externalized json entity and error parameters, closes #770

openid-connect-server/src/main/java/org/mitre/discovery/web/DiscoveryEndpoint.java

@@ -340,7 +340,7 @@ public class DiscoveryEndpoint {
 		m.put("introspection_endpoint", baseUrl + IntrospectionEndpoint.URL); // token introspection endpoint for verifying tokens
 		m.put("revocation_endpoint", baseUrl + RevocationEndpoint.URL); // token revocation endpoint
 
-		model.addAttribute("entity", m);
+		model.addAttribute(JsonEntityView.ENTITY, m);
 
 		return JsonEntityView.VIEWNAME;
 	}

openid-connect-server/src/main/java/org/mitre/oauth2/view/TokenApiView.java

@@ -27,6 +27,7 @@ import javax.servlet.http.HttpServletResponse;
 import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
 import org.mitre.oauth2.model.OAuth2RefreshTokenEntity;
 import org.mitre.openid.connect.view.HttpCodeView;
+import org.mitre.openid.connect.view.JsonEntityView;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.HttpStatus;
@@ -138,7 +139,7 @@ public class TokenApiView extends AbstractView {
 		try {
 
 			Writer out = response.getWriter();
-			Object obj = model.get("entity");
+			Object obj = model.get(JsonEntityView.ENTITY);
 			gson.toJson(obj, out);
 
 		} catch (IOException e) {

openid-connect-server/src/main/java/org/mitre/oauth2/web/IntrospectionEndpoint.java

@@ -98,7 +98,7 @@ public class IntrospectionEndpoint {
 		if (Strings.isNullOrEmpty(tokenValue)) {
 			logger.error("Verify failed; token value is null");
 			Map<String,Boolean> entity = ImmutableMap.of("active", Boolean.FALSE);
-			model.addAttribute("entity", entity);
+			model.addAttribute(JsonEntityView.ENTITY, entity);
 			return JsonEntityView.VIEWNAME;
 		}
 
@@ -133,7 +133,7 @@ public class IntrospectionEndpoint {
 			} catch (InvalidTokenException e2) {
 				logger.error("Verify failed; Invalid access/refresh token", e2);
 				Map<String,Boolean> entity = ImmutableMap.of("active", Boolean.FALSE);
-				model.addAttribute("entity", entity);
+				model.addAttribute(JsonEntityView.ENTITY, entity);
 				return JsonEntityView.VIEWNAME;
 			}
 		}
@@ -148,7 +148,7 @@ public class IntrospectionEndpoint {
 				Map<String, Object> entity = accessToken != null
 						? introspectionResultAssembler.assembleFrom(accessToken, user)
 								: introspectionResultAssembler.assembleFrom(refreshToken, user);
-						model.addAttribute("entity", entity);
+						model.addAttribute(JsonEntityView.ENTITY, entity);
 						return JsonEntityView.VIEWNAME;
 			} else {
 				logger.error("Verify failed; client configuration or scope don't permit token introspection");

openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java

@@ -75,7 +75,7 @@ public class ScopeAPI {
 
 		Set<SystemScope> allScopes = scopeService.getAll();
 
-		m.put("entity", allScopes);
+		m.put(JsonEntityView.ENTITY, allScopes);
 
 		return JsonEntityView.VIEWNAME;
 	}
@@ -87,7 +87,7 @@ public class ScopeAPI {
 
 		if (scope != null) {
 
-			m.put("entity", scope);
+			m.put(JsonEntityView.ENTITY, scope);
 
 			return JsonEntityView.VIEWNAME;
 		} else {
@@ -95,7 +95,7 @@ public class ScopeAPI {
 			logger.error("getScope failed; scope not found: " + id);
 
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "The requested scope with id " + id + " could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "The requested scope with id " + id + " could not be found.");
 			return JsonErrorView.VIEWNAME;
 		}
 	}
@@ -115,7 +115,7 @@ public class ScopeAPI {
 
 				scope = scopeService.save(scope);
 
-				m.put("entity", scope);
+				m.put(JsonEntityView.ENTITY, scope);
 
 				return JsonEntityView.VIEWNAME;
 			} else {
@@ -124,7 +124,7 @@ public class ScopeAPI {
 						+ existing.getId() + " and " + scope.getId());
 
 				m.put(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-				m.put("errorMessage", "Could not update scope. Scope ids to not match: got "
+				m.put(JsonErrorView.ERROR_MESSAGE, "Could not update scope. Scope ids to not match: got "
 						+ existing.getId() + " and " + scope.getId());
 				return JsonErrorView.VIEWNAME;
 			}
@@ -133,7 +133,7 @@ public class ScopeAPI {
 
 			logger.error("updateScope failed; scope with id " + id + " not found.");
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "Could not update scope. The scope with id " + id + " could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "Could not update scope. The scope with id " + id + " could not be found.");
 			return JsonErrorView.VIEWNAME;
 		}
 	}
@@ -148,7 +148,7 @@ public class ScopeAPI {
 			//Error, cannot save a scope with the same value as an existing one
 			logger.error("Error: attempting to save a scope with a value that already exists: " + scope.getValue());
 			m.put(HttpCodeView.CODE, HttpStatus.CONFLICT);
-			m.put("errorMessage", "A scope with value " + scope.getValue() + " already exists, please choose a different value.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "A scope with value " + scope.getValue() + " already exists, please choose a different value.");
 			return JsonErrorView.VIEWNAME;
 		}
 
