From 2265a3f8c330c9fb76a4c5a48dc299a1f08b50d3 Mon Sep 17 00:00:00 2001 From: Amanda Anganes Date: Fri, 29 Mar 2013 12:01:41 -0400 Subject: [PATCH] Updated error handling messages for scope, approved site, blacklist, whitelist, and client APIs using new JsonErrorView --- .../java/org/mitre/oauth2/web/ScopeAPI.java | 25 +++++++++-------- .../openid/connect/web/ApprovedSiteAPI.java | 14 ++++++---- .../openid/connect/web/BlacklistAPI.java | 28 +++++++++---------- .../mitre/openid/connect/web/ClientAPI.java | 27 +++++++++--------- .../openid/connect/web/WhitelistAPI.java | 26 +++++++++-------- 5 files changed, 63 insertions(+), 57 deletions(-) diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java b/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java index 3f51cfff3..f00d46853 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/web/ScopeAPI.java @@ -65,7 +65,8 @@ public class ScopeAPI { logger.error("getScope failed; scope not found: " + id); m.put("code", HttpStatus.NOT_FOUND); - return "httpCodeView"; + m.put("errorMessage", "The requested scope with id " + id + " could not be found."); + return "jsonErrorView"; } } @@ -93,16 +94,17 @@ public class ScopeAPI { + existing.getId() + " and " + scope.getId()); m.put("code", HttpStatus.BAD_REQUEST); - - return "httpCodeView"; + m.put("errorMessage", "Could not update scope. Scope ids to not match: got " + + existing.getId() + " and " + scope.getId()); + return "jsonErrorView"; } } else { logger.error("updateScope failed; scope with id " + id + " not found."); m.put("code", HttpStatus.NOT_FOUND); - - return "httpCodeView"; + m.put("errorMessage", "Could not update scope. The scope with id " + id + " could not be found."); + return "jsonErrorView"; } } @@ -116,8 +118,8 @@ public class ScopeAPI { //Error, cannot save a scope with the same value as an existing one logger.error("Error: attempting to save a scope with a value that already exists: " + scope.getValue()); m.put("code", HttpStatus.CONFLICT); - m.put("entity", "A scope with value " + scope.getValue() + " already exists, please choose a different value."); - return "jsonEntityView"; + m.put("errorMessage", "A scope with value " + scope.getValue() + " already exists, please choose a different value."); + return "jsonErrorView"; } scope = scopeService.save(scope); @@ -130,10 +132,9 @@ public class ScopeAPI { } else { logger.error("createScope failed; JSON was invalid: " + json); - m.put("entity", "An error occurred while processing your request - invalud JSON."); m.put("code", HttpStatus.BAD_REQUEST); - - return "jsonEntityView"; + m.put("errorMessage", "Could not save new scope " + scope.getValue() + ". The scope service failed to return a saved entity."); + return "jsonErrorView"; } } @@ -152,8 +153,8 @@ public class ScopeAPI { logger.error("deleteScope failed; scope with id " + id + " not found."); m.put("code", HttpStatus.NOT_FOUND); - - return "httpCodeView"; + m.put("errorMessage", "Could not delete scope. The requested scope with id " + id + " could not be found."); + return "jsonErrorView"; } } diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java index 7e1802c8d..8c3ff9c01 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ApprovedSiteAPI.java @@ -59,14 +59,14 @@ public class ApprovedSiteAPI { if (approvedSite == null) { logger.error("deleteApprovedSite failed; no approved site found for id: " + id); m.put("code", HttpStatus.NOT_FOUND); - m.put("entity", "An error occurred while processing your request - no approved site found for id: " + id); - return "jsonEntityView"; + m.put("errorMessage", "Could not delete approved site. The requested approved site with id: " + id + " could not be found."); + return "jsonErrorView"; } else if (!approvedSite.getUserId().equals(p.getName())) { logger.error("deleteApprovedSite failed; principal " + p.getName() + " does not own approved site" + id); m.put("code", HttpStatus.FORBIDDEN); - m.put("entity", "An error occurred while processing your request - you do not have permission to delete this approved site"); - return "jsonEntityView"; + m.put("errorMessage", "You do not have permission to delete this approved site. The approved site decision will not be deleted."); + return "jsonErrorView"; } else { m.put("code", HttpStatus.OK); approvedSiteService.remove(approvedSite); @@ -84,12 +84,14 @@ public class ApprovedSiteAPI { if (approvedSite == null) { logger.error("getApprovedSite failed; no approved site found for id: " + id); m.put("code", HttpStatus.NOT_FOUND); - return "httpCodeView"; + m.put("errorMessage", "The requested approved site with id: " + id + " could not be found."); + return "jsonErrorView"; } else if (!approvedSite.getUserId().equals(p.getName())) { logger.error("getApprovedSite failed; principal " + p.getName() + " does not own approved site" + id); m.put("code", HttpStatus.FORBIDDEN); - return "httpCodeView"; + m.put("errorMessage", "You do not have permission to view this approved site."); + return "jsonErrorView"; } else { m.put("entity", approvedSite); return "jsonEntityView"; diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java index c46901f4d..85683c013 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/BlacklistAPI.java @@ -82,13 +82,13 @@ public class BlacklistAPI { catch (JsonSyntaxException e) { logger.error("addNewBlacklistedSite failed due to JsonSyntaxException: " + e.getStackTrace().toString()); m.put("code", HttpStatus.BAD_REQUEST); - m.put("entity", "An error occurred while processing your request. Contact a system administrator for assistance."); - return "jsonEntityView"; + m.put("errorMessage", "Could not save new blacklisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance."); + return "jsonErrorView"; } catch (IllegalStateException e) { logger.error("addNewBlacklistedSite failed due to IllegalStateException: " + e.getStackTrace().toString()); m.put("code", HttpStatus.BAD_REQUEST); - m.put("entity", "An error occurred while processing your request. Refresh and try again - if the problem persists, contact a system administrator for assistance."); - return "jsonEntityView"; + m.put("errorMessage", "Could not save new blacklisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance."); + return "jsonErrorView"; } return "jsonEntityView"; @@ -114,13 +114,13 @@ public class BlacklistAPI { catch (JsonSyntaxException e) { logger.error("updateBlacklistedSite failed due to JsonSyntaxException: " + e.getStackTrace().toString()); m.put("code", HttpStatus.BAD_REQUEST); - m.put("entity", "An error occurred while processing your request. Contact a system administrator for assistance."); - return "jsonEntityView"; + m.put("errorMessage", "Could not update blacklisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance."); + return "jsonErrorView"; } catch (IllegalStateException e) { logger.error("updateBlacklistedSite failed due to IllegalStateException: " + e.getStackTrace().toString()); m.put("code", HttpStatus.BAD_REQUEST); - m.put("entity", "An error occurred while processing your request. Refresh and try again - if the problem persists, contact a system administrator for assistance."); - return "jsonEntityView"; + m.put("errorMessage", "Could not update blacklisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance."); + return "jsonErrorView"; } @@ -129,8 +129,8 @@ public class BlacklistAPI { if (oldBlacklist == null) { logger.error("updateBlacklistedSite failed; blacklist with id " + id + " could not be found"); m.put("code", HttpStatus.NOT_FOUND); - m.put("entity", "An error occurred while processing your request - the requested blacklisted site could not be found."); - return "jsonEntityView"; + m.put("errorMessage", "Could not update blacklisted site. The requested blacklist with id " + id + "could not be found."); + return "jsonErrorView"; } else { BlacklistedSite newBlacklist = blacklistService.update(oldBlacklist, blacklist); @@ -151,8 +151,8 @@ public class BlacklistAPI { if (blacklist == null) { logger.error("deleteBlacklistedSite failed; blacklist with id " + id + " could not be found"); - m.put("entity", "An error occurred while processing your request - the requested blacklisted site could not be found."); - return "jsonEntityView"; + m.put("errorMessage", "Could not delete bladklist. The requested bladklist with id " + id + " could not be found."); + return "jsonErrorView"; } else { m.put("code", HttpStatus.OK); blacklistService.remove(blacklist); @@ -170,8 +170,8 @@ public class BlacklistAPI { if (blacklist == null) { logger.error("getBlacklistedSite failed; blacklist with id " + id + " could not be found"); m.put("code", HttpStatus.NOT_FOUND); - m.put("entity", "An error occurred while processing your request - the requested blacklisted site could not be found."); - return "jsonEntityView"; + m.put("errorMessage", "Could not delete bladklist. The requested bladklist with id " + id + " could not be found."); + return "jsonErrorView"; } else { m.put("entity", blacklist); diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java index 3682ce41f..cc1b75708 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java @@ -138,13 +138,13 @@ public class ClientAPI { catch (JsonSyntaxException e) { logger.error("apiAddClient failed due to JsonSyntaxException: " + e.getStackTrace().toString()); m.addAttribute("code", HttpStatus.BAD_REQUEST); - m.addAttribute("entity", "An error occurred while processing your request. Contact a system administrator for assistance."); - return "jsonEntityView"; + m.addAttribute("errorMessage", "Could not save new client. The server encountered a JSON syntax exception. Contact a system administrator for assistance."); + return "jsonErrorView"; } catch (IllegalStateException e) { logger.error("apiAddClient failed due to IllegalStateException: " + e.getStackTrace().toString()); m.addAttribute("code", HttpStatus.BAD_REQUEST); - m.addAttribute("entity", "An error occurred while processing your request. Contact a system administrator for assistance."); - return "jsonEntityView"; + m.addAttribute("errorMessage", "Could not save new client. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance."); + return "jsonErrorView"; } // if they leave the client secret empty, force it to be generated @@ -195,13 +195,13 @@ public class ClientAPI { catch (JsonSyntaxException e) { logger.error("apiUpdateClient failed due to JsonSyntaxException: " + e.getStackTrace().toString()); m.addAttribute("code", HttpStatus.BAD_REQUEST); - m.addAttribute("entity", "An error occurred while processing your request. Contact a system administrator for assistance."); - return "jsonEntityView"; + m.addAttribute("errorMessage", "Could not update client. The server encountered a JSON syntax exception. Contact a system administrator for assistance."); + return "jsonErrorView"; } catch (IllegalStateException e) { logger.error("apiUpdateClient failed due to IllegalStateException: " + e.getStackTrace().toString()); m.addAttribute("code", HttpStatus.BAD_REQUEST); - m.addAttribute("entity", "An error occurred while processing your request. Contact a system administrator for assistance."); - return "jsonEntityView"; + m.addAttribute("errorMessage", "Could not update client. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance."); + return "jsonErrorView"; } ClientDetailsEntity oldClient = clientService.getClientById(id); @@ -209,8 +209,8 @@ public class ClientAPI { if (oldClient == null) { logger.error("apiUpdateClient failed; client with id " + id + " could not be found."); m.addAttribute("code", HttpStatus.NOT_FOUND); - m.addAttribute("entity", "An error occurred while processing your request. The requested client could not be found."); - return "jsonEntityView"; + m.addAttribute("errorMessage", "Could not update client. The requested client with id " + id + "could not be found."); + return "jsonErrorView"; } // if they leave the client secret empty, force it to be generated @@ -252,8 +252,8 @@ public class ClientAPI { if (client == null) { logger.error("apiDeleteClient failed; client with id " + id + " could not be found."); modelAndView.getModelMap().put("code", HttpStatus.NOT_FOUND); - modelAndView.getModelMap().put("entity", "An error occurred while processing your request. The requested client could not be found."); - return "jsonEntityView"; + modelAndView.addAttribute("errorMessage", "Could not delete client. The requested client with id " + id + "could not be found."); + return "jsonErrorView"; } else { modelAndView.getModelMap().put("code", HttpStatus.OK); clientService.deleteClient(client); @@ -277,7 +277,8 @@ public class ClientAPI { if (client == null) { logger.error("apiShowClient failed; client with id " + id + " could not be found."); model.addAttribute("code", HttpStatus.NOT_FOUND); - return "httpCodeView"; + model.addAttribute("errorMessage", "The requested client with id " + id + "could not be found."); + return "jsonErrorView"; } model.addAttribute("entity", client); diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java index a9910ca17..f28bf8040 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/WhitelistAPI.java @@ -78,13 +78,13 @@ public class WhitelistAPI { } catch (JsonParseException e) { logger.error("addNewWhitelistedSite failed due to JsonParseException: " + e.getStackTrace().toString()); m.addAttribute("code", HttpStatus.BAD_REQUEST); - m.addAttribute("entity", "An error occurred while processing your request. Contact a system administrator for assistance."); - return "jsonEntityView"; + m.addAttribute("errorMessage", "Could not save new whitelisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance."); + return "jsonErrorView"; } catch (IllegalStateException e) { logger.error("addNewWhitelistedSite failed due to IllegalStateException: " + e.getStackTrace().toString()); m.addAttribute("code", HttpStatus.BAD_REQUEST); - m.addAttribute("entity", "An error occurred while processing your request. Contact a system administrator for assistance."); - return "jsonEntityView"; + m.addAttribute("errorMessage", "Could not save new whitelisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance."); + return "jsonErrorView"; } // save the id of the person who created this @@ -115,13 +115,13 @@ public class WhitelistAPI { } catch (JsonParseException e) { logger.error("updateWhitelistedSite failed due to JsonParseException: " + e.getStackTrace().toString()); m.put("code", HttpStatus.BAD_REQUEST); - m.put("entity", "An error occurred while processing your request. Contact a system administrator for assistance."); - return "jsonEntityView"; + m.put("errorMessage", "Could not update whitelisted site. The server encountered a JSON syntax exception. Contact a system administrator for assistance."); + return "jsonErrorView"; } catch (IllegalStateException e) { logger.error("updateWhitelistedSite failed due to IllegalStateException: " + e.getStackTrace().toString()); m.put("code", HttpStatus.BAD_REQUEST); - m.put("entity", "An error occurred while processing your request. Contact a system administrator for assistance."); - return "jsonEntityView"; + m.put("errorMessage", "Could not update whitelisted site. The server encountered an IllegalStateException. Refresh and try again - if the problem persists, contact a system administrator for assistance."); + return "jsonErrorView"; } WhitelistedSite oldWhitelist = whitelistService.getById(id); @@ -129,7 +129,8 @@ public class WhitelistAPI { if (oldWhitelist == null) { logger.error("updateWhitelistedSite failed; whitelist with id " + id + " could not be found."); m.put("code", HttpStatus.NOT_FOUND); - return "httpCodeView"; + m.put("errorMessage", "Could not update whitelisted site. The requested whitelisted site with id " + id + "could not be found."); + return "jsonErrorView"; } else { WhitelistedSite newWhitelist = whitelistService.update(oldWhitelist, whitelist); @@ -152,8 +153,8 @@ public class WhitelistAPI { if (whitelist == null) { logger.error("deleteWhitelistedSite failed; whitelist with id " + id + " could not be found."); m.put("code", HttpStatus.NOT_FOUND); - m.put("entity", "An error occurred while processing your request. The requested whitelist entry could not be found."); - return "jsonEntityView"; + m.put("errorMessage", "Could not delete whitelisted site. The requested whitelisted site with id " + id + "could not be found."); + return "jsonErrorView"; } else { m.put("code", HttpStatus.OK); whitelistService.remove(whitelist); @@ -171,7 +172,8 @@ public class WhitelistAPI { if (whitelist == null) { logger.error("getWhitelistedSite failed; whitelist with id " + id + " could not be found."); m.put("code", HttpStatus.NOT_FOUND); - return "httpCodeView"; + m.put("errorMessage", "The requested whitelisted site with id " + id + "could not be found."); + return "jsonErrorView"; } else { m.put("entity", whitelist);