Handled LDAP errors, fixed #45.
Change-Id: If367ebe988e510c986d27f7075b45f352e001f80
Change-Id: If367ebe988e510c986d27f7075b45f352e001f80
diff --git a/full/Changes b/full/Changes
index 1633dbb..cea6968 100644
--- a/full/Changes
+++ b/full/Changes
@@ -9,6 +9,8 @@
checker (margaretha)
- Fixed sharing unknown VC, updating corpusQuery, and handling non-
unique group name and unknown VC access (margaretha)
+27/06/2019
+ - Handled LDAP errors, fixed #45 (margaretha)
# version 0.61.6
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java b/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java
index 137812e..650a118 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java
@@ -11,6 +11,7 @@
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
+import org.eclipse.jetty.http.HttpHeader;
import org.springframework.beans.factory.annotation.Autowired;
import com.mchange.rmi.NotAuthorizedException;
@@ -240,9 +241,9 @@
return;
}
- if (headerMap != null && headerMap.containsKey(com.google.common.net.HttpHeaders.X_FORWARDED_FOR)) {
+ if (headerMap != null && headerMap.containsKey(HttpHeader.X_FORWARDED_FOR.toString())) {
- String[] vals = headerMap.getFirst(com.google.common.net.HttpHeaders.X_FORWARDED_FOR).split(",");
+ String[] vals = headerMap.getFirst(HttpHeader.X_FORWARDED_FOR.toString()).split(",");
String clientAddress = vals[0];
try {
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/OAuth2ResponseHandler.java b/full/src/main/java/de/ids_mannheim/korap/web/OAuth2ResponseHandler.java
index 959803c..0b21a14 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/OAuth2ResponseHandler.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/OAuth2ResponseHandler.java
@@ -87,7 +87,10 @@
OAuthResponse oAuthResponse = null;
String errorCode = e.getEntity();
try {
- if (errorCode.equals(OAuth2Error.INVALID_CLIENT)
+ if (errorCode == null){
+ return super.throwit(e);
+ }
+ else if (errorCode.equals(OAuth2Error.INVALID_CLIENT)
|| errorCode.equals(OAuth2Error.UNAUTHORIZED_CLIENT)
|| errorCode.equals(OAuth2Error.INVALID_TOKEN)) {
oAuthResponse = createOAuthResponse(e,
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2Controller.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2Controller.java
index 4ad63dc..d733dc6 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2Controller.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuth2Controller.java
@@ -28,7 +28,6 @@
import de.ids_mannheim.korap.constant.OAuth2Scope;
import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.oauth2.entity.AccessScope;
import de.ids_mannheim.korap.oauth2.oltu.OAuth2AuthorizationRequest;
import de.ids_mannheim.korap.oauth2.oltu.OAuth2RevokeTokenRequest;
import de.ids_mannheim.korap.oauth2.oltu.OAuth2RevokeTokenSuperRequest;
diff --git a/full/src/test/java/de/ids_mannheim/korap/authentication/LdapTest.java b/full/src/test/java/de/ids_mannheim/korap/authentication/LdapTest.java
new file mode 100644
index 0000000..8ddb5d8
--- /dev/null
+++ b/full/src/test/java/de/ids_mannheim/korap/authentication/LdapTest.java
@@ -0,0 +1,42 @@
+package de.ids_mannheim.korap.authentication;
+
+import static org.junit.Assert.assertEquals;
+
+import javax.ws.rs.core.Response.Status;
+
+import org.junit.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.sun.jersey.api.client.ClientResponse;
+
+import de.ids_mannheim.korap.config.FullConfiguration;
+import de.ids_mannheim.korap.constant.AuthenticationMethod;
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.utils.JsonUtils;
+import de.ids_mannheim.korap.web.controller.OAuth2TestBase;
+
+public class LdapTest extends OAuth2TestBase {
+
+ @Autowired
+ private FullConfiguration config;
+
+ @Test
+ public void testRequestTokenPasswordUnknownUser ()
+ throws KustvaktException {
+
+ config.setOAuth2passwordAuthentication(AuthenticationMethod.LDAP);
+ ClientResponse response = requestTokenWithPassword(superClientId,
+ clientSecret, "unknown", "password");
+
+ assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
+
+ String entity = response.getEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+ assertEquals(2022, node.at("/errors/0/0").asInt());
+ assertEquals(
+ "LDAP Authentication failed due to unknown user or password!",
+ node.at("/errors/0/1").asText());
+ config.setOAuth2passwordAuthentication(AuthenticationMethod.TEST);
+ }
+}