added http and json error handling to webfinger service

openid-connect-client/src/main/java/org/mitre/openid/connect/client/service/impl/WebfingerIssuerService.java

@@ -35,6 +35,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
 import org.springframework.security.authentication.AuthenticationServiceException;
+import org.springframework.web.client.RestClientException;
 import org.springframework.web.client.RestTemplate;
 import org.springframework.web.util.UriComponents;
 
@@ -46,6 +47,7 @@ import com.google.common.util.concurrent.UncheckedExecutionException;
 import com.google.gson.JsonArray;
 import com.google.gson.JsonElement;
 import com.google.gson.JsonObject;
+import com.google.gson.JsonParseException;
 import com.google.gson.JsonParser;
 
 /**
@@ -99,11 +101,8 @@ public class WebfingerIssuerService implements IssuerService {
 				}
 
 				return new IssuerServiceResponse(issuer, identifier, null);
-			} catch (UncheckedExecutionException ue) {
+			} catch (UncheckedExecutionException | ExecutionException e) {
-				logger.warn("Issue fetching issuer for user input: " + identifier, ue);
+				logger.warn("Issue fetching issuer for user input: " + identifier, e.getMessage());
-				return null;
-			} catch (ExecutionException e) {
-				logger.warn("Issue fetching issuer for user input: " + identifier, e);
 				return null;
 			}
 
@@ -207,43 +206,44 @@ public class WebfingerIssuerService implements IssuerService {
 			builder.addParameter("resource", key.toString());
 			builder.addParameter("rel", "http://openid.net/specs/connect/1.0/issuer");
 
-			// do the fetch
+			try {
-			logger.info("Loading: " + builder.toString());
+			
-			String webfingerResponse = restTemplate.getForObject(builder.build(), String.class);
+				// do the fetch
-
+				logger.info("Loading: " + builder.toString());
-			// TODO: catch and handle HTTP errors
+				String webfingerResponse = restTemplate.getForObject(builder.build(), String.class);
-
+	
-			JsonElement json = parser.parse(webfingerResponse);
+				JsonElement json = parser.parse(webfingerResponse);
-
+	
-			// TODO: catch and handle JSON errors
+				if (json != null && json.isJsonObject()) {
-
+					// find the issuer
-			if (json != null && json.isJsonObject()) {
+					JsonArray links = json.getAsJsonObject().get("links").getAsJsonArray();
-				// find the issuer
+					for (JsonElement link : links) {
-				JsonArray links = json.getAsJsonObject().get("links").getAsJsonArray();
+						if (link.isJsonObject()) {
-				for (JsonElement link : links) {
+							JsonObject linkObj = link.getAsJsonObject();
-					if (link.isJsonObject()) {
+							if (linkObj.has("href")
-						JsonObject linkObj = link.getAsJsonObject();
+									&& linkObj.has("rel")
-						if (linkObj.has("href")
+									&& linkObj.get("rel").getAsString().equals("http://openid.net/specs/connect/1.0/issuer")) {
-								&& linkObj.has("rel")
+	
-								&& linkObj.get("rel").getAsString().equals("http://openid.net/specs/connect/1.0/issuer")) {
+								// we found the issuer, return it
-
+								return linkObj.get("href").getAsString();
-							// we found the issuer, return it
+							}
-							return linkObj.get("href").getAsString();
 						}
 					}
 				}
+			} catch (JsonParseException | RestClientException e) {
+				logger.warn("Failure in fetching webfinger input", e.getMessage());
 			}
 
-			// we couldn't find it
+			// we couldn't find it!
 
 			if (key.getScheme().equals("http") || key.getScheme().equals("https")) {
-				// if it looks like HTTP then punt and return the input
+				// if it looks like HTTP then punt: return the input, hope for the best
 				logger.warn("Returning normalized input string as issuer, hoping for the best: " + key.toString());
 				return key.toString();
 			} else {
 				// if it's not HTTP, give up
 				logger.warn("Couldn't find issuer: " + key.toString());
-				return null;
+				throw new IllegalArgumentException();
 			}
 
 		}