Smile CDR v2023.08.PRE
On this page:

36.6Oauth2 Exceptions

 

The OAuth2Exceptions API can be used to create exceptions within JavaScript code within an OAuth2 context, e.g. within a Smart on FHIR Outbound onPostAuthorize callback.

36.6.1Method: OAuth2Exceptions.newUnauthorizedException(theMessage)

 

Creates an UnauthorizedException.

Inputs:

  • theMessage – The error message

Outputs:

  • Returns an exception that can be thrown

Example:

throw OAuth2Exceptions.newUnauthorizedException('Account not processed yet, please try again tomorrow.');

This will return an HTTP 401 status code with the following response:

{
  "error": "unauthorized",
  "error_description": "Account not processed yet, please try again tomorrow."
}

36.6.2Method: OAuth2Exceptions.newForbiddenException(theMessage)

 

Creates a ForbiddenException.

Inputs:

  • theMessage – The error message

Outputs:

  • Returns an exception that can be thrown

Example:

throw OAuth2Exceptions.newForbiddenException('Account not fully configured yet, please wait an hour and try again.');

This will return an HTTP 403 status code with the following response:

{
  "error": "access_denied",
  "error_description": "Account not fully configured yet, please wait an hour and try again."
}