feature/Enhance error handling in case of Direct Login

2026-02-06 14:46:49 +00:00 · 2023-03-15 10:47:04 +01:00 · 2023-03-15 10:47:04 +01:00 · a77d7ed508
commit a77d7ed508
parent fe22713956
3 changed files with 12 additions and 7 deletions
--- a/obp-api/src/main/scala/code/api/directlogin.scala
+++ b/obp-api/src/main/scala/code/api/directlogin.scala
@ -264,11 +264,11 @@ object DirectLogin extends RestHelper with MdcLoggable {
          if (header.contains("DirectLogin"))
            toMap(header)
          else
-            Map("error" -> "header incorrect")
+            Map("error" -> ErrorMessages.InvalidDirectLoginHeader)
        }
-        case _ => Map("error" -> "missing header")
+        case _ => Map("error" -> ErrorMessages.MissingDirectLoginHeader)
      }
-      case _ => Map("error" -> "request incorrect")
+      case _ => Map("error" -> ErrorMessages.MissingDirectLoginHeader)
    }
  }

@ -380,7 +380,11 @@ object DirectLogin extends RestHelper with MdcLoggable {
    for {
      valid <- validF
    } yield {
-      if (missingParams.nonEmpty) {
+      if (parameters.get("error").isDefined) {
+        message = parameters.get("error").getOrElse("")
+        httpCode = 400
+      }
+      else if (missingParams.nonEmpty) {
        message = ErrorMessages.DirectLoginMissingParameters + missingParams.mkString(", ")
        httpCode = 400
      }
--- a/obp-api/src/main/scala/code/api/util/ErrorMessages.scala
+++ b/obp-api/src/main/scala/code/api/util/ErrorMessages.scala
@ -199,7 +199,8 @@ object ErrorMessages {
  val InvalidAuthorizationHeader = "OBP-20080: Authorization Header format is not supported at this instance."
  
  val UserAttributeNotFound = "OBP-20081: User Attribute not found by USER_ATTRIBUTE_ID."
-  
+  val MissingDirectLoginHeader = "OBP-20082: Missing DirectLogin or Authorization header."
+  val InvalidDirectLoginHeader = "OBP-20083: Missing DirectLogin word at the value of Authorization header."

  val UserNotSuperAdminOrMissRole = "OBP-20101: Current User is not super admin or is missing entitlements:"
  val CannotGetOrCreateUser = "OBP-20102: Cannot get or create user."
--- a/obp-api/src/test/scala/code/api/DirectLoginTest.scala
+++ b/obp-api/src/test/scala/code/api/DirectLoginTest.scala
@ -132,7 +132,7 @@ class DirectLoginTest extends ServerSetup with BeforeAndAfter {

      Then("We should get a 400 - Bad Request")
      response.code should equal(400)
-      assertResponse(response, ErrorMessages.DirectLoginMissingParameters)
+      assertResponse(response, ErrorMessages.MissingDirectLoginHeader)
    }

    scenario("Invalid credentials") {
@ -212,7 +212,7 @@ class DirectLoginTest extends ServerSetup with BeforeAndAfter {

      Then("We should get a 400 - Bad Request")
      response.code should equal(400)
-      assertResponse(response, ErrorMessages.DirectLoginMissingParameters)
+      assertResponse(response, ErrorMessages.MissingDirectLoginHeader)
    }

    scenario("Login without consumer key") {