This is an automated email from the ASF dual-hosted git repository. smolnar pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git
The following commit(s) were added to refs/heads/master by this push: new cb48e0f KNOX-2621 - Consolidated some HTTP error codes upon JWT/Passcode validation (#458) cb48e0f is described below commit cb48e0f6c42bebd3b43e9fceaaf4e7b2a293ec76 Author: Sandor Molnar <smol...@apache.org> AuthorDate: Sat Jun 12 11:39:05 2021 +0200 KNOX-2621 - Consolidated some HTTP error codes upon JWT/Passcode validation (#458) --- .../provider/federation/jwt/filter/AbstractJWTFilter.java | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/AbstractJWTFilter.java b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/AbstractJWTFilter.java index 3a0179a..6c0de72 100644 --- a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/AbstractJWTFilter.java +++ b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/AbstractJWTFilter.java @@ -356,8 +356,7 @@ public abstract class AbstractJWTFilter implements Filter { // records for other valid tokens from being prematurely evicted from the cache. removeSignatureVerificationRecord(token.toString()); - handleValidationError(request, response, HttpServletResponse.SC_BAD_REQUEST, - "Bad request: token has expired"); + handleValidationError(request, response, HttpServletResponse.SC_UNAUTHORIZED, "Token has expired"); } } catch (UnknownTokenException e) { @@ -386,7 +385,7 @@ public abstract class AbstractJWTFilter implements Filter { return true; } else { log.wrongPasscodeToken(tokenId); - handleValidationError(request, response, HttpServletResponse.SC_BAD_REQUEST, "Bad request: wrong passcode"); + handleValidationError(request, response, HttpServletResponse.SC_UNAUTHORIZED, "Invalid passcode"); } } else { log.tokenHasExpired(Tokens.getTokenIDDisplayText(tokenId)); @@ -394,13 +393,11 @@ public abstract class AbstractJWTFilter implements Filter { // There is no value in keeping this record for expired tokens, and explicitly removing them may prevent // records for other valid tokens from being prematurely evicted from the cache. removeSignatureVerificationRecord(passcode); - handleValidationError(request, response, HttpServletResponse.SC_BAD_REQUEST, - "Bad request: token has expired"); + handleValidationError(request, response, HttpServletResponse.SC_UNAUTHORIZED, "Token has expired"); } } else { log.missingTokenPasscode(); - handleValidationError(request, response, HttpServletResponse.SC_BAD_REQUEST, - "Bad request: missing token passcode."); + handleValidationError(request, response, HttpServletResponse.SC_BAD_REQUEST, "Bad request: missing token passcode."); } } catch (UnknownTokenException e) { log.unableToVerifyExpiration(e);