[knox] branch master updated: KNOX-2621 - Consolidated some HTTP error codes upon JWT/Passcode validation (#458)

smolnar Sat, 12 Jun 2021 02:39:27 -0700

This is an automated email from the ASF dual-hosted git repository.

smolnar pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git



The following commit(s) were added to refs/heads/master by this push:
     new cb48e0f  KNOX-2621 - Consolidated some HTTP error codes upon 
JWT/Passcode validation (#458)
cb48e0f is described below

commit cb48e0f6c42bebd3b43e9fceaaf4e7b2a293ec76
Author: Sandor Molnar <smol...@apache.org>
AuthorDate: Sat Jun 12 11:39:05 2021 +0200

    KNOX-2621 - Consolidated some HTTP error codes upon JWT/Passcode validation 
(#458)
---
 .../provider/federation/jwt/filter/AbstractJWTFilter.java     | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git 
a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/AbstractJWTFilter.java
 
b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/AbstractJWTFilter.java
index 3a0179a..6c0de72 100644
--- 
a/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/AbstractJWTFilter.java
+++ 
b/gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/AbstractJWTFilter.java
@@ -356,8 +356,7 @@ public abstract class AbstractJWTFilter implements Filter {
           // records for other valid tokens from being prematurely evicted 
from the cache.
           removeSignatureVerificationRecord(token.toString());
 
-          handleValidationError(request, response, 
HttpServletResponse.SC_BAD_REQUEST,
-                                "Bad request: token has expired");
+          handleValidationError(request, response, 
HttpServletResponse.SC_UNAUTHORIZED, "Token has expired");
 
         }
       } catch (UnknownTokenException e) {
@@ -386,7 +385,7 @@ public abstract class AbstractJWTFilter implements Filter {
               return true;
             } else {
               log.wrongPasscodeToken(tokenId);
-              handleValidationError(request, response, 
HttpServletResponse.SC_BAD_REQUEST, "Bad request: wrong passcode");
+              handleValidationError(request, response, 
HttpServletResponse.SC_UNAUTHORIZED, "Invalid passcode");
             }
           } else {
             log.tokenHasExpired(Tokens.getTokenIDDisplayText(tokenId));
@@ -394,13 +393,11 @@ public abstract class AbstractJWTFilter implements Filter 
{
             // There is no value in keeping this record for expired tokens, 
and explicitly removing them may prevent
             // records for other valid tokens from being prematurely evicted 
from the cache.
             removeSignatureVerificationRecord(passcode);
-            handleValidationError(request, response, 
HttpServletResponse.SC_BAD_REQUEST,
-                    "Bad request: token has expired");
+            handleValidationError(request, response, 
HttpServletResponse.SC_UNAUTHORIZED, "Token has expired");
           }
         } else {
           log.missingTokenPasscode();
-          handleValidationError(request, response, 
HttpServletResponse.SC_BAD_REQUEST,
-                                "Bad request: missing token passcode.");
+          handleValidationError(request, response, 
HttpServletResponse.SC_BAD_REQUEST, "Bad request: missing token passcode.");
         }
       } catch (UnknownTokenException e) {
         log.unableToVerifyExpiration(e);

[knox] branch master updated: KNOX-2621 - Consolidated some HTTP error codes upon JWT/Passcode validation (#458)

Reply via email to