@@ -156,14 +156,14 @@ public class ScopeAPI {
 
 		if (scope != null && scope.getId() != null) {
 
-			m.put("entity", scope);
+			m.put(JsonEntityView.ENTITY, scope);
 
 			return JsonEntityView.VIEWNAME;
 		} else {
 
 			logger.error("createScope failed; JSON was invalid: " + json);
 			m.put(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-			m.put("errorMessage", "Could not save new scope " + scope + ". The scope service failed to return a saved entity.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "Could not save new scope " + scope + ". The scope service failed to return a saved entity.");
 			return JsonErrorView.VIEWNAME;
 
 		}
@@ -183,7 +183,7 @@ public class ScopeAPI {
 
 			logger.error("deleteScope failed; scope with id " + id + " not found.");
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "Could not delete scope. The requested scope with id " + id + " could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "Could not delete scope. The requested scope with id " + id + " could not be found.");
 			return JsonErrorView.VIEWNAME;
 		}
 	}

openid-connect-server/src/main/java/org/mitre/oauth2/web/TokenAPI.java

@@ -28,6 +28,7 @@ import org.mitre.oauth2.service.OAuth2TokenEntityService;
 import org.mitre.oauth2.view.TokenApiView;
 import org.mitre.openid.connect.service.OIDCTokenService;
 import org.mitre.openid.connect.view.HttpCodeView;
+import org.mitre.openid.connect.view.JsonEntityView;
 import org.mitre.openid.connect.view.JsonErrorView;
 import org.mitre.openid.connect.web.RootController;
 import org.slf4j.Logger;
@@ -79,7 +80,7 @@ public class TokenAPI {
 	public String getAllAccessTokens(ModelMap m, Principal p) {
 
 		Set<OAuth2AccessTokenEntity> allTokens = tokenService.getAllAccessTokensForUser(p.getName());
-		m.put("entity", allTokens);
+		m.put(JsonEntityView.ENTITY, allTokens);
 		return TokenApiView.VIEWNAME;
 	}
 
@@ -91,15 +92,15 @@ public class TokenAPI {
 		if (token == null) {
 			logger.error("getToken failed; token not found: " + id);
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "The requested token with id " + id + " could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "The requested token with id " + id + " could not be found.");
 			return JsonErrorView.VIEWNAME;
 		} else if (!token.getAuthenticationHolder().getAuthentication().getName().equals(p.getName())) {
 			logger.error("getToken failed; token does not belong to principal " + p.getName());
 			m.put(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
-			m.put("errorMessage", "You do not have permission to view this token");
+			m.put(JsonErrorView.ERROR_MESSAGE, "You do not have permission to view this token");
 			return JsonErrorView.VIEWNAME;
 		} else {
-			m.put("entity", token);
+			m.put(JsonEntityView.ENTITY, token);
 			return TokenApiView.VIEWNAME;
 		}
 	}
@@ -112,12 +113,12 @@ public class TokenAPI {
 		if (token == null) {
 			logger.error("getToken failed; token not found: " + id);
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "The requested token with id " + id + " could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "The requested token with id " + id + " could not be found.");
 			return JsonErrorView.VIEWNAME;
 		} else if (!token.getAuthenticationHolder().getAuthentication().getName().equals(p.getName())) {
 			logger.error("getToken failed; token does not belong to principal " + p.getName());
 			m.put(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
-			m.put("errorMessage", "You do not have permission to view this token");
+			m.put(JsonErrorView.ERROR_MESSAGE, "You do not have permission to view this token");
 			return JsonErrorView.VIEWNAME;
 		} else {
 			tokenService.revokeAccessToken(token);
@@ -134,12 +135,12 @@ public class TokenAPI {
 
 		if (client != null) {
 			List<OAuth2AccessTokenEntity> tokens = tokenService.getAccessTokensForClient(client);
-			m.put("entity", tokens);
+			m.put(JsonEntityView.ENTITY, tokens);
 			return TokenApiView.VIEWNAME;
 		} else {
 			// client not found
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "The requested client with id " + clientId + " could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "The requested client with id " + clientId + " could not be found.");
 			return JsonErrorView.VIEWNAME;
 		}
 
@@ -154,17 +155,17 @@ public class TokenAPI {
 		if (client != null) {
 			OAuth2AccessTokenEntity token = tokenService.getRegistrationAccessTokenForClient(client);
 			if (token != null) {
-				m.put("entity", token);
+				m.put(JsonEntityView.ENTITY, token);
 				return TokenApiView.VIEWNAME;
 			} else {
 				m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-				m.put("errorMessage", "No registration token could be found.");
+				m.put(JsonErrorView.ERROR_MESSAGE, "No registration token could be found.");
 				return JsonErrorView.VIEWNAME;
 			}
 		} else {
 			// client not found
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "The requested client with id " + clientId + " could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "The requested client with id " + clientId + " could not be found.");
 			return JsonErrorView.VIEWNAME;
 		}
 
@@ -180,17 +181,17 @@ public class TokenAPI {
 			token = tokenService.saveAccessToken(token);
 
 			if (token != null) {
-				m.put("entity", token);
+				m.put(JsonEntityView.ENTITY, token);
 				return TokenApiView.VIEWNAME;
 			} else {
 				m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-				m.put("errorMessage", "No registration token could be found.");
+				m.put(JsonErrorView.ERROR_MESSAGE, "No registration token could be found.");
 				return JsonErrorView.VIEWNAME;
 			}
 		} else {
 			// client not found
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "The requested client with id " + clientId + " could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "The requested client with id " + clientId + " could not be found.");
 			return JsonErrorView.VIEWNAME;
 		}
 
@@ -200,7 +201,7 @@ public class TokenAPI {
 	public String getAllRefreshTokens(ModelMap m, Principal p) {
 
 		Set<OAuth2RefreshTokenEntity> allTokens = tokenService.getAllRefreshTokensForUser(p.getName());
-		m.put("entity", allTokens);
+		m.put(JsonEntityView.ENTITY, allTokens);
 		return TokenApiView.VIEWNAME;
 
 
@@ -214,15 +215,15 @@ public class TokenAPI {
 		if (token == null) {
 			logger.error("refresh token not found: " + id);
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "The requested token with id " + id + " could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "The requested token with id " + id + " could not be found.");
 			return JsonErrorView.VIEWNAME;
 		} else if (!token.getAuthenticationHolder().getAuthentication().getName().equals(p.getName())) {
 			logger.error("refresh token " + id + " does not belong to principal " + p.getName());
 			m.put(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
-			m.put("errorMessage", "You do not have permission to view this token");
+			m.put(JsonErrorView.ERROR_MESSAGE, "You do not have permission to view this token");
 			return JsonErrorView.VIEWNAME;
 		} else {
-			m.put("entity", token);
+			m.put(JsonEntityView.ENTITY, token);
 			return TokenApiView.VIEWNAME;
 		}
 	}
@@ -235,12 +236,12 @@ public class TokenAPI {
 		if (token == null) {
 			logger.error("refresh token not found: " + id);
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "The requested token with id " + id + " could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "The requested token with id " + id + " could not be found.");
 			return JsonErrorView.VIEWNAME;
 		} else if (!token.getAuthenticationHolder().getAuthentication().getName().equals(p.getName())) {
 			logger.error("refresh token " + id + " does not belong to principal " + p.getName());
 			m.put(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
-			m.put("errorMessage", "You do not have permission to view this token");
+			m.put(JsonErrorView.ERROR_MESSAGE, "You do not have permission to view this token");
 			return JsonErrorView.VIEWNAME;
 		} else {
 			tokenService.revokeRefreshToken(token);

openid-connect-server/src/main/java/org/mitre/openid/connect/view/AbstractClientEntityView.java

@@ -119,7 +119,7 @@ public abstract class AbstractClientEntityView extends AbstractView {
 		try {
 
 			Writer out = response.getWriter();
-			Object obj = model.get("entity");
+			Object obj = model.get(JsonEntityView.ENTITY);
 			gson.toJson(obj, out);
 
 		} catch (IOException e) {

openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonApprovedSiteView.java

@@ -112,7 +112,7 @@ public class JsonApprovedSiteView extends AbstractView {
 		try {
 
 			Writer out = response.getWriter();
-			Object obj = model.get("entity");
+			Object obj = model.get(JsonEntityView.ENTITY);
 			gson.toJson(obj, out);
 
 		} catch (IOException e) {

openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonEntityView.java

@@ -46,6 +46,8 @@ import com.google.gson.GsonBuilder;
 @Component(JsonEntityView.VIEWNAME)
 public class JsonEntityView extends AbstractView {
 
+	public static final String ENTITY = "entity";
+
 	/**
 	 * Logger for this class
 	 */
@@ -92,7 +94,7 @@ public class JsonEntityView extends AbstractView {
 		try {
 
 			Writer out = response.getWriter();
-			Object obj = model.get("entity");
+			Object obj = model.get(ENTITY);
 			gson.toJson(obj, out);
 
 		} catch (IOException e) {

openid-connect-server/src/main/java/org/mitre/openid/connect/view/JsonErrorView.java

@@ -45,6 +45,16 @@ import com.google.gson.JsonObject;
 @Component(JsonErrorView.VIEWNAME)
 public class JsonErrorView extends AbstractView {
 
+	/**
+	 * 
+	 */
+	public static final String ERROR_MESSAGE = "errorMessage";
+
+	/**
+	 * 
+	 */
+	public static final String ERROR = "error";
+
 	/**
 	 * Logger for this class
 	 */
@@ -83,7 +93,7 @@ public class JsonErrorView extends AbstractView {
 
 		HttpStatus code = (HttpStatus) model.get(HttpCodeView.CODE);
 		if (code == null) {
-			code = HttpStatus.OK; // default to 200
+			code = HttpStatus.INTERNAL_SERVER_ERROR; // default to 500
 		}
 
 		response.setStatus(code.value());
@@ -92,11 +102,11 @@ public class JsonErrorView extends AbstractView {
 
 			Writer out = response.getWriter();
 
-			String errorTitle = (String) model.get("error");
+			String errorTitle = (String) model.get(ERROR);
 			if (Strings.isNullOrEmpty(errorTitle)) {
-				errorTitle = "Error";
+				errorTitle = "mitreid_error";
 			}
-			String errorMessage = (String) model.get("errorMessage");
+			String errorMessage = (String) model.get(ERROR_MESSAGE);
 			JsonObject obj = new JsonObject();
 			obj.addProperty("error", errorTitle);
 			obj.addProperty("error_description", errorMessage);

openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java

@@ -27,6 +27,7 @@ import org.mitre.openid.connect.model.ApprovedSite;
 import org.mitre.openid.connect.service.ApprovedSiteService;
 import org.mitre.openid.connect.view.HttpCodeView;
 import org.mitre.openid.connect.view.JsonApprovedSiteView;
+import org.mitre.openid.connect.view.JsonEntityView;
 import org.mitre.openid.connect.view.JsonErrorView;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -79,7 +80,7 @@ public class ApprovedSiteAPI {
 
 		Collection<ApprovedSite> all = approvedSiteService.getByUserId(p.getName());
 
-		m.put("entity", all);
+		m.put(JsonEntityView.ENTITY, all);
 
 		return JsonApprovedSiteView.VIEWNAME;
 	}
@@ -95,13 +96,13 @@ public class ApprovedSiteAPI {
 		if (approvedSite == null) {
 			logger.error("deleteApprovedSite failed; no approved site found for id: " + id);
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "Could not delete approved site. The requested approved site with id: " + id + " could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "Could not delete approved site. The requested approved site with id: " + id + " could not be found.");
 			return JsonErrorView.VIEWNAME;
 		} else if (!approvedSite.getUserId().equals(p.getName())) {
 			logger.error("deleteApprovedSite failed; principal "
 					+ p.getName() + " does not own approved site" + id);
 			m.put(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
-			m.put("errorMessage", "You do not have permission to delete this approved site. The approved site decision will not be deleted.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "You do not have permission to delete this approved site. The approved site decision will not be deleted.");
 			return JsonErrorView.VIEWNAME;
 		} else {
 			m.put(HttpCodeView.CODE, HttpStatus.OK);
@@ -120,16 +121,16 @@ public class ApprovedSiteAPI {
 		if (approvedSite == null) {
 			logger.error("getApprovedSite failed; no approved site found for id: " + id);
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "The requested approved site with id: " + id + " could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "The requested approved site with id: " + id + " could not be found.");
 			return JsonErrorView.VIEWNAME;
 		} else if (!approvedSite.getUserId().equals(p.getName())) {
 			logger.error("getApprovedSite failed; principal "
 					+ p.getName() + " does not own approved site" + id);
 			m.put(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
-			m.put("errorMessage", "You do not have permission to view this approved site.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "You do not have permission to view this approved site.");
 			return JsonErrorView.VIEWNAME;
 		} else {
-			m.put("entity", approvedSite);
+			m.put(JsonEntityView.ENTITY, approvedSite);
 			return JsonApprovedSiteView.VIEWNAME;
 		}
 

openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java

@@ -84,7 +84,7 @@ public class BlacklistAPI {
 
 		Collection<BlacklistedSite> all = blacklistService.getAll();
 
-		m.put("entity", all);
+		m.put(JsonEntityView.ENTITY, all);
 
 		return JsonEntityView.VIEWNAME;
 	}
@@ -108,18 +108,18 @@ public class BlacklistAPI {
 			json = parser.parse(jsonString).getAsJsonObject();
 			blacklist = gson.fromJson(json, BlacklistedSite.class);
 			BlacklistedSite newBlacklist = blacklistService.saveNew(blacklist);
-			m.put("entity", newBlacklist);
+			m.put(JsonEntityView.ENTITY, newBlacklist);
 
 		}
 		catch (JsonSyntaxException e) {
 			logger.error("addNewBlacklistedSite failed due to JsonSyntaxException: ", e);
 			m.put(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-			m.put("errorMessage", "Could not save new blacklisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "Could not save new blacklisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
 			return JsonErrorView.VIEWNAME;
 		} catch (IllegalStateException e) {
 			logger.error("addNewBlacklistedSite failed due to IllegalStateException", e);
 			m.put(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-			m.put("errorMessage", "Could not save new blacklisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "Could not save new blacklisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
 			return JsonErrorView.VIEWNAME;
 		}
 
@@ -146,12 +146,12 @@ public class BlacklistAPI {
 		catch (JsonSyntaxException e) {
 			logger.error("updateBlacklistedSite failed due to JsonSyntaxException", e);
 			m.put(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-			m.put("errorMessage", "Could not update blacklisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "Could not update blacklisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
 			return JsonErrorView.VIEWNAME;
 		} catch (IllegalStateException e) {
 			logger.error("updateBlacklistedSite failed due to IllegalStateException", e);
 			m.put(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-			m.put("errorMessage", "Could not update blacklisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "Could not update blacklisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
 			return JsonErrorView.VIEWNAME;
 		}
 
@@ -161,13 +161,13 @@ public class BlacklistAPI {
 		if (oldBlacklist == null) {
 			logger.error("updateBlacklistedSite failed; blacklist with id " + id + " could not be found");
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "Could not update blacklisted site. The requested blacklist with id " + id + "could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "Could not update blacklisted site. The requested blacklist with id " + id + "could not be found.");
 			return JsonErrorView.VIEWNAME;
 		} else {
 
 			BlacklistedSite newBlacklist = blacklistService.update(oldBlacklist, blacklist);
 
-			m.put("entity", newBlacklist);
+			m.put(JsonEntityView.ENTITY, newBlacklist);
 
 			return JsonEntityView.VIEWNAME;
 		}
@@ -183,7 +183,7 @@ public class BlacklistAPI {
 
 		if (blacklist == null) {
 			logger.error("deleteBlacklistedSite failed; blacklist with id " + id + " could not be found");
-			m.put("errorMessage", "Could not delete bladklist. The requested bladklist with id " + id + " could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "Could not delete bladklist. The requested bladklist with id " + id + " could not be found.");
 			return JsonErrorView.VIEWNAME;
 		} else {
 			m.put(HttpCodeView.CODE, HttpStatus.OK);
@@ -202,11 +202,11 @@ public class BlacklistAPI {
 		if (blacklist == null) {
 			logger.error("getBlacklistedSite failed; blacklist with id " + id + " could not be found");
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "Could not delete bladklist. The requested bladklist with id " + id + " could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "Could not delete bladklist. The requested bladklist with id " + id + " could not be found.");
 			return JsonErrorView.VIEWNAME;
 		} else {
 
-			m.put("entity", blacklist);
+			m.put(JsonEntityView.ENTITY, blacklist);
 
 			return JsonEntityView.VIEWNAME;
 		}

openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java

@@ -29,6 +29,7 @@ import org.mitre.openid.connect.service.UserInfoService;
 import org.mitre.openid.connect.view.ClientEntityViewForAdmins;
 import org.mitre.openid.connect.view.ClientEntityViewForUsers;
 import org.mitre.openid.connect.view.HttpCodeView;
+import org.mitre.openid.connect.view.JsonEntityView;
 import org.mitre.openid.connect.view.JsonErrorView;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -132,7 +133,7 @@ public class ClientAPI {
 	public String apiGetAllClients(Model model, Authentication auth) {
 
 		Collection<ClientDetailsEntity> clients = clientService.getAllClients();
-		model.addAttribute("entity", clients);
+		model.addAttribute(JsonEntityView.ENTITY, clients);
 
 		if (isAdmin(auth)) {
 			return ClientEntityViewForAdmins.VIEWNAME;
@@ -162,12 +163,12 @@ public class ClientAPI {
 		catch (JsonSyntaxException e) {
 			logger.error("apiAddClient failed due to JsonSyntaxException", e);
 			m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-			m.addAttribute("errorMessage", "Could not save new client. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
+			m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Could not save new client. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
 			return JsonErrorView.VIEWNAME;
 		} catch (IllegalStateException e) {
 			logger.error("apiAddClient failed due to IllegalStateException", e);
 			m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-			m.addAttribute("errorMessage", "Could not save new client. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
+			m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Could not save new client. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
 			return JsonErrorView.VIEWNAME;
 		}
 
@@ -197,7 +198,7 @@ public class ClientAPI {
 			if (Strings.isNullOrEmpty(client.getJwksUri())) {
 				logger.error("tried to create client with private key auth but no private key");
 				m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-				m.addAttribute("errorMessage", "Can not create a client with private key authentication without registering a key via the JWS Set URI.");
+				m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Can not create a client with private key authentication without registering a key via the JWS Set URI.");
 				return JsonErrorView.VIEWNAME;
 			}
 
@@ -208,7 +209,7 @@ public class ClientAPI {
 
 			logger.error("unknown auth method");
 			m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-			m.addAttribute("errorMessage", "Unknown auth method requested");
+			m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Unknown auth method requested");
 			return JsonErrorView.VIEWNAME;
 
 
@@ -217,7 +218,7 @@ public class ClientAPI {
 		client.setDynamicallyRegistered(false);
 
 		ClientDetailsEntity newClient = clientService.saveNewClient(client);
-		m.addAttribute("entity", newClient);
+		m.addAttribute(JsonEntityView.ENTITY, newClient);
 
 		if (isAdmin(auth)) {
 			return ClientEntityViewForAdmins.VIEWNAME;
@@ -249,12 +250,12 @@ public class ClientAPI {
 		catch (JsonSyntaxException e) {
 			logger.error("apiUpdateClient failed due to JsonSyntaxException", e);
 			m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-			m.addAttribute("errorMessage", "Could not update client. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
+			m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Could not update client. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
 			return JsonErrorView.VIEWNAME;
 		} catch (IllegalStateException e) {
 			logger.error("apiUpdateClient failed due to IllegalStateException", e);
 			m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-			m.addAttribute("errorMessage", "Could not update client. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
+			m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Could not update client. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
 			return JsonErrorView.VIEWNAME;
 		}
 
@@ -263,7 +264,7 @@ public class ClientAPI {
 		if (oldClient == null) {
 			logger.error("apiUpdateClient failed; client with id " + id + " could not be found.");
 			m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.addAttribute("errorMessage", "Could not update client. The requested client with id " + id + "could not be found.");
+			m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Could not update client. The requested client with id " + id + "could not be found.");
 			return JsonErrorView.VIEWNAME;
 		}
 
@@ -293,7 +294,7 @@ public class ClientAPI {
 			if (Strings.isNullOrEmpty(client.getJwksUri())) {
 				logger.error("tried to create client with private key auth but no private key");
 				m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-				m.addAttribute("errorMessage", "Can not create a client with private key authentication without registering a key via the JWS Set URI.");
+				m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Can not create a client with private key authentication without registering a key via the JWS Set URI.");
 				return JsonErrorView.VIEWNAME;
 			}
 
@@ -304,14 +305,14 @@ public class ClientAPI {
 
 			logger.error("unknown auth method");
 			m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-			m.addAttribute("errorMessage", "Unknown auth method requested");
+			m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Unknown auth method requested");
 			return JsonErrorView.VIEWNAME;
 
 
 		}
 
 		ClientDetailsEntity newClient = clientService.updateClient(oldClient, client);
-		m.addAttribute("entity", newClient);
+		m.addAttribute(JsonEntityView.ENTITY, newClient);
 
 		if (isAdmin(auth)) {
 			return ClientEntityViewForAdmins.VIEWNAME;
@@ -335,7 +336,7 @@ public class ClientAPI {
 		if (client == null) {
 			logger.error("apiDeleteClient failed; client with id " + id + " could not be found.");
 			modelAndView.getModelMap().put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			modelAndView.getModelMap().put("errorMessage", "Could not delete client. The requested client with id " + id + "could not be found.");
+			modelAndView.getModelMap().put(JsonErrorView.ERROR_MESSAGE, "Could not delete client. The requested client with id " + id + "could not be found.");
 			return JsonErrorView.VIEWNAME;
 		} else {
 			modelAndView.getModelMap().put(HttpCodeView.CODE, HttpStatus.OK);
@@ -360,11 +361,11 @@ public class ClientAPI {
 		if (client == null) {
 			logger.error("apiShowClient failed; client with id " + id + " could not be found.");
 			model.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			model.addAttribute("errorMessage", "The requested client with id " + id + " could not be found.");
+			model.addAttribute(JsonErrorView.ERROR_MESSAGE, "The requested client with id " + id + " could not be found.");
 			return JsonErrorView.VIEWNAME;
 		}
 
-		model.addAttribute("entity", client);
+		model.addAttribute(JsonEntityView.ENTITY, client);
 
 		if (isAdmin(auth)) {
 			return ClientEntityViewForAdmins.VIEWNAME;

openid-connect-server/src/main/java/org/mitre/openid/connect/web/DynamicClientRegistrationEndpoint.java

@@ -141,8 +141,8 @@ public class DynamicClientRegistrationEndpoint {
 				newClient = validateAuth(newClient);
 			} catch (ValidationException ve) {
 				// validation failed, return an error
-				m.addAttribute("error", ve.getError());
+				m.addAttribute(JsonErrorView.ERROR, ve.getError());
-				m.addAttribute("errorMessage", ve.getErrorDescription());
+				m.addAttribute(JsonErrorView.ERROR_MESSAGE, ve.getErrorDescription());
 				m.addAttribute(HttpCodeView.CODE, ve.getStatus());
 				return JsonErrorView.VIEWNAME;
 			}
@@ -192,8 +192,8 @@ public class DynamicClientRegistrationEndpoint {
 			} catch (IllegalArgumentException e) {
 				logger.error("Couldn't save client", e);
 
-				m.addAttribute("error", "invalid_client_metadata");
+				m.addAttribute(JsonErrorView.ERROR, "invalid_client_metadata");
-				m.addAttribute("errorMessage", "Unable to save client due to invalid or inconsistent metadata.");
+				m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Unable to save client due to invalid or inconsistent metadata.");
 				m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST); // http 400
 
 				return JsonErrorView.VIEWNAME;
@@ -301,8 +301,8 @@ public class DynamicClientRegistrationEndpoint {
 				newClient = validateAuth(newClient);
 			} catch (ValidationException ve) {
 				// validation failed, return an error
-				m.addAttribute("error", ve.getError());
+				m.addAttribute(JsonErrorView.ERROR, ve.getError());
-				m.addAttribute("errorMessage", ve.getErrorDescription());
+				m.addAttribute(JsonErrorView.ERROR_MESSAGE, ve.getErrorDescription());
 				m.addAttribute(HttpCodeView.CODE, ve.getStatus());
 				return JsonErrorView.VIEWNAME;
 			}
@@ -327,8 +327,8 @@ public class DynamicClientRegistrationEndpoint {
 			} catch (IllegalArgumentException e) {
 				logger.error("Couldn't save client", e);
 
-				m.addAttribute("error", "invalid_client_metadata");
+				m.addAttribute(JsonErrorView.ERROR, "invalid_client_metadata");
-				m.addAttribute("errorMessage", "Unable to save client due to invalid or inconsistent metadata.");
+				m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Unable to save client due to invalid or inconsistent metadata.");
 				m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST); // http 400
 
 				return JsonErrorView.VIEWNAME;

openid-connect-server/src/main/java/org/mitre/openid/connect/web/ProtectedResourceRegistrationEndpoint.java

@@ -138,8 +138,8 @@ public class ProtectedResourceRegistrationEndpoint {
 				newClient = validateAuth(newClient);
 			} catch (ValidationException ve) {
 				// validation failed, return an error
-				m.addAttribute("error", ve.getError());
+				m.addAttribute(JsonErrorView.ERROR, ve.getError());
-				m.addAttribute("errorMessage", ve.getErrorDescription());
+				m.addAttribute(JsonErrorView.ERROR_MESSAGE, ve.getErrorDescription());
 				m.addAttribute(HttpCodeView.CODE, ve.getStatus());
 				return JsonErrorView.VIEWNAME;
 			}
@@ -200,8 +200,8 @@ public class ProtectedResourceRegistrationEndpoint {
 			} catch (IllegalArgumentException e) {
 				logger.error("Couldn't save client", e);
 
-				m.addAttribute("error", "invalid_client_metadata");
+				m.addAttribute(JsonErrorView.ERROR, "invalid_client_metadata");
-				m.addAttribute("errorMessage", "Unable to save client due to invalid or inconsistent metadata.");
+				m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Unable to save client due to invalid or inconsistent metadata.");
 				m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST); // http 400
 
 				return JsonErrorView.VIEWNAME;
@@ -351,8 +351,8 @@ public class ProtectedResourceRegistrationEndpoint {
 				newClient = validateAuth(newClient);
 			} catch (ValidationException ve) {
 				// validation failed, return an error
-				m.addAttribute("error", ve.getError());
+				m.addAttribute(JsonErrorView.ERROR, ve.getError());
-				m.addAttribute("errorMessage", ve.getErrorDescription());
+				m.addAttribute(JsonErrorView.ERROR_MESSAGE, ve.getErrorDescription());
 				m.addAttribute(HttpCodeView.CODE, ve.getStatus());
 				return JsonErrorView.VIEWNAME;
 			}
@@ -379,8 +379,8 @@ public class ProtectedResourceRegistrationEndpoint {
 			} catch (IllegalArgumentException e) {
 				logger.error("Couldn't save client", e);
 
-				m.addAttribute("error", "invalid_client_metadata");
+				m.addAttribute(JsonErrorView.ERROR, "invalid_client_metadata");
-				m.addAttribute("errorMessage", "Unable to save client due to invalid or inconsistent metadata.");
+				m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Unable to save client due to invalid or inconsistent metadata.");
 				m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST); // http 400
 
 				return JsonErrorView.VIEWNAME;

openid-connect-server/src/main/java/org/mitre/openid/connect/web/StatsAPI.java

@@ -54,7 +54,7 @@ public class StatsAPI {
 
 		Map<String, Integer> e = statsService.getSummaryStats();
 
