KEYCLOAK-12193 Internal error message returned in error response
This commit is contained in:
parent
da0e2aaa12
commit
ecec20ad59
2 changed files with 56 additions and 10 deletions
|
@ -1,5 +1,6 @@
|
|||
package org.keycloak.services.error;
|
||||
|
||||
import com.fasterxml.jackson.core.JsonParseException;
|
||||
import org.jboss.logging.Logger;
|
||||
import org.jboss.resteasy.spi.Failure;
|
||||
import org.jboss.resteasy.spi.HttpResponse;
|
||||
|
@ -106,17 +107,18 @@ public class KeycloakErrorHandler implements ExceptionMapper<Throwable> {
|
|||
Failure f = (Failure) throwable;
|
||||
status = f.getErrorCode();
|
||||
}
|
||||
if (throwable instanceof JsonParseException) {
|
||||
status = Response.Status.BAD_REQUEST.getStatusCode();
|
||||
}
|
||||
return status;
|
||||
}
|
||||
|
||||
private String getErrorCode(Throwable throwable) {
|
||||
String error = throwable.getMessage();
|
||||
|
||||
if (error == null) {
|
||||
return "unknown_error";
|
||||
if (throwable instanceof WebApplicationException && throwable.getMessage() != null) {
|
||||
return throwable.getMessage();
|
||||
}
|
||||
|
||||
return error;
|
||||
return "unknown_error";
|
||||
}
|
||||
|
||||
private RealmModel resolveRealm() {
|
||||
|
|
|
@ -1,29 +1,36 @@
|
|||
package org.keycloak.testsuite.error;
|
||||
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.apache.http.client.methods.CloseableHttpResponse;
|
||||
import org.apache.http.client.methods.HttpPost;
|
||||
import org.apache.http.client.methods.HttpRequestBase;
|
||||
import org.apache.http.entity.StringEntity;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClientBuilder;
|
||||
import org.jboss.arquillian.graphene.page.Page;
|
||||
import org.junit.Assert;
|
||||
import org.junit.Test;
|
||||
import org.keycloak.admin.client.resource.RealmResource;
|
||||
import org.keycloak.broker.provider.util.SimpleHttp;
|
||||
import org.keycloak.common.util.StreamUtil;
|
||||
import org.keycloak.representations.idm.ErrorRepresentation;
|
||||
import org.keycloak.representations.idm.OAuth2ErrorRepresentation;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.testsuite.AbstractKeycloakTest;
|
||||
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
|
||||
import org.keycloak.testsuite.pages.ErrorPage;
|
||||
import org.keycloak.util.JsonSerialization;
|
||||
|
||||
import javax.ws.rs.core.Response;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.lang.reflect.Array;
|
||||
import java.net.MalformedURLException;
|
||||
import java.net.URI;
|
||||
import java.nio.charset.Charset;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertNull;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.junit.Assert.*;
|
||||
|
||||
public class UncaughtErrorPageTest extends AbstractKeycloakTest {
|
||||
|
||||
|
@ -61,6 +68,43 @@ public class UncaughtErrorPageTest extends AbstractKeycloakTest {
|
|||
Assert.assertTrue(responseString.contains("An internal server error has occurred"));
|
||||
}
|
||||
|
||||
@Test
|
||||
@UncaughtServerErrorExpected
|
||||
public void uncaughtErrorClientRegistration() throws IOException {
|
||||
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
|
||||
HttpPost post = new HttpPost(suiteContext.getAuthServerInfo().getUriBuilder().path("/auth/realms/master/clients-registrations/openid-connect").build());
|
||||
post.setEntity(new StringEntity("{ invalid : invalid }"));
|
||||
post.setHeader("Content-Type", "application/json");
|
||||
|
||||
CloseableHttpResponse response = client.execute(post);
|
||||
assertEquals(400, response.getStatusLine().getStatusCode());
|
||||
|
||||
OAuth2ErrorRepresentation error = JsonSerialization.readValue(response.getEntity().getContent(), OAuth2ErrorRepresentation.class);
|
||||
assertEquals("unknown_error", error.getError());
|
||||
assertNull(error.getErrorDescription());
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
@UncaughtServerErrorExpected
|
||||
public void uncaughtErrorAdmin() throws IOException {
|
||||
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
|
||||
String accessToken = adminClient.tokenManager().getAccessTokenString();
|
||||
|
||||
HttpPost post = new HttpPost(suiteContext.getAuthServerInfo().getUriBuilder().path("/auth/admin/realms").build());
|
||||
post.setEntity(new StringEntity("{ invalid : invalid }"));
|
||||
post.setHeader("Authorization", "bearer " + accessToken);
|
||||
post.setHeader("Content-Type", "application/json");
|
||||
|
||||
CloseableHttpResponse response = client.execute(post);
|
||||
assertEquals(400, response.getStatusLine().getStatusCode());
|
||||
|
||||
OAuth2ErrorRepresentation error = JsonSerialization.readValue(response.getEntity().getContent(), OAuth2ErrorRepresentation.class);
|
||||
assertEquals("unknown_error", error.getError());
|
||||
assertNull(error.getErrorDescription());
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
@UncaughtServerErrorExpected
|
||||
public void uncaughtError() throws MalformedURLException {
|
||||
|
|
Loading…
Reference in a new issue