From a77d7ed50828ddd5d09a138ee40425d2ce1dc63a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20Mili=C4=87?= Date: Wed, 15 Mar 2023 10:47:04 +0100 Subject: [PATCH] feature/Enhance error handling in case of Direct Login --- obp-api/src/main/scala/code/api/directlogin.scala | 12 ++++++++---- .../src/main/scala/code/api/util/ErrorMessages.scala | 3 ++- .../src/test/scala/code/api/DirectLoginTest.scala | 4 ++-- 3 files changed, 12 insertions(+), 7 deletions(-) diff --git a/obp-api/src/main/scala/code/api/directlogin.scala b/obp-api/src/main/scala/code/api/directlogin.scala index 7a27bf014..190482f93 100644 --- a/obp-api/src/main/scala/code/api/directlogin.scala +++ b/obp-api/src/main/scala/code/api/directlogin.scala @@ -264,11 +264,11 @@ object DirectLogin extends RestHelper with MdcLoggable { if (header.contains("DirectLogin")) toMap(header) else - Map("error" -> "header incorrect") + Map("error" -> ErrorMessages.InvalidDirectLoginHeader) } - case _ => Map("error" -> "missing header") + case _ => Map("error" -> ErrorMessages.MissingDirectLoginHeader) } - case _ => Map("error" -> "request incorrect") + case _ => Map("error" -> ErrorMessages.MissingDirectLoginHeader) } } @@ -380,7 +380,11 @@ object DirectLogin extends RestHelper with MdcLoggable { for { valid <- validF } yield { - if (missingParams.nonEmpty) { + if (parameters.get("error").isDefined) { + message = parameters.get("error").getOrElse("") + httpCode = 400 + } + else if (missingParams.nonEmpty) { message = ErrorMessages.DirectLoginMissingParameters + missingParams.mkString(", ") httpCode = 400 } diff --git a/obp-api/src/main/scala/code/api/util/ErrorMessages.scala b/obp-api/src/main/scala/code/api/util/ErrorMessages.scala index 2119d9891..d34cff08b 100644 --- a/obp-api/src/main/scala/code/api/util/ErrorMessages.scala +++ b/obp-api/src/main/scala/code/api/util/ErrorMessages.scala @@ -199,7 +199,8 @@ object ErrorMessages { val InvalidAuthorizationHeader = "OBP-20080: Authorization Header format is not supported at this instance." val UserAttributeNotFound = "OBP-20081: User Attribute not found by USER_ATTRIBUTE_ID." - + val MissingDirectLoginHeader = "OBP-20082: Missing DirectLogin or Authorization header." + val InvalidDirectLoginHeader = "OBP-20083: Missing DirectLogin word at the value of Authorization header." val UserNotSuperAdminOrMissRole = "OBP-20101: Current User is not super admin or is missing entitlements:" val CannotGetOrCreateUser = "OBP-20102: Cannot get or create user." diff --git a/obp-api/src/test/scala/code/api/DirectLoginTest.scala b/obp-api/src/test/scala/code/api/DirectLoginTest.scala index f49cf2cfa..5f5a8f79a 100644 --- a/obp-api/src/test/scala/code/api/DirectLoginTest.scala +++ b/obp-api/src/test/scala/code/api/DirectLoginTest.scala @@ -132,7 +132,7 @@ class DirectLoginTest extends ServerSetup with BeforeAndAfter { Then("We should get a 400 - Bad Request") response.code should equal(400) - assertResponse(response, ErrorMessages.DirectLoginMissingParameters) + assertResponse(response, ErrorMessages.MissingDirectLoginHeader) } scenario("Invalid credentials") { @@ -212,7 +212,7 @@ class DirectLoginTest extends ServerSetup with BeforeAndAfter { Then("We should get a 400 - Bad Request") response.code should equal(400) - assertResponse(response, ErrorMessages.DirectLoginMissingParameters) + assertResponse(response, ErrorMessages.MissingDirectLoginHeader) } scenario("Login without consumer key") {