-		m.put("entity", e);
+		m.put(JsonEntityView.ENTITY, e);
 
 		return JsonEntityView.VIEWNAME;
 
@@ -65,7 +65,7 @@ public class StatsAPI {
 	public String statsByClient(ModelMap m) {
 		Map<Long, Integer> e = statsService.getByClientId();
 
-		m.put("entity", e);
+		m.put(JsonEntityView.ENTITY, e);
 
 		return JsonEntityView.VIEWNAME;
 	}
@@ -75,7 +75,7 @@ public class StatsAPI {
 	public String statsByClientId(@PathVariable("id") Long id, ModelMap m) {
 		Integer e = statsService.getCountForClientId(id);
 
-		m.put("entity", e);
+		m.put(JsonEntityView.ENTITY, e);
 
 		return JsonEntityView.VIEWNAME;
 	}

openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java

@@ -84,7 +84,7 @@ public class WhitelistAPI {
 
 		Collection<WhitelistedSite> all = whitelistService.getAll();
 
-		m.put("entity", all);
+		m.put(JsonEntityView.ENTITY, all);
 
 		return JsonEntityView.VIEWNAME;
 	}
@@ -110,12 +110,12 @@ public class WhitelistAPI {
 		} catch (JsonParseException e) {
 			logger.error("addNewWhitelistedSite failed due to JsonParseException", e);
 			m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-			m.addAttribute("errorMessage", "Could not save new whitelisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
+			m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Could not save new whitelisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
 			return JsonErrorView.VIEWNAME;
 		} catch (IllegalStateException e) {
 			logger.error("addNewWhitelistedSite failed due to IllegalStateException", e);
 			m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-			m.addAttribute("errorMessage", "Could not save new whitelisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
+			m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Could not save new whitelisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
 			return JsonErrorView.VIEWNAME;
 		}
 
@@ -124,7 +124,7 @@ public class WhitelistAPI {
 
 		WhitelistedSite newWhitelist = whitelistService.saveNew(whitelist);
 
-		m.put("entity", newWhitelist);
+		m.put(JsonEntityView.ENTITY, newWhitelist);
 
 		return JsonEntityView.VIEWNAME;
 
@@ -147,12 +147,12 @@ public class WhitelistAPI {
 		} catch (JsonParseException e) {
 			logger.error("updateWhitelistedSite failed due to JsonParseException", e);
 			m.put(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-			m.put("errorMessage", "Could not update whitelisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "Could not update whitelisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance.");
 			return JsonErrorView.VIEWNAME;
 		} catch (IllegalStateException e) {
 			logger.error("updateWhitelistedSite failed due to IllegalStateException", e);
 			m.put(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
-			m.put("errorMessage", "Could not update whitelisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "Could not update whitelisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance.");
 			return JsonErrorView.VIEWNAME;
 		}
 
@@ -161,13 +161,13 @@ public class WhitelistAPI {
 		if (oldWhitelist == null) {
 			logger.error("updateWhitelistedSite failed; whitelist with id " + id + " could not be found.");
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "Could not update whitelisted site. The requested whitelisted site with id " + id + "could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "Could not update whitelisted site. The requested whitelisted site with id " + id + "could not be found.");
 			return JsonErrorView.VIEWNAME;
 		} else {
 
 			WhitelistedSite newWhitelist = whitelistService.update(oldWhitelist, whitelist);
 
-			m.put("entity", newWhitelist);
+			m.put(JsonEntityView.ENTITY, newWhitelist);
 
 			return JsonEntityView.VIEWNAME;
 		}
@@ -185,7 +185,7 @@ public class WhitelistAPI {
 		if (whitelist == null) {
 			logger.error("deleteWhitelistedSite failed; whitelist with id " + id + " could not be found.");
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "Could not delete whitelisted site. The requested whitelisted site with id " + id + "could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "Could not delete whitelisted site. The requested whitelisted site with id " + id + "could not be found.");
 			return JsonErrorView.VIEWNAME;
 		} else {
 			m.put(HttpCodeView.CODE, HttpStatus.OK);
@@ -204,11 +204,11 @@ public class WhitelistAPI {
 		if (whitelist == null) {
 			logger.error("getWhitelistedSite failed; whitelist with id " + id + " could not be found.");
 			m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
-			m.put("errorMessage", "The requested whitelisted site with id " + id + "could not be found.");
+			m.put(JsonErrorView.ERROR_MESSAGE, "The requested whitelisted site with id " + id + "could not be found.");
 			return JsonErrorView.VIEWNAME;
 		} else {
 
-			m.put("entity", whitelist);
+			m.put(JsonEntityView.ENTITY, whitelist);
 
 			return JsonEntityView.VIEWNAME;
 		}