2 years ago · 7527fd811c
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizationRequestResolver.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/DefaultOAuth2AuthorizationRequestResolver.java
@@ -149,7 +149,7 @@ public final class DefaultOAuth2AuthorizationRequestResolver implements OAuth2Au
 
				 		}
			
 
				 		ClientRegistration clientRegistration = this.clientRegistrationRepository.findByRegistrationId(registrationId);
			
 
				 		if (clientRegistration == null) {
			
 
				-			throw new IllegalArgumentException("Invalid Client Registration with Id: " + registrationId);
			
 
				+			throw new InvalidClientRegistrationIdException("Invalid Client Registration with Id: " + registrationId);
			
 
				 		}
			
 
				 		OAuth2AuthorizationRequest.Builder builder = getBuilder(clientRegistration);
			
 
				 
			
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/InvalidClientRegistrationIdException.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/InvalidClientRegistrationIdException.java
@@ -0,0 +1,32 @@
 
				+/*
			
 
				+ * Copyright 2002-2022 the original author or authors.
			
 
				+ *
			
 
				+ * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				+ * you may not use this file except in compliance with the License.
			
 
				+ * You may obtain a copy of the License at
			
 
				+ *
			
 
				+ *      https://www.apache.org/licenses/LICENSE-2.0
			
 
				+ *
			
 
				+ * Unless required by applicable law or agreed to in writing, software
			
 
				+ * distributed under the License is distributed on an "AS IS" BASIS,
			
 
				+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
			
 
				+ * See the License for the specific language governing permissions and
			
 
				+ * limitations under the License.
			
 
				+ */
			
 
				+
			
 
				+package org.springframework.security.oauth2.client.web;
			
 
				+
			
 
				+/**
			
 
				+ * @author Steve Riesenberg
			
 
				+ * @since 5.8
			
 
				+ */
			
 
				+class InvalidClientRegistrationIdException extends IllegalArgumentException {
			
 
				+
			
 
				+	/**
			
 
				+	 * @param message the exception message
			
 
				+	 */
			
 
				+	InvalidClientRegistrationIdException(String message) {
			
 
				+		super(message);
			
 
				+	}
			
 
				+
			
 
				+}
			
--- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java
+++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/web/OAuth2AuthorizationRequestRedirectFilter.java
@@ -224,7 +224,15 @@ public class OAuth2AuthorizationRequestRedirectFilter extends OncePerRequestFilt
 
				 
			
 
				 	private void unsuccessfulRedirectForAuthorization(HttpServletRequest request, HttpServletResponse response,
			
 
				 			Exception ex) throws IOException {
			
 
				-		this.logger.error(LogMessage.format("Authorization Request failed: %s", ex), ex);
			
 
				+		LogMessage message = LogMessage.format("Authorization Request failed: %s", ex);
			
 
				+		if (InvalidClientRegistrationIdException.class.isAssignableFrom(ex.getClass())) {
			
 
				+			// Log an invalid registrationId at WARN level to allow these errors to be
			
 
				+			// tuned separately from other errors
			
 
				+			this.logger.warn(message, ex);
			
 
				+		}
			
 
				+		else {
			
 
				+			this.logger.error(message, ex);
			
 
				+		}
			
 
				 		response.sendError(HttpStatus.INTERNAL_SERVER_ERROR.value(),
			
 
				 				HttpStatus.INTERNAL_SERVER_ERROR.getReasonPhrase());
			
 
				 	}