throw appropriate errors from request factory

11 years ago · 35bd9c8eda
parent e67a41c556
commit 35bd9c8eda
1 changed files with 3 additions and 3 deletions
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/ConnectOAuth2RequestFactory.java
@ -171,7 +171,7 @@ public class ConnectOAuth2RequestFactory extends DefaultOAuth2RequestFactory {
 				
 				if (client.getRequestObjectSigningAlg() != null) {
 					if (!client.getRequestObjectSigningAlg().equals(alg)) {
-						throw new AuthenticationServiceException("Client's registered request object signing algorithm (" + client.getRequestObjectSigningAlg() + ") does not match request object's actual algorithm (" + alg.getName() + ")");
+						throw new InvalidClientException("Client's registered request object signing algorithm (" + client.getRequestObjectSigningAlg() + ") does not match request object's actual algorithm (" + alg.getName() + ")");
 					}
 				}
 				
@ -193,7 +193,7 @@ public class ConnectOAuth2RequestFactory extends DefaultOAuth2RequestFactory {
 					}
 					
 					if (!validator.validateSignature(signedJwt)) {
-						throw new AuthenticationServiceException("Signature did not validate for presented JWT request object.");
+						throw new InvalidClientException("Signature did not validate for presented JWT request object.");
 					}
 				} else if (alg.equals(JWSAlgorithm.HS256)
 						|| alg.equals(JWSAlgorithm.HS384)
@ -208,7 +208,7 @@ public class ConnectOAuth2RequestFactory extends DefaultOAuth2RequestFactory {
 					}
 					
 					if (!validator.validateSignature(signedJwt)) {
-						throw new AuthenticationServiceException("Signature did not validate for presented JWT request object.");
+						throw new InvalidClientException("Signature did not validate for presented JWT request object.");
 					}