diff --git a/openapi/p4pa-auth.openapi.yaml b/openapi/p4pa-auth.openapi.yaml index b763d599..4b18cb37 100644 --- a/openapi/p4pa-auth.openapi.yaml +++ b/openapi/p4pa-auth.openapi.yaml @@ -59,15 +59,6 @@ components: message: type: string description: "ENG: Error message - IT: Messaggio di errore" - securitySchemes: - apiKeyHeader: - type: apiKey - name: Ocp-Apim-Subscription-Key - in: header - apiKeyQuery: - type: apiKey - name: subscription-key - in: query security: - apiKeyHeader: [] - apiKeyQuery: [] diff --git a/src/main/java/it/gov/pagopa/payhub/auth/exception/AuthExceptionHandler.java b/src/main/java/it/gov/pagopa/payhub/auth/exception/AuthExceptionHandler.java index 11abbb82..69640045 100644 --- a/src/main/java/it/gov/pagopa/payhub/auth/exception/AuthExceptionHandler.java +++ b/src/main/java/it/gov/pagopa/payhub/auth/exception/AuthExceptionHandler.java @@ -17,28 +17,25 @@ @Order(Ordered.HIGHEST_PRECEDENCE) public class AuthExceptionHandler { - @ExceptionHandler(InvalidTokenException.class) + @ExceptionHandler({InvalidTokenException.class, TokenExpiredException.class}) @ResponseStatus(HttpStatus.UNAUTHORIZED) - public AuthErrorDTO handleInvalidTokenException(InvalidTokenException ex, HttpServletRequest request){ - String message = getMessage(ex, request); - - return new AuthErrorDTO(AuthErrorDTO.CodeEnum.fromValue(ex.getCode()), message); - } - - @ExceptionHandler(TokenExpiredException.class) - @ResponseStatus(HttpStatus.UNAUTHORIZED) - public AuthErrorDTO handleTokenExpiredException(TokenExpiredException ex, HttpServletRequest request){ - String message = getMessage(ex, request); - return new AuthErrorDTO(AuthErrorDTO.CodeEnum.fromValue(ex.getCode()), message); - } - - private static String getMessage(Throwable ex, HttpServletRequest request) { + public AuthErrorDTO handleInvalidTokenException(ServiceException ex, HttpServletRequest request){ + logStackTrace(ex, request); String message = ex.getMessage(); log.info("A {} occurred handling request {}: HttpStatus 401 - {}", ex.getClass(), getRequestDetails(request), message); - return message; + return new AuthErrorDTO(ex.getCode(), message); + } + + public static void logStackTrace(ServiceException error, HttpServletRequest request) { + if(error.isPrintStackTrace()){ + log.info("A {} occurred handling request {} at {}", + error.getClass().getSimpleName() , + getRequestDetails(request), + error.getStackTrace().length > 0 ? error.getStackTrace()[0] : "UNKNOWN"); + } } public static String getRequestDetails(HttpServletRequest request) { diff --git a/src/main/java/it/gov/pagopa/payhub/auth/exception/ServiceException.java b/src/main/java/it/gov/pagopa/payhub/auth/exception/ServiceException.java new file mode 100644 index 00000000..71d9198a --- /dev/null +++ b/src/main/java/it/gov/pagopa/payhub/auth/exception/ServiceException.java @@ -0,0 +1,20 @@ +package it.gov.pagopa.payhub.auth.exception; + +import lombok.Getter; +import openapi.pagopa.payhub.model.AuthErrorDTO; + +@Getter +public class ServiceException extends RuntimeException { + private final AuthErrorDTO.CodeEnum code; + private final boolean printStackTrace; + + public ServiceException(AuthErrorDTO.CodeEnum code, String message) { + this(code, message, false, null); + } + + public ServiceException(AuthErrorDTO.CodeEnum code, String message, boolean printStackTrace, Throwable ex) { + super(message, ex); + this.code = code; + this.printStackTrace = printStackTrace; + } +} diff --git a/src/main/java/it/gov/pagopa/payhub/auth/exception/custom/InvalidTokenException.java b/src/main/java/it/gov/pagopa/payhub/auth/exception/custom/InvalidTokenException.java index 44d71f69..f7fffd08 100644 --- a/src/main/java/it/gov/pagopa/payhub/auth/exception/custom/InvalidTokenException.java +++ b/src/main/java/it/gov/pagopa/payhub/auth/exception/custom/InvalidTokenException.java @@ -1,23 +1,20 @@ package it.gov.pagopa.payhub.auth.exception.custom; +import it.gov.pagopa.payhub.auth.exception.ServiceException; import lombok.Getter; import openapi.pagopa.payhub.model.AuthErrorDTO; @Getter -public class InvalidTokenException extends RuntimeException { - private final String code; - private final boolean printStackTrace; +public class InvalidTokenException extends ServiceException { public InvalidTokenException(String message) { - this(AuthErrorDTO.CodeEnum.INVALID_TOKEN.getValue(), message); + this(AuthErrorDTO.CodeEnum.INVALID_TOKEN, message); } - public InvalidTokenException(String code, String message) { + public InvalidTokenException(AuthErrorDTO.CodeEnum code, String message) { this(code, message, false, null); } - public InvalidTokenException(String code, String message, boolean printStackTrace, Throwable ex) { - super(message, ex); - this.code = code; - this.printStackTrace = printStackTrace; + public InvalidTokenException(AuthErrorDTO.CodeEnum code, String message, boolean printStackTrace, Throwable ex) { + super(code, message, printStackTrace, ex); } } diff --git a/src/main/java/it/gov/pagopa/payhub/auth/exception/custom/TokenExpiredException.java b/src/main/java/it/gov/pagopa/payhub/auth/exception/custom/TokenExpiredException.java index efc0d7e4..b8574f12 100644 --- a/src/main/java/it/gov/pagopa/payhub/auth/exception/custom/TokenExpiredException.java +++ b/src/main/java/it/gov/pagopa/payhub/auth/exception/custom/TokenExpiredException.java @@ -1,23 +1,20 @@ package it.gov.pagopa.payhub.auth.exception.custom; +import it.gov.pagopa.payhub.auth.exception.ServiceException; import lombok.Getter; import openapi.pagopa.payhub.model.AuthErrorDTO; @Getter -public class TokenExpiredException extends RuntimeException { - private final String code; - private final boolean printStackTrace; +public class TokenExpiredException extends ServiceException { public TokenExpiredException(String message) { - this(AuthErrorDTO.CodeEnum.TOKEN_EXPIRED_DATE.getValue(), message); + this(AuthErrorDTO.CodeEnum.TOKEN_EXPIRED_DATE, message); } - public TokenExpiredException(String code, String message) { + public TokenExpiredException(AuthErrorDTO.CodeEnum code, String message) { this(code, message, false, null); } - public TokenExpiredException(String code, String message, boolean printStackTrace, Throwable ex) { - super(message, ex); - this.code = code; - this.printStackTrace = printStackTrace; + public TokenExpiredException(AuthErrorDTO.CodeEnum code, String message, boolean printStackTrace, Throwable ex) { + super(code, message, printStackTrace, ex); } } diff --git a/src/main/java/it/gov/pagopa/payhub/auth/utils/JWTValidator.java b/src/main/java/it/gov/pagopa/payhub/auth/utils/JWTValidator.java index a1f3d250..71d124f4 100644 --- a/src/main/java/it/gov/pagopa/payhub/auth/utils/JWTValidator.java +++ b/src/main/java/it/gov/pagopa/payhub/auth/utils/JWTValidator.java @@ -54,7 +54,7 @@ public Map validate(String token, String urlJwkProvider) { } catch (com.auth0.jwt.exceptions.TokenExpiredException e){ throw new TokenExpiredException(e.getMessage()); } catch (JwkException | JWTVerificationException ex) { - throw new InvalidTokenException(AuthErrorDTO.CodeEnum.INVALID_TOKEN.getValue(), "The token is not valid", true, ex); + throw new InvalidTokenException(AuthErrorDTO.CodeEnum.INVALID_TOKEN, "The token is not valid", true, ex); } } } diff --git a/src/main/resources/logback-spring.xml b/src/main/resources/logback-spring.xml