Consider enhancing OAuth2Error with specific error codes #1240
Comments
|
@Yneth The Protocol Endpoints provide hooks into customizing the error response (including error code) by configuring a custom FYI, we're also planning on writing a How-to guide in gh-541. I'll close this as customizing the error response is available. |
jgrandja
added
status: invalid
|
I will try to explain my issue better as in my case using
in those two cases, it would be impossible to enrich the error code to something more granular, like in this case, we could potentially parse the error description but it is not something we would like to do in our code base, as it will be unstable between releases. |
jgrandja
changed the title
jgrandja
added
type: enhancement
|
Thanks for the explanation @Yneth. I've re-opened the issue and we'll give it some further thought. |
Expected Behavior
I want to have the option to override OAuth2 Error codes that are thrown from the
spring-authorization-serversource code.Current Behavior
I am not able to override default OAuth2 Error codes.
Context
In our project, we want to provide more meaningful error codes to clients, as sometimes the standard OAuth2 error codes are too vague, such as
invalid_grant. In our client's code, we want to have specific error codes for each problem so that they can handle each case differently.We can currently map error codes by parsing the
error_description, but we want to avoid that.It would be amazing if we had either more
(A) detailed error codes or
(B) an additional internal list of error codes that would allow for more precise usage.
I understand it could violate RFC but we are ok with that.
Example
Option A:
instead of just
invalid_requestsaymissing_client_idOption B:
send both
invalid_requestandmissing_client_idThe text was updated successfully, but these errors were encountered: