From d317cf502430113717d4c83b3d063cab157f8cbb Mon Sep 17 00:00:00 2001
From: Justin Richer <jricher@mit.edu>
Date: Wed, 12 Apr 2017 15:59:17 -0400
Subject: [PATCH] added exception handling to device code creation step

---
 .../DeviceCodeCreationException.java          | 51 +++++++++++++++++++
 .../oauth2/service/DeviceCodeService.java     |  3 +-
 .../org/mitre/oauth2/web/DeviceEndpoint.java  | 36 ++++++++-----
 3 files changed, 76 insertions(+), 14 deletions(-)
 create mode 100644 openid-connect-common/src/main/java/org/mitre/oauth2/exception/DeviceCodeCreationException.java

diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/exception/DeviceCodeCreationException.java b/openid-connect-common/src/main/java/org/mitre/oauth2/exception/DeviceCodeCreationException.java
new file mode 100644
index 000000000..a4dd7d1ca
--- /dev/null
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/exception/DeviceCodeCreationException.java
@@ -0,0 +1,51 @@
+/*******************************************************************************
+ * Copyright 2017 The MITRE Corporation
+ *   and the MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.oauth2.exception;
+
+/**
+ * @author jricher
+ *
+ */
+public class DeviceCodeCreationException extends Exception {
+
+	private static final long serialVersionUID = 8078568710169208466L;
+
+	private String error;
+
+	public DeviceCodeCreationException(String error, String message) {
+		super(message);
+		this.error = error;
+	}
+	
+	/**
+	 * @return the error
+	 */
+	public String getError() {
+		return error;
+	}
+
+	/**
+	 * @param error the error to set
+	 */
+	public void setError(String error) {
+		this.error = error;
+	}
+	
+	
+	
+}
diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/service/DeviceCodeService.java b/openid-connect-common/src/main/java/org/mitre/oauth2/service/DeviceCodeService.java
index f75a4b291..aa7fa7b86 100644
--- a/openid-connect-common/src/main/java/org/mitre/oauth2/service/DeviceCodeService.java
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/service/DeviceCodeService.java
@@ -20,6 +20,7 @@ package org.mitre.oauth2.service;
 import java.util.Map;
 import java.util.Set;
 
+import org.mitre.oauth2.exception.DeviceCodeCreationException;
 import org.mitre.oauth2.model.ClientDetailsEntity;
 import org.mitre.oauth2.model.DeviceCode;
 import org.springframework.security.oauth2.provider.ClientDetails;
@@ -66,7 +67,7 @@ public interface DeviceCodeService {
 	 * @param parameters
 	 * @return
 	 */
-	public DeviceCode createNewDeviceCode(Set<String> requestedScopes, ClientDetailsEntity client, Map<String, String> parameters);
+	public DeviceCode createNewDeviceCode(Set<String> requestedScopes, ClientDetailsEntity client, Map<String, String> parameters) throws DeviceCodeCreationException;
 
 
 	public void clearExpiredDeviceCodes();
diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/DeviceEndpoint.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/DeviceEndpoint.java
index f746f85f8..580732dff 100644
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/DeviceEndpoint.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/DeviceEndpoint.java
@@ -27,6 +27,7 @@ import java.util.UUID;
 
 import javax.servlet.http.HttpSession;
 
+import org.mitre.oauth2.exception.DeviceCodeCreationException;
 import org.mitre.oauth2.model.ClientDetailsEntity;
 import org.mitre.oauth2.model.DeviceCode;
 import org.mitre.oauth2.model.SystemScope;
@@ -132,21 +133,30 @@ public class DeviceEndpoint {
 
 		// if we got here the request is legit
 
-		DeviceCode dc = deviceCodeService.createNewDeviceCode(requestedScopes, client, parameters);
-
-		Map<String, Object> response = new HashMap<>();
-		response.put("device_code", dc.getDeviceCode());
-		response.put("user_code", dc.getUserCode());
-		response.put("verification_uri", config.getIssuer() + USER_URL);
-		if (client.getDeviceCodeValiditySeconds() != null) {
-			response.put("expires_in", client.getDeviceCodeValiditySeconds());
+		try {
+			DeviceCode dc = deviceCodeService.createNewDeviceCode(requestedScopes, client, parameters);
+	
+			Map<String, Object> response = new HashMap<>();
+			response.put("device_code", dc.getDeviceCode());
+			response.put("user_code", dc.getUserCode());
+			response.put("verification_uri", config.getIssuer() + USER_URL);
+			if (client.getDeviceCodeValiditySeconds() != null) {
+				response.put("expires_in", client.getDeviceCodeValiditySeconds());
+			}
+	
+			model.put(JsonEntityView.ENTITY, response);
+	
+	
+			return JsonEntityView.VIEWNAME;
+		} catch (DeviceCodeCreationException dcce) {
+			
+			model.put(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
+			model.put(JsonErrorView.ERROR, dcce.getError());
+			model.put(JsonErrorView.ERROR_MESSAGE, dcce.getMessage());
+			
+			return JsonErrorView.VIEWNAME;
 		}
 
-		model.put(JsonEntityView.ENTITY, response);
-
-
-		return JsonEntityView.VIEWNAME;
-
 	}
 
 	@PreAuthorize("hasRole('ROLE_USER')")