From ea15962b0b4d06a4ea62990703dd0ad3aea00809 Mon Sep 17 00:00:00 2001 From: mahammedtaheer <57249563+mahammedtaheer@users.noreply.github.com> Date: Thu, 19 Oct 2023 13:50:05 +0530 Subject: [PATCH] [MOSIP-29801] Fixed less number of path parameters, api key expire error message. (#1111) Signed-off-by: Mahammed Taheer --- .../common/service/filter/BaseIDAFilter.java | 6 ++++++ .../common/service/filter/IdAuthFilter.java | 13 +++++++++++-- .../service/integration/PartnerServiceManager.java | 4 ++-- .../integration/PartnerServiceManagerTest.java | 4 ++-- .../constant/IdAuthenticationErrorConstants.java | 3 +++ 5 files changed, 24 insertions(+), 6 deletions(-) diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/BaseIDAFilter.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/BaseIDAFilter.java index 55bf6f085b6..f74ad9f18d8 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/BaseIDAFilter.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/BaseIDAFilter.java @@ -465,6 +465,12 @@ protected String consumeResponse(ResettableStreamHttpServletRequest requestWrapp String requestSignature = requestWrapper.getHeader(SIGNATURE); String responseSignature = null; if(isSigningRequired()) { + if (Objects.isNull(responseAsString) || responseAsString.trim().length() == 0) { + mosipLogger.error(IdAuthCommonConstants.SESSION_ID, EVENT_FILTER, BASE_IDA_FILTER, + " Response String is null or empty for response (JWT) signing"); + throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS.getErrorCode(), + IdAuthenticationErrorConstants.UNABLE_TO_PROCESS.getErrorMessage()); + } responseSignature = keyManager.signResponse(responseAsString); responseWrapper.setHeader(EnvUtil.getSignResponse(), responseSignature); } diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java index 10b4c712394..a8d5e2bc73f 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/filter/IdAuthFilter.java @@ -1119,19 +1119,28 @@ private Set getAuthenticationFactors(PartnerPolicyResponseDTO partnerPol * @param requestWrapper the request wrapper * @return the auth part */ - protected Map getAuthPart(ResettableStreamHttpServletRequest requestWrapper) { + protected Map getAuthPart(ResettableStreamHttpServletRequest requestWrapper) throws IdAuthenticationAppException{ Map params = new HashMap<>(); String url = requestWrapper.getRequestURL().toString(); String contextPath = requestWrapper.getContextPath(); if ((Objects.nonNull(url) && !url.isEmpty()) && (Objects.nonNull(contextPath) && !contextPath.isEmpty())) { String[] splitedUrlByContext = url.split(contextPath); String[] paramsArray = Stream.of(splitedUrlByContext[1].split("/")).filter(str -> !str.isEmpty()) - .toArray(size -> new String[size]); + .toArray(size -> new String[size]); + mosipLogger.info(IdAuthCommonConstants.SESSION_ID, this.getClass().getCanonicalName(), "getAuthPart", + "List of Path Parameters received in url: " + Stream.of(paramsArray).collect(Collectors.joining(", "))); if (paramsArray.length >= 3) { params.put(MISPLICENSE_KEY, paramsArray[paramsArray.length - 3]); params.put(PARTNER_ID, paramsArray[paramsArray.length - 2]); params.put(API_KEY, paramsArray[paramsArray.length - 1]); + } else { + mosipLogger.error(IdAuthCommonConstants.SESSION_ID, this.getClass().getCanonicalName(), "getAuthPart", + "Required Number of Path Parameters are not available in URL."); + throw new IdAuthenticationAppException( + IdAuthenticationErrorConstants.URI_PATH_PARAMS_MISSING.getErrorCode(), + IdAuthenticationErrorConstants.URI_PATH_PARAMS_MISSING.getErrorMessage()); + } } return params; diff --git a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/integration/PartnerServiceManager.java b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/integration/PartnerServiceManager.java index a08ca20be83..10f08d184b0 100644 --- a/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/integration/PartnerServiceManager.java +++ b/authentication/authentication-common/src/main/java/io/mosip/authentication/common/service/integration/PartnerServiceManager.java @@ -209,8 +209,8 @@ private void validatePartnerMappingDetails(Optional partnerMappi if (partnerMapping.getApiKeyData().getApiKeyCommenceOn().isAfter(DateUtils.getUTCCurrentDateTime()) || partnerMapping.getApiKeyData().getApiKeyExpiresOn() .isBefore(DateUtils.getUTCCurrentDateTime())) { - throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.PARTNER_NOT_REGISTERED.getErrorCode(), - IdAuthenticationErrorConstants.PARTNER_NOT_REGISTERED.getErrorMessage()); + throw new IdAuthenticationBusinessException(IdAuthenticationErrorConstants.PARTNER_API_EXPIRED.getErrorCode(), + IdAuthenticationErrorConstants.PARTNER_API_EXPIRED.getErrorMessage()); } } else { logger.info(IdAuthCommonConstants.IDA, this.getClass().getSimpleName(), "OIDC_client_validation", diff --git a/authentication/authentication-common/src/test/java/io/mosip/authentication/common/service/integration/PartnerServiceManagerTest.java b/authentication/authentication-common/src/test/java/io/mosip/authentication/common/service/integration/PartnerServiceManagerTest.java index 1bf210f2b49..f8acdee39fd 100644 --- a/authentication/authentication-common/src/test/java/io/mosip/authentication/common/service/integration/PartnerServiceManagerTest.java +++ b/authentication/authentication-common/src/test/java/io/mosip/authentication/common/service/integration/PartnerServiceManagerTest.java @@ -865,7 +865,7 @@ public void Test_validatePartnerMappingDetails_apikeyCommenceNotBefore() { if (e.getUndeclaredThrowable() instanceof IdAuthenticationBaseException) { IdAuthenticationBaseException idAuthenticationBaseException = (IdAuthenticationBaseException) e .getUndeclaredThrowable(); - assertEquals(IdAuthenticationErrorConstants.PARTNER_NOT_REGISTERED.getErrorCode(), + assertEquals(IdAuthenticationErrorConstants.PARTNER_API_EXPIRED.getErrorCode(), idAuthenticationBaseException.getErrorCode()); } } @@ -898,7 +898,7 @@ public void Test_validatePartnerMappingDetails_apikeyExpiryNotAfter() { if (e.getUndeclaredThrowable() instanceof IdAuthenticationBaseException) { IdAuthenticationBaseException idAuthenticationBaseException = (IdAuthenticationBaseException) e .getUndeclaredThrowable(); - assertEquals(IdAuthenticationErrorConstants.PARTNER_NOT_REGISTERED.getErrorCode(), + assertEquals(IdAuthenticationErrorConstants.PARTNER_API_EXPIRED.getErrorCode(), idAuthenticationBaseException.getErrorCode()); } } diff --git a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/IdAuthenticationErrorConstants.java b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/IdAuthenticationErrorConstants.java index eefa8d8ca90..4614fc484e3 100644 --- a/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/IdAuthenticationErrorConstants.java +++ b/authentication/authentication-core/src/main/java/io/mosip/authentication/core/constant/IdAuthenticationErrorConstants.java @@ -147,6 +147,9 @@ public enum IdAuthenticationErrorConstants { UNAUTHORISED_VCI_EXCHANGE_PARTNER("IDA-MPA-036", "Partner is unauthorised for VCI-Exchange"), VCI_EXCHANGE_NOT_ALLOWED("IDA-MPA-037", "%s not allowed as per policy", "Please try after updating misp policy"), + URI_PATH_PARAMS_MISSING("IDA-MPA-038", "Required Number of Path parameters are missing in URI", + "Please try adding all the required path parameters."), + PARTNER_API_EXPIRED("IDA-MPA-039", "Partner API is expired or using before Commence Start Date."), DATA_VALIDATION_FAILED("IDA-IDV-001", "Input Data Validation Failed"),