index f863ecd6..4bd7b8f5 100644 --- a/src/main/resources/logback-spring.xml +++ b/src/main/resources/logback-spring.xml @@ -44,26 +44,6 @@ - - - - - - - true - 20000 - 0 - - - - - - - - - diff --git a/src/test/java/it/gov/pagopa/payhub/auth/exception/AuthExceptionHandlerTest.java b/src/test/java/it/gov/pagopa/payhub/auth/exception/AuthExceptionHandlerTest.java index 674a4628..d8803da7 100644 --- a/src/test/java/it/gov/pagopa/payhub/auth/exception/AuthExceptionHandlerTest.java +++ b/src/test/java/it/gov/pagopa/payhub/auth/exception/AuthExceptionHandlerTest.java @@ -4,6 +4,7 @@ import it.gov.pagopa.payhub.auth.exception.custom.InvalidTokenException; import it.gov.pagopa.payhub.auth.exception.custom.TokenExpiredException; import lombok.extern.slf4j.Slf4j; +import openapi.pagopa.payhub.model.AuthErrorDTO; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.junit.jupiter.MockitoExtension; @@ -61,6 +62,20 @@ void handleInvalidTokenException() throws Exception { } + @Test + void handleInvalidTokenExceptionWithStackTrace() throws Exception { + doThrow(new InvalidTokenException(AuthErrorDTO.CodeEnum.INVALID_TOKEN, "Error", true, new Throwable())) + .when(testControllerSpy).testEndpoint(); + + mockMvc.perform(MockMvcRequestBuilders.get("/test") + .contentType(MediaType.APPLICATION_JSON) + .accept(MediaType.APPLICATION_JSON)) + .andExpect(MockMvcResultMatchers.status().isUnauthorized()) + .andExpect(MockMvcResultMatchers.jsonPath("$.code").value("AUTH_INVALID_TOKEN")) + .andExpect(MockMvcResultMatchers.jsonPath("$.message").value("Error")); + + } + @Test void handleTokenExpiredException() throws Exception { doThrow(new TokenExpiredException("Error")).when(testControllerSpy).testEndpoint(); diff --git a/src/test/java/it/gov/pagopa/payhub/auth/service/AuthServiceTest.java b/src/test/java/it/gov/pagopa/payhub/auth/service/AuthServiceTest.java index 94a7ed4a..5c597ee8 100644 --- a/src/test/java/it/gov/pagopa/payhub/auth/service/AuthServiceTest.java +++ b/src/test/java/it/gov/pagopa/payhub/auth/service/AuthServiceTest.java @@ -73,7 +73,7 @@ void authTokenWrongIss() throws Exception { assertThrows(InvalidTokenException.class, () -> authService.authToken(token)); - assertEquals(AuthErrorDTO.CodeEnum.INVALID_TOKEN.getValue(), result.getCode()); + assertEquals(AuthErrorDTO.CodeEnum.INVALID_TOKEN, result.getCode()); } @Test @@ -88,7 +88,7 @@ void authTokenWrongAud() throws Exception { assertThrows(InvalidTokenException.class, () -> authService.authToken(token)); - assertEquals(AuthErrorDTO.CodeEnum.INVALID_TOKEN.getValue(), result.getCode()); + assertEquals(AuthErrorDTO.CodeEnum.INVALID_TOKEN, result.getCode()); } private Map createJWKClaims (String iss, String aud){ diff --git a/src/test/java/it/gov/pagopa/payhub/auth/utils/MemoryAppender.java b/src/test/java/it/gov/pagopa/payhub/auth/utils/MemoryAppender.java deleted file mode 100644 index 07acace4..00000000 --- a/src/test/java/it/gov/pagopa/payhub/auth/utils/MemoryAppender.java +++ /dev/null @@ -1,27 +0,0 @@ -package it.gov.pagopa.payhub.auth.utils; - -import ch.qos.logback.classic.spi.ILoggingEvent; -import ch.qos.logback.core.read.ListAppender; - -import java.util.Collections; -import java.util.List; - -public class MemoryAppender extends ListAppender { - public void reset() { - this.list.clear(); - } - - public boolean contains(ch.qos.logback.classic.Level level, String string) { - return this.list.stream() - .anyMatch(event -> event.toString().contains(string) - && event.getLevel().equals(level)); - } - - public int getSize() { - return this.list.size(); - } - - public List getLoggedEvents() { - return Collections.unmodifiableList(this.list); - } -}