Fix: Update EasyPlusOauth2AuthenticationException to include the cause in the stack trace.

This enhancement makes debugging easier. It was an oversight.

Author: patternhelloworld

client/src/main/java/com/patternhelloworld/securityhelper/oauth2/client/config/securityimpl/introspector/CustomResourceServerTokenIntrospector.java

@@ -16,7 +16,6 @@
 import org.springframework.security.oauth2.server.resource.introspection.SpringOpaqueTokenIntrospector;
 import org.springframework.stereotype.Component;
 
-import java.util.Arrays;
 import java.util.Map;
 
 /*
@@ -70,7 +69,7 @@ public OAuth2AuthenticatedPrincipal introspect(String token) {
                 try {
                     return delegate.introspect(token);
                 } catch (Exception e) {
-                    throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_TOKEN_FAILURE)).message(e.getMessage() + Arrays.toString(e.getStackTrace())).build());
+                    throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_TOKEN_FAILURE)).message(e.getMessage()).build(), e);
                 }
             }
             case "database" -> {
@@ -92,7 +91,7 @@ public OAuth2AuthenticatedPrincipal introspect(String token) {
 
                     return (OAuth2AuthenticatedPrincipal) conditionalDetailsService.loadUserByUsername(username, clientId);
                 }catch (Exception e) {
-                    throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_TOKEN_FAILURE)).message(e.getMessage() + Arrays.toString(e.getStackTrace())).build());
+                    throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_TOKEN_FAILURE)).message(e.getMessage()).build(), e);
                 }
             }
             default -> throw new EasyPlusOauth2AuthenticationException("Wrong introspection type : " + introspectionType);

client/src/main/resources/application.properties

@@ -89,7 +89,7 @@ spring.mvc.view.suffix=.html
 #           Drawbacks: Lacks real-time authorization updates.
 #
 # [WARNING] api: Certain test cases are currently failing due to issues with the specified introspection URI calls.
-patternhelloworld.securityhelper.oauth2.introspection.type=database
+patternhelloworld.securityhelper.oauth2.introspection.type=api
 patternhelloworld.securityhelper.oauth2.introspection.uri=http://localhost:8370/oauth2/introspect
 patternhelloworld.securityhelper.oauth2.introspection.client-id=client_customer
 patternhelloworld.securityhelper.oauth2.introspection.client-secret=12345

lib/src/main/java/io/github/patternhelloworld/securityhelper/oauth2/api/config/security/introspector/DefaultResourceServerTokenIntrospector.java

@@ -62,7 +62,7 @@ public OAuth2AuthenticatedPrincipal introspect(String token) {
                 try {
                     return delegate.introspect(token);
                 } catch (Exception e) {
-                    throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_TOKEN_ERROR)).message(e.getMessage() + Arrays.toString(e.getStackTrace())).build());
+                    throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_TOKEN_ERROR)).message(e.getMessage()).build(), e);
                 }
             }
             case "database" -> {
@@ -84,7 +84,7 @@ public OAuth2AuthenticatedPrincipal introspect(String token) {
 
                     return (OAuth2AuthenticatedPrincipal) conditionalDetailsService.loadUserByUsername(username, clientId);
                 }catch (Exception e) {
-                    throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_TOKEN_ERROR)).message(e.getMessage() + Arrays.toString(e.getStackTrace())).build());
+                    throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_TOKEN_ERROR)).message(e.getMessage()).build(), e);
                 }
             }
             default -> throw new EasyPlusOauth2AuthenticationException("Wrong introspection type : " + introspectionType);

lib/src/main/java/io/github/patternhelloworld/securityhelper/oauth2/api/config/security/provider/auth/endpoint/PasswordAuthenticationProvider.java

@@ -59,8 +59,8 @@ public Authentication authenticate(Authentication authentication)
                 UserDetails userDetails;
 
                 /*
-                *   To only get authorization_code, NOT access_token or refresh_token
-                * */
+                 *   To only get authorization_code, NOT access_token or refresh_token
+                 * */
                 if (((String) easyPlusGrantAuthenticationToken.getAdditionalParameters().get("grant_type")).equals(AuthorizationGrantType.AUTHORIZATION_CODE.getValue())) {
 
                     userDetails = conditionalDetailsService.loadUserByUsername((String) easyPlusGrantAuthenticationToken.getAdditionalParameters().get("username"), clientId);
@@ -88,7 +88,7 @@ public Authentication authenticate(Authentication authentication)
                 else if (((String) easyPlusGrantAuthenticationToken.getAdditionalParameters().get("grant_type")).equals(OAuth2ParameterNames.CODE)) {
 
                     OAuth2Authorization oAuth2Authorization = oAuth2AuthorizationService.findByAuthorizationCode((String) easyPlusGrantAuthenticationToken.getAdditionalParameters().get("code"));
-                    if(oAuth2Authorization == null){
+                    if (oAuth2Authorization == null) {
                         throw new EasyPlusOauth2AuthenticationException("authorization code not found");
                     }
 
@@ -136,12 +136,12 @@ else if (((String) easyPlusGrantAuthenticationToken.getAdditionalParameters().ge
             } else {
                 throw new EasyPlusOauth2AuthenticationException();
             }
-        }catch (UsernameNotFoundException e){
-            throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().message(e.getMessage()).userMessage(e.getMessage()).build());
-        }catch (EasyPlusOauth2AuthenticationException e){
+        } catch (UsernameNotFoundException e) {
+            throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().message(e.getMessage()).userMessage(e.getMessage()).build(), e);
+        } catch (EasyPlusOauth2AuthenticationException e) {
             throw e;
-        }  catch (Exception e){
-           throw e;
+        } catch (Exception e) {
+            throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().message(e.getMessage()).userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_LOGIN_ERROR)).build(), e);
         }
 
     }

lib/src/main/java/io/github/patternhelloworld/securityhelper/oauth2/api/config/security/response/error/dto/EasyPlusErrorMessages.java

@@ -17,5 +17,6 @@ public class EasyPlusErrorMessages {
 	private String userMessage;
 	private Map<String, String> userValidationMessage;
 	private UserDetails userDetails;
+	private String errorCode;
 
 }

lib/src/main/java/io/github/patternhelloworld/securityhelper/oauth2/api/config/security/response/error/exception/EasyPlusOauth2AuthenticationException.java

@@ -4,9 +4,10 @@
 
 import io.github.patternhelloworld.securityhelper.oauth2.api.config.security.response.error.dto.EasyPlusErrorMessages;
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
+import org.springframework.security.oauth2.core.OAuth2Error;
 
 /*
-*   Only OAuth2AuthenticationException is allowed to be tossed.
+*   Only OAuth2AuthenticationException is allowed to be tossed according to "spring-authorization-server".
 * */
 public class EasyPlusOauth2AuthenticationException extends OAuth2AuthenticationException {
     protected EasyPlusErrorMessages easyPlusErrorMessages;
@@ -20,9 +21,16 @@ public EasyPlusOauth2AuthenticationException(String message){
     }
 
     public EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages easyPlusErrorMessages){
-        super(easyPlusErrorMessages.getMessage() == null ? "default" : easyPlusErrorMessages.getMessage());
+        super(new OAuth2Error(easyPlusErrorMessages.getErrorCode() == null ? "default" : easyPlusErrorMessages.getErrorCode()), easyPlusErrorMessages.getMessage() == null ? "default" : easyPlusErrorMessages.getMessage());
         this.easyPlusErrorMessages = easyPlusErrorMessages;
     }
+
+    public EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages easyPlusErrorMessages, Throwable cause) {
+        super(new OAuth2Error(easyPlusErrorMessages.getErrorCode() == null ? "default" : easyPlusErrorMessages.getErrorCode()),
+                easyPlusErrorMessages.getMessage() == null ? "default" : easyPlusErrorMessages.getMessage(), cause);
+        this.easyPlusErrorMessages = easyPlusErrorMessages;
+    }
+
     public EasyPlusErrorMessages getErrorMessages() {
         return easyPlusErrorMessages;
     }

lib/src/main/java/io/github/patternhelloworld/securityhelper/oauth2/api/config/security/server/EasyPlusJwtConfig.java

@@ -32,7 +32,7 @@ public class EasyPlusJwtConfig {
     private String algorithm;
 
     @Bean
-    JwtDecoder jwtDecoder() {
+    public JwtDecoder jwtDecoder() {
         byte[] keyBytes = Base64.getDecoder().decode(jwtSecret);
         SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, algorithm);
         return NimbusJwtDecoder.withSecretKey(secretKeySpec).build();

lib/src/main/java/io/github/patternhelloworld/securityhelper/oauth2/api/domain/traditionaloauth/service/TraditionalOauthService.java

@@ -1,11 +1,10 @@
 package io.github.patternhelloworld.securityhelper.oauth2.api.domain.traditionaloauth.service;
 
 import io.github.patternhelloworld.securityhelper.oauth2.api.config.logger.EasyPlusSecurityLogConfig;
-import io.github.patternhelloworld.securityhelper.oauth2.api.config.security.response.error.dto.EasyPlusErrorMessages;
-import io.github.patternhelloworld.securityhelper.oauth2.api.config.security.response.error.exception.EasyPlusOauth2AuthenticationException;
-
 import io.github.patternhelloworld.securityhelper.oauth2.api.config.security.message.DefaultSecurityUserExceptionMessage;
 import io.github.patternhelloworld.securityhelper.oauth2.api.config.security.message.ISecurityUserExceptionMessageService;
+import io.github.patternhelloworld.securityhelper.oauth2.api.config.security.response.error.dto.EasyPlusErrorMessages;
+import io.github.patternhelloworld.securityhelper.oauth2.api.config.security.response.error.exception.EasyPlusOauth2AuthenticationException;
 import io.github.patternhelloworld.securityhelper.oauth2.api.config.security.serivce.CommonOAuth2AuthorizationSaver;
 import io.github.patternhelloworld.securityhelper.oauth2.api.config.security.serivce.DefaultOauth2AuthenticationHashCheckService;
 import io.github.patternhelloworld.securityhelper.oauth2.api.config.security.serivce.persistence.authorization.OAuth2AuthorizationServiceImpl;
@@ -22,9 +21,7 @@
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.oauth2.core.AuthorizationGrantType;
 import org.springframework.security.oauth2.core.OAuth2AccessToken;
-import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
-import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationCode;
 import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
 import org.springframework.stereotype.Service;
@@ -104,11 +101,11 @@ public SpringSecurityTraditionalOauthDTO.TokenResponse createAccessToken(SpringS
                     String.join(" ", registeredClient.getScopes()));
 
         } catch (UsernameNotFoundException e) {
-            throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().message(e.getMessage()).userMessage(e.getMessage()).build());
+            throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().message(e.getMessage()).userMessage(e.getMessage()).build(), e);
         } catch (EasyPlusOauth2AuthenticationException e) {
             throw e;
         } catch (Exception e) {
-            throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().message(e.getMessage()).userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_LOGIN_ERROR)).build());
+            throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().message(e.getMessage()).userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_LOGIN_ERROR)).build(), e);
         }
     }
 
@@ -145,60 +142,12 @@ public SpringSecurityTraditionalOauthDTO.TokenResponse refreshAccessToken(Spring
                     refreshTokenRemainingSeconds,
                     String.join(" ", registeredClient.getScopes()));
 
-        }catch (UsernameNotFoundException e){
-            throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().message(e.getMessage()).userMessage(e.getMessage()).build());
-        }catch (EasyPlusOauth2AuthenticationException e){
-            throw e;
-        }  catch (Exception e){
-            throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().message(e.getMessage()).userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_LOGIN_ERROR)).build());
-        }
-    }
-
-
-    public SpringSecurityTraditionalOauthDTO.AuthorizationCodeResponse createAuthorizationCode(SpringSecurityTraditionalOauthDTO.AuthorizationCodeRequest authorizationCodeRequest,
-                                                                                               String authorizationHeader) throws EasyPlusOauth2AuthenticationException {
-        try {
-
-            BasicTokenResolver.BasicCredentials basicCredentials = BasicTokenResolver.parse(authorizationHeader)
-                    .orElseThrow(() -> new EasyPlusOauth2AuthenticationException(
-                            EasyPlusErrorMessages.builder()
-                                    .message("Header parsing error (header : " + authorizationHeader + ")")
-                                    .userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_WRONG_CLIENT_ID_SECRET))
-                                    .build()));
-
-            HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest();
-
-            // Registered Client 검증
-            @NotNull RegisteredClient registeredClient = registeredClientRepository.findByClientId(basicCredentials.getClientId());
-            oauth2AuthenticationHashCheckService.validateClientCredentials(basicCredentials.getClientSecret(), registeredClient);
-
-            // UserDetails 로드 및 Username/Password 검증
-            @NotNull UserDetails userDetails = conditionalDetailsService.loadUserByUsername(authorizationCodeRequest.getUsername(), basicCredentials.getClientId());
-            oauth2AuthenticationHashCheckService.validateUsernamePassword(authorizationCodeRequest.getPassword(), userDetails);
-
-            // Authorization Code 생성 및 저장
-            Map<String, Object> additionalParameters = RequestOAuth2Distiller.getTokenUsingSecurityAdditionalParameters(request);
-            additionalParameters.put(OAuth2ParameterNames.GRANT_TYPE, AuthorizationGrantType.AUTHORIZATION_CODE.getValue());
-            @NotNull OAuth2Authorization oAuth2Authorization = commonOAuth2AuthorizationSaver.save(userDetails, AuthorizationGrantType.AUTHORIZATION_CODE, basicCredentials.getClientId(), additionalParameters, null);
-
-            // Authorization Code 추출
-            String authorizationCode = oAuth2Authorization.getToken(OAuth2AuthorizationCode.class).getToken().getTokenValue();
-
-            // Authorization Code Response 반환
-            return new SpringSecurityTraditionalOauthDTO.AuthorizationCodeResponse(authorizationCode);
-
         } catch (UsernameNotFoundException e) {
-            throw new EasyPlusOauth2AuthenticationException(
-                    EasyPlusErrorMessages.builder().message(e.getMessage())
-                            .userMessage(e.getMessage())
-                            .build());
+            throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().message(e.getMessage()).userMessage(e.getMessage()).build(), e);
         } catch (EasyPlusOauth2AuthenticationException e) {
             throw e;
         } catch (Exception e) {
-            throw new EasyPlusOauth2AuthenticationException(
-                    EasyPlusErrorMessages.builder().message(e.getMessage())
-                            .userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_LOGIN_ERROR))
-                            .build());
+            throw new EasyPlusOauth2AuthenticationException(EasyPlusErrorMessages.builder().message(e.getMessage()).userMessage(iSecurityUserExceptionMessageService.getUserMessage(DefaultSecurityUserExceptionMessage.AUTHENTICATION_LOGIN_ERROR)).build(), e);
         }
     }