io.dropwizard.jersey.errors.ErrorMessage Java Examples

@Test
public void testStoreException() throws Exception {
  final Notification notification =
      Notification.builder("test-category", "testing 1 2 3").build();
  when(store.store("test", notification)).thenThrow(new NotificationStoreException());

  final Response response =
      resources
          .client()
          .target("/v1/notifications/test")
          .request(MediaType.APPLICATION_JSON)
          .post(Entity.json(notification));
  final ErrorMessage actual = response.readEntity(ErrorMessage.class);

  verify(store).store("test", notification);
  assertThat(response.getStatus()).isEqualTo(500);
  assertThat(actual.getCode()).isEqualTo(500);
}
 

@Test
public void shouldReturn400WhenCalledWithEmptyJson() {
    Response response = resources.client()
        .target("/translate-response")
        .request()
        .post(json("{}"));

    assertThat(response.getStatus()).isEqualTo(HttpStatus.SC_UNPROCESSABLE_ENTITY);

    ErrorMessage actualErrorMessage = response.readEntity(ErrorMessage.class);
    assertThat(actualErrorMessage.getCode()).isEqualTo(HttpStatus.SC_UNPROCESSABLE_ENTITY);

    Set<String> expectedErrors = ImmutableSet.of("requestId may not be null", "samlResponse may not be null", "levelOfAssurance may not be null");
    Set<String> actualErrors = Arrays.stream(actualErrorMessage.getMessage().split(", ")).collect(Collectors.toSet());
    assertThat(actualErrors).isEqualTo(expectedErrors);
}
 

@Test
public void shouldReturn400WhenSamlTransformationErrorExceptionThrown() {
    JSONObject translateResponseRequest = new JSONObject().put("samlResponse", "some-saml-response")
            .put("requestId", "some-request-id")
            .put("levelOfAssurance", LEVEL_2.name());

    when(responseService.convertTranslatedResponseBody(any(), eq("some-request-id"), eq(LEVEL_2), eq(defaultEntityId)))
            .thenThrow(new SamlTransformationErrorException("Some error.", Level.ERROR));

    Response response = resources.client()
        .target("/translate-response")
        .request()
        .post(json(translateResponseRequest.toString()));

    assertThat(response.getStatus()).isEqualTo(BAD_REQUEST.getStatusCode());

    ErrorMessage actualError = response.readEntity(ErrorMessage.class);
    assertThat(actualError.getCode()).isEqualTo(BAD_REQUEST.getStatusCode());
    assertThat(actualError.getMessage()).isEqualTo("Some error.");
}
 

@Test
public void shouldReturn400WhenSamlValidationExceptionThrown() {
    JSONObject translateResponseRequest = new JSONObject().put("samlResponse", "some-saml-response")
            .put("requestId", "some-request-id")
            .put("levelOfAssurance", LEVEL_2.name());

    when(responseService.convertTranslatedResponseBody(any(), eq("some-request-id"), eq(LEVEL_2), eq(defaultEntityId)))
            .thenThrow(new SamlResponseValidationException("Some error."));

    Response response = resources.client()
            .target("/translate-response")
            .request()
            .post(json(translateResponseRequest.toString()));

    assertThat(response.getStatus()).isEqualTo(BAD_REQUEST.getStatusCode());

    ErrorMessage actualError = response.readEntity(ErrorMessage.class);
    assertThat(actualError.getCode()).isEqualTo(BAD_REQUEST.getStatusCode());
    assertThat(actualError.getMessage()).isEqualTo("Some error.");
}
 

@POST
public Response translateResponse(@NotNull @Valid TranslateSamlResponseBody translateSamlResponseBody) throws IOException {
    String entityId = entityIdService.getEntityId(translateSamlResponseBody);
    try {
        TranslatedResponseBody translatedResponseBody = responseService.convertTranslatedResponseBody(
            translateSamlResponseBody.getSamlResponse(),
            translateSamlResponseBody.getRequestId(),
            translateSamlResponseBody.getLevelOfAssurance(),
            entityId
        );

        LOG.info(String.format("Translated response for entityId: %s, requestId: %s, got Scenario: %s",
                entityId,
                translateSamlResponseBody.getRequestId(),
                translatedResponseBody.getScenario()));

        return Response.ok(translatedResponseBody).build();
    } catch (SamlResponseValidationException | SamlTransformationErrorException e) {
        LOG.warn(String.format("Error translating saml response for entityId: %s, requestId: %s, got Message: %s", entityId, translateSamlResponseBody.getRequestId(), e.getMessage()));
        return Response
            .status(BAD_REQUEST)
            .entity(new ErrorMessage(BAD_REQUEST.getStatusCode(), e.getMessage()))
            .build();
    }
}
 

@Test
public void testStoreInvalidRule() throws Exception {
  final Rule rule = Rule.builder().build();

  final Response response =
      resources
          .client()
          .target("/v1/rules/follow")
          .request(MediaType.APPLICATION_JSON)
          .put(Entity.json(rule));
  final ErrorMessage actual = response.readEntity(ErrorMessage.class);

  verify(store, never()).store(anyString(), any(Rule.class));
  assertThat(response.getStatus()).isEqualTo(400);
  assertThat(actual.getCode()).isEqualTo(400);
}
 

@Test
public void shouldRespondWithErrorWhenFraudulentMatchResponse() {

    complianceTool.initialiseWithDefaultsForV2();

    RequestResponseBody requestResponseBody = generateRequestService.generateAuthnRequest(application.getLocalPort());
    Map<String, String> translateResponseRequestData = ImmutableMap.of(
            "samlResponse", complianceTool.createResponseFor(requestResponseBody.getSamlRequest(), FRAUDULENT_MATCH_RESPONSE_WITH_NON_MATCH_SETTING_ID),
            "requestId", requestResponseBody.getRequestId(),
            "levelOfAssurance", LEVEL_2.name()
    );

    Response response = client
            .target(String.format("http://localhost:%d/translate-response", application.getLocalPort()))
            .request()
            .buildPost(json(translateResponseRequestData))
            .invoke();

    ErrorMessage errorBody = response.readEntity(ErrorMessage.class);

    assertThat(response.getStatus()).isEqualTo(BAD_REQUEST.getStatusCode());
    assertThat(errorBody.getCode()).isEqualTo(BAD_REQUEST.getStatusCode());
    assertThat(errorBody.getMessage()).contains("SAML Validation Specification: Signature was not valid.");
}
 

@Test
public void shouldThrowExceptionIfLoAReturnedByIdpIsTooLow () {
    complianceTool.initialiseWithDefaultsForV2();

    RequestResponseBody requestResponseBody = generateRequestService.generateAuthnRequest(application.getLocalPort());
    Map<String, String> translateResponseRequestData = ImmutableMap.of(
            "samlResponse", complianceTool.createResponseFor(requestResponseBody.getSamlRequest(), VERIFIED_USER_ON_SERVICE_WITH_NON_MATCH_SETTING_ID),
            "requestId", requestResponseBody.getRequestId(),
            "levelOfAssurance", LEVEL_2.name()
    );

    Response response = client
            .target(String.format("http://localhost:%d/translate-response", application.getLocalPort()))
            .request()
            .buildPost(json(translateResponseRequestData))
            .invoke();

    assertThat(response.getStatus()).isEqualTo(BAD_REQUEST.getStatusCode());
    ErrorMessage errorMessage = response.readEntity(ErrorMessage.class);
    assertThat(errorMessage.getCode()).isEqualTo(BAD_REQUEST.getStatusCode());
    assertThat(errorMessage.getMessage()).isEqualTo("Expected Level of Assurance to be at least LEVEL_2, but was LEVEL_1");
}
 

@Test
public void testStoreException() throws Exception {
  doThrow(new NotificationStoreException()).when(store).store(anyString(), any(Rule.class));

  final Rule rule = Rule.builder().withMaxSize(3).build();

  final Response response =
      resources
          .client()
          .target("/v1/rules/follow")
          .request(MediaType.APPLICATION_JSON)
          .put(Entity.json(rule));
  final ErrorMessage actual = response.readEntity(ErrorMessage.class);

  verify(store).store("follow", rule);
  assertThat(response.getStatus()).isEqualTo(500);
  assertThat(actual.getCode()).isEqualTo(500);
}
 

@Test
public void shouldRespondWithErrorWhenAssertionSignedByHub() {
    RequestResponseBody requestResponseBody = generateRequestService.generateAuthnRequest(application.getLocalPort());
    Map<String, String> translateResponseRequestData = ImmutableMap.of(
        "samlResponse", complianceTool.createResponseFor(requestResponseBody.getSamlRequest(), BASIC_SUCCESSFUL_MATCH_WITH_ASSERTIONS_SIGNED_BY_HUB_ID),
        "requestId", requestResponseBody.getRequestId(),
        "levelOfAssurance", LEVEL_2.name()
    );

    Response response = client
        .target(String.format("http://localhost:%d/translate-response", application.getLocalPort()))
        .request()
        .buildPost(json(translateResponseRequestData))
        .invoke();

    ErrorMessage errorBody = response.readEntity(ErrorMessage.class);

    assertThat(response.getStatus()).isEqualTo(BAD_REQUEST.getStatusCode());
    assertThat(errorBody.getCode()).isEqualTo(BAD_REQUEST.getStatusCode());
    assertThat(errorBody.getMessage()).contains("SAML Validation Specification: Signature was not valid.");
}
 

@Test
public void shouldReturn400IfIncorrectEntityIdProvided() {
    complianceTool.initialiseWithEntityIdAndPid(configuredEntityIdTwo, "some-expected-pid");
    RequestResponseBody requestResponseBody = generateRequestService.generateAuthnRequest(application.getLocalPort(), configuredEntityIdTwo);
    Map<String, String> translateResponseRequestData = ImmutableMap.of(
        "samlResponse", complianceTool.createResponseFor(requestResponseBody.getSamlRequest(), BASIC_SUCCESSFUL_MATCH_WITH_LOA2_ID),
        "requestId", requestResponseBody.getRequestId(),
        "levelOfAssurance", LEVEL_2.name(),
        "entityId", "http://incorrect-entity-id"
    );

    Response response = client
        .target(String.format("http://localhost:%d/translate-response", application.getLocalPort()))
        .request()
        .buildPost(json(translateResponseRequestData))
        .invoke();

    assertThat(response.getStatus()).isEqualTo(BAD_REQUEST.getStatusCode());
    assertThat(response.readEntity(ErrorMessage.class).getMessage()).isEqualTo("Provided entityId: http://incorrect-entity-id is not listed in config");
}
 

@Test
public void shouldReturn400IfNoEntityIdProvided() {
    complianceTool.initialiseWithEntityIdAndPid(configuredEntityIdOne, "some-expected-pid");
    RequestResponseBody requestResponseBody = generateRequestService.generateAuthnRequest(application.getLocalPort(), configuredEntityIdOne);
    Map<String, String> translateResponseRequestData = ImmutableMap.of(
        "samlResponse", complianceTool.createResponseFor(requestResponseBody.getSamlRequest(), BASIC_SUCCESSFUL_MATCH_WITH_LOA2_ID),
        "requestId", requestResponseBody.getRequestId(),
        "levelOfAssurance", LEVEL_2.name()
    );

    Response response = client
        .target(String.format("http://localhost:%d/translate-response", application.getLocalPort()))
        .request()
        .buildPost(json(translateResponseRequestData))
        .invoke();

    assertThat(response.getStatus()).isEqualTo(BAD_REQUEST.getStatusCode());
    assertThat(response.readEntity(ErrorMessage.class).getMessage()).isEqualTo("No entityId was provided, and there are several in config");
}
 

@Test
public void shouldReturnAnErrorWhenInvalidEntityIdProvided() {
    RequestResponseBody requestResponseBody = generateRequestService.generateAuthnRequest(application.getLocalPort());
    Map<String, String> translateResponseRequestData = ImmutableMap.of(
        "samlResponse", complianceTool.createResponseFor(requestResponseBody.getSamlRequest(), BASIC_SUCCESSFUL_MATCH_WITH_LOA2_ID),
        "requestId", requestResponseBody.getRequestId(),
        "levelOfAssurance", LEVEL_2.name(),
        "entityId", "invalidEntityId"
    );

    Response response = client
        .target(String.format("http://localhost:%d/translate-response", application.getLocalPort()))
        .request()
        .buildPost(json(translateResponseRequestData))
        .invoke();

    assertThat(response.getStatus()).isEqualTo(BAD_REQUEST.getStatusCode());
    ErrorMessage errorMessage = response.readEntity(ErrorMessage.class);
    assertThat(errorMessage.getCode()).isEqualTo(BAD_REQUEST.getStatusCode());
    assertThat(errorMessage.getMessage()).isEqualTo("Provided entityId: invalidEntityId is not listed in config");
}
 

@Test
public void shouldReturnAnErrorWhenTranslatingLowerLoAThanRequested() {
    RequestResponseBody requestResponseBody = generateRequestService.generateAuthnRequest(application.getLocalPort());
    Map<String, String> translateResponseRequestData = ImmutableMap.of(
        "samlResponse", complianceTool.createResponseFor(requestResponseBody.getSamlRequest(), BASIC_SUCCESSFUL_MATCH_WITH_LOA1_ID),
        "requestId", requestResponseBody.getRequestId(),
        "levelOfAssurance", LEVEL_2.name()
    );

    Response response = client
        .target(String.format("http://localhost:%d/translate-response", application.getLocalPort()))
        .request()
        .buildPost(json(translateResponseRequestData))
        .invoke();

    assertThat(response.getStatus()).isEqualTo(BAD_REQUEST.getStatusCode());
    ErrorMessage errorMessage = response.readEntity(ErrorMessage.class);
    assertThat(errorMessage.getCode()).isEqualTo(BAD_REQUEST.getStatusCode());
    assertThat(errorMessage.getMessage()).isEqualTo("Expected Level of Assurance to be at least LEVEL_2, but was LEVEL_1");
}
 

@Test
public void testFetchNotFound() throws Exception {
  when(store.fetch("test")).thenReturn(Optional.<UserNotifications>empty());

  final Response response =
      resources
          .client()
          .target("/v1/notifications/test")
          .request(MediaType.APPLICATION_JSON)
          .get();
  final ErrorMessage actual = response.readEntity(ErrorMessage.class);

  verify(store).fetch("test");
  assertThat(response.getStatus()).isEqualTo(404);
  assertThat(actual.getCode()).isEqualTo(404);
}
 

@Test
public void testFetchException() throws Exception {
  when(store.fetch("test")).thenThrow(new NotificationStoreException());

  final Response response =
      resources
          .client()
          .target("/v1/notifications/test")
          .request(MediaType.APPLICATION_JSON)
          .get();
  final ErrorMessage actual = response.readEntity(ErrorMessage.class);

  verify(store).fetch("test");
  assertThat(response.getStatus()).isEqualTo(500);
  assertThat(actual.getCode()).isEqualTo(500);
}
 

@Test
public void testDeleteException() throws Exception {
  doThrow(new NotificationStoreException()).when(store).remove(anyString());

  final Response response =
      resources.client().target("/v1/rules/follow").request(MediaType.APPLICATION_JSON).delete();
  final ErrorMessage actual = response.readEntity(ErrorMessage.class);

  verify(store).remove("follow");
  assertThat(response.getStatus()).isEqualTo(500);
  assertThat(actual.getCode()).isEqualTo(500);
}
 

@Test
public void testFetchException() throws Exception {
  when(store.fetch()).thenThrow(new NotificationStoreException());

  final Response response =
      resources.client().target("/v1/rules").request(MediaType.APPLICATION_JSON).get();
  final ErrorMessage actual = response.readEntity(ErrorMessage.class);

  verify(store).fetch();
  assertThat(response.getStatus()).isEqualTo(500);
  assertThat(actual.getCode()).isEqualTo(500);
}
 

@Test
public void returns422ForMalformedJson() {
    Response response = resources.target(GENERATE_REQUEST_RESOURCE_PATH)
            .request()
            .post(Entity.entity("this is not json", MediaType.APPLICATION_JSON_TYPE));
    assertThat(response.getStatus()).isEqualTo(422);
    assertThat(response.readEntity(ErrorMessage.class)).isEqualTo(new ErrorMessage(
            422,
            "Unrecognized token 'this': was expecting 'null', 'true', 'false' or NaN")
    );
}
 

@Test
public void testFetchNotFound() throws Exception {
  when(store.fetch()).thenReturn(Optional.empty());

  final Response response =
      resources.client().target("/v1/rules").request(MediaType.APPLICATION_JSON).get();
  final ErrorMessage actual = response.readEntity(ErrorMessage.class);

  verify(store).fetch();
  assertThat(response.getStatus()).isEqualTo(404);
  assertThat(actual.getCode()).isEqualTo(404);
}
 

@Override
public Response toResponse(final NotificationException exception) {
  LOGGER.debug("Error response ({}): {}", exception.getCode(), exception.getMessage());

  return Response.status(exception.getCode())
      .entity(new ErrorMessage(exception.getCode(), exception.getMessage()))
      .type(MediaType.APPLICATION_JSON)
      .build();
}
 

@Override
public Response toResponse(Throwable exception) {
    long id = logException(exception);
    int status = Response.Status.INTERNAL_SERVER_ERROR.getStatusCode();
    String errorDetails = exception.getMessage();

    //  change error details if the exception is a known DB constraint violation
    if (exception instanceof UnableToExecuteStatementException) {
        SQLException se = (SQLException) exception.getCause();
        if (se.getErrorCode() == ErrorCode.DUPLICATE_KEY_1 &&
                se.getMessage().contains("_" + DB_UNIQUE_NAME_CONSTRAINT_NAME_SUFFIX)) {
            errorDetails = "Duplicate name.";
        } else if (se.getErrorCode() == ErrorCode.CHECK_CONSTRAINT_VIOLATED_1) {
            if (se.getMessage().contains("_" + DB_PROPERTY_NAME_CONSTRAINT_NAME_SUFFIX)) {
                errorDetails = "Property/column name can not be same as preserved names and can only contain letter, digit," +
                        " $ and _ characters, beginning with letter, _ or $.";
            } else if (se.getMessage().contains("_" + DB_USERNAME_CONSTRAINT_NAME_SUFFIX)) {
                errorDetails = "Please enter a valid username: 3+ characters long, characters \"A-Za-z0-9_\".";
            }
        }
    }

    ErrorMessage errorMessage = new ErrorMessage(status, formatErrorMessage(id, exception), errorDetails);
    return Response.status(status)
            .type(MediaType.APPLICATION_JSON_TYPE)
            .entity(errorMessage)
            .build();
}
 

@Test
public void returns500IfARuntimeExceptionIsThrown() {
    when(authnRequestFactory.build(any())).thenThrow(RuntimeException.class);

    RequestGenerationBody requestGenerationBody = new RequestGenerationBody(LevelOfAssurance.LEVEL_2, null);
    Response response = resources.target(GENERATE_REQUEST_RESOURCE_PATH).request().post(Entity.entity(requestGenerationBody, MediaType.APPLICATION_JSON_TYPE));

    ErrorMessage responseEntity = response.readEntity(ErrorMessage.class);
    assertThat(responseEntity.getCode()).isEqualTo(500);
    assertThat(responseEntity.getMessage()).contains("There was an error processing your request. It has been logged (ID");
    assertThat(responseEntity.getDetails()).isNullOrEmpty();
}
 

@Test
public void returns422ForBadJson() {
    Response response = resources.target(GENERATE_REQUEST_RESOURCE_PATH)
            .request()
            .post(Entity.entity(ImmutableMap.of("bad", "json"), MediaType.APPLICATION_JSON_TYPE));
    assertThat(response.getStatus()).isEqualTo(422);
    ErrorMessage errorMessage = response.readEntity(ErrorMessage.class);
    assertThat(errorMessage.getCode()).isEqualTo(422);
    assertThat(errorMessage.getMessage()).startsWith("Unrecognized field \"bad\"");
}
 

@Test
public void shouldErrorIfVerifiