientCredentialsTokenEndpointFilter" before="BASIC_AUTH_FILTER" />
        <security:access-denied-handler ref="oauthAccessDeniedHandler" />
    </security:http>

i can't figure out which part of the sparkl config is responsible for the resolution of the oauth2 exceptions.

EDIT: we are working with 1.0.1.Release

EDIT2: SOLUTION (it was one of those things,...)

by configuring a custom exception resolver we remove the default resolvers including the ExceptionHandlerExceptionResolver (the one that handles the annotations). So we had to add:

Code:

    <bean class="org.springframework.web.servlet.mvc.method.annotation.ExceptionHandlerExceptionResolver">
        <property name="order" value="1" />
        <property name="messageConverters">
            <list>
                <ref bean="jsonConverter" />
            </list>
        </property>
    </bean>

now we get nice clean json