UNIX.dog
/
keycloak
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Manage JsonProcessingException to not return error 500 when json data is wrong 

Closes https://github.com/keycloak/keycloak/issues/11517
This commit is contained in:
rmartinc 2023-04-03 11:29:56 +02:00 committed by Marek Posolda
parent 4d8d6f8cd8
commit 99330dbb6d
2 changed files with 25 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
services/src/main/java/org/keycloak/services/error/KeycloakErrorHandler.java
View File

@ -1,6 +1,6 @@
package org.keycloak.services.error;
import com.fasterxml.jackson.core.JsonParseException;
import com.fasterxml.jackson.core.JsonProcessingException;
import org.jboss.logging.Logger;
import org.jboss.resteasy.spi.Failure;
import org.keycloak.Config;
@ -106,7 +106,7 @@ public class KeycloakErrorHandler implements ExceptionMapper<Throwable> {
Failure f = (Failure) throwable;
status = f.getErrorCode();
}
if (throwable instanceof JsonParseException) {
if (throwable instanceof JsonProcessingException) {
status = Response.Status.BAD_REQUEST.getStatusCode();
}

24
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/error/UncaughtErrorPageTest.java
View File

@ -24,7 +24,6 @@ import org.keycloak.testsuite.pages.ErrorPage;
import org.keycloak.util.JsonSerialization;
import org.keycloak.utils.MediaType;
import org.openqa.selenium.By;
import org.openqa.selenium.WebElement;
import javax.ws.rs.core.Response;
import java.io.IOException;
@ -237,4 +236,27 @@ public class UncaughtErrorPageTest extends AbstractKeycloakTest {
assertEquals("Page not found", errorPage.getError());
}
@Test
public void jsonProcessingException() throws IOException {
try (CloseableHttpClient client = HttpClientBuilder.create().build()) {
String accessToken = adminClient.tokenManager().getAccessTokenString();
// send an empty array to the user endpoint which expects a User json object
HttpPost post = new HttpPost(suiteContext.getAuthServerInfo().getUriBuilder().path("/auth/admin/realms/master/users").build());
post.setEntity(new StringEntity("[]"));
post.setHeader("Authorization", "bearer " + accessToken);
post.setHeader("Content-Type", "application/json");
try (CloseableHttpResponse response = client.execute(post)) {
assertEquals(Response.Status.BAD_REQUEST.getStatusCode(), response.getStatusLine().getStatusCode());
Header header = response.getFirstHeader("Content-Type");
assertThat(header, notNullValue());
assertEquals(MediaType.APPLICATION_JSON, header.getValue());
OAuth2ErrorRepresentation error = JsonSerialization.readValue(response.getEntity().getContent(), OAuth2ErrorRepresentation.class);
assertEquals("unknown_error", error.getError());
}
}
}
}