From 2d7ba417729d83925190bd558a90052c5448d471 Mon Sep 17 00:00:00 2001 From: Tobia De Koninck Date: Thu, 24 Dec 2020 16:04:50 +0100 Subject: [PATCH] Fix #24095: catch Exception and re-throw it using a Exception recognized by Spring --- .../auth/impl/OpenIDAuthenticationBackend.java | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/src/main/java/eu/openanalytics/containerproxy/auth/impl/OpenIDAuthenticationBackend.java b/src/main/java/eu/openanalytics/containerproxy/auth/impl/OpenIDAuthenticationBackend.java index 6704e900..e7846f7b 100644 --- a/src/main/java/eu/openanalytics/containerproxy/auth/impl/OpenIDAuthenticationBackend.java +++ b/src/main/java/eu/openanalytics/containerproxy/auth/impl/OpenIDAuthenticationBackend.java @@ -56,6 +56,8 @@ import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter; import org.springframework.security.oauth2.core.AuthorizationGrantType; import org.springframework.security.oauth2.core.OAuth2AuthenticationException; +import org.springframework.security.oauth2.core.OAuth2Error; +import org.springframework.security.oauth2.core.OAuth2ErrorCodes; import org.springframework.security.oauth2.core.oidc.OidcIdToken; import org.springframework.security.oauth2.core.oidc.OidcUserInfo; import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser; @@ -122,7 +124,6 @@ public void onAuthenticationFailure(HttpServletRequest request, HttpServletRespo .userInfoEndpoint() .userAuthoritiesMapper(createAuthoritiesMapper()) .oidcUserService(createOidcUserService()); - } @Override @@ -246,7 +247,12 @@ protected OidcUserService createOidcUserService() { return new OidcUserService() { @Override public OidcUser loadUser(OidcUserRequest userRequest) throws OAuth2AuthenticationException { - OidcUser user = super.loadUser(userRequest); + OidcUser user; + try { + user = super.loadUser(userRequest); + } catch (IllegalArgumentException ex) { + throw new OAuth2AuthenticationException(new OAuth2Error(OAuth2ErrorCodes.INVALID_REQUEST), "Error while loading user info", ex); + } String nameAttributeKey = environment.getProperty("proxy.openid.username-attribute", "email"); return new CustomNameOidcUser(new HashSet<>(user.getAuthorities()), user.getIdToken(), user.getUserInfo(), nameAttributeKey); }