luckybastard luckybastard - 2 years ago 675
Java Question

spring oauth2 custom login error

I have got problem to define custom error message when login failed, so now when my login fail i get http 400 with payload:

{"error":"invalid_grant","error_description":"Bad credentials"}

How to customize this message, and return own json?

I am using spring boot (1.3.2.RELEASE) and spring security OAuth2 (2.0.8.RELEASE).

Answer Source

First off, create a new exception that extends the Oauth2Exception. For example, we have a CustomOauthException like following:

@JsonSerialize(using = CustomOauthExceptionSerializer.class)
public class CustomOauthException extends OAuth2Exception {
    public CustomOauthException(String msg) {

Here we're gonna use CustomOauthExceptionSerializer for serializing CustomOauthExceptions to JSON strings:

public class CustomOauthExceptionSerializer extends StdSerializer<CustomOauthException> {
    public CustomOauthExceptionSerializer() {

    public void serialize(CustomOauthException value, JsonGenerator gen, SerializerProvider provider) throws IOException {
        gen.writeStringField("custom_error", value.getOAuth2ErrorCode());
        gen.writeStringField("custom_error_description", value.getMessage());
        if (value.getAdditionalInformation()!=null) {
            for (Map.Entry<String, String> entry : value.getAdditionalInformation().entrySet()) {
                String key = entry.getKey();
                String add = entry.getValue();
                gen.writeStringField(key, add);

Finally we need to register a WebResponseExceptionTranslator in our AuthorizationServerConfigurerAdapter to translate spring security's Oauth2Exceptions to our CustomOauthExceptions. Here we are:

public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
                // other endpoints
                .exceptionTranslator(e -> {
                    if (e instanceof OAuth2Exception) {
                        OAuth2Exception oAuth2Exception = (OAuth2Exception) e;

                        return ResponseEntity
                                .body(new CustomOauthException(oAuth2Exception.getMessage()));
                    } else {
                        throw e;

    // rest of the authorization server config

After all these, you would see the customized JSON response:

{"custom_error":"invalid_grant", "custom_error_description":"Bad credentials"}
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download