Source code

001package com.nimbusds.openid.connect.sdk;
002
003
004import com.nimbusds.oauth2.sdk.ErrorObject;
005import com.nimbusds.oauth2.sdk.http.HTTPResponse;
006
007
008/**
009 * OpenID Connect specific errors.
010 *
011 * @author Vladimir Dzhuvinov
012 */
013public final class OIDCError {
014
015        
016        // Authorisation endpoint
017        
018        /**
019         * The authorisation server requires end-user interaction of some form 
020         * to proceed. This error may be returned when the {@link Prompt} 
021         * parameter in the {@link OIDCAuthorizationRequest} is set to 
022         * {@link Prompt.Type#NONE none} to request that the authorisation 
023         * server should not display any user interfaces to the end-user, but 
024         * the {@link OIDCAuthorizationRequest} cannot be completed without 
025         * displaying a user interface for end-user interaction.
026         */
027        public static final ErrorObject INTERACTION_REQUIRED =
028                new ErrorObject("interaction_required", "User interaction required",
029                                HTTPResponse.SC_FOUND);
030
031        /**
032         * The authorisation server requires end-user authentication. This 
033         * error may be returned when the prompt parameter in the 
034         * {@link OIDCAuthorizationRequest} is set to {@link Prompt.Type#NONE} 
035         * to request that the authorisation server should not display any user 
036         * interfaces to the end-user, but the {@link OIDCAuthorizationRequest} 
037         * cannot be completed without displaying a user interface for user 
038         * authentication.
039         */
040        public static final ErrorObject LOGIN_REQUIRED =
041                new ErrorObject("login_required", "Login required", 
042                                HTTPResponse.SC_FOUND);
043
044        
045        /**
046         * The end-user is required to select a session at the authorisation 
047         * server. The end-user may be authenticated at the authorisation 
048         * server with different associated accounts, but the end-user did not 
049         * select a session. This error may be returned when the prompt 
050         * parameter in the {@link OIDCAuthorizationRequest} is set to 
051         * {@link Prompt.Type#NONE} to request that the authorisation server 
052         * should not display any user interfaces to the end-user, but the 
053         * {@link OIDCAuthorizationRequest} cannot be completed without 
054         * displaying a user interface to prompt for a session to use.
055         */
056        public static final ErrorObject SESSION_SELECTION_REQUIRED =
057                new ErrorObject("session_selection_required", "Session selection required",
058                                HTTPResponse.SC_FOUND);
059
060        
061        /**
062         * The authorisation server requires end-user consent. This error may 
063         * be returned when the prompt parameter in the 
064         * {@link OIDCAuthorizationRequest} is set to {@link Prompt.Type#NONE}
065         * to request that the authorisation server should not display any 
066         * user interfaces to the end-user, but the 
067         * {@link OIDCAuthorizationRequest} cannot be completed without 
068         * displaying a user interface for end-user consent.
069         */
070        public static final ErrorObject CONSENT_REQUIRED =
071                new ErrorObject("consent_required", "Consent required");
072
073
074        /**
075         * The {@code request_uri} in the {@link OIDCAuthorizationRequest} 
076         * returns an error or invalid data.
077         */
078        public static final ErrorObject INVALID_REQUEST_URI =
079                new ErrorObject("invalid_request_uri", "Invalid request URI",
080                                HTTPResponse.SC_FOUND);
081
082        
083        /**
084         * The {@code request} parameter in the {@link OIDCAuthorizationRequest}
085         * contains an invalid OpenID Connect request object.
086         */
087        public static final ErrorObject INVALID_REQUEST_OBJECT =
088                new ErrorObject("invalid_request_object", "Invalid OpenID Connect request object",
089                                HTTPResponse.SC_FOUND);
090
091        
092        /**
093         * The {@code registration} parameter in the 
094         * {@link OIDCAuthorizationRequest} is not supported. Applies only to
095         * self-issued OpenID providers.
096         */
097        public static final ErrorObject REGISTRATION_NOT_SUPPORTED =
098                new ErrorObject("registration_not_supported", "Registration parameter not supported",
099                                HTTPResponse.SC_FOUND);
100        
101        
102        /**
103         * The {@code request} parameter in the 
104         * {@link OIDCAuthorizationRequest} is not supported.
105         */
106        public static final ErrorObject REQUEST_NOT_SUPPORTED =
107                new ErrorObject("request_not_supported", "Request parameter not supported",
108                                HTTPResponse.SC_FOUND);
109        
110        
111        /**
112         * The {@code request_uri} parameter in the 
113         * {@link OIDCAuthorizationRequest} is not supported.
114         */
115        public static final ErrorObject REQUEST_URI_NOT_SUPPORTED =
116                new ErrorObject("request_uri_not_supported", "Request URI parameter not supported",
117                                HTTPResponse.SC_FOUND);
118
119        
120        /**
121         * Prevents public instantiation.
122         */
123        private OIDCError() { }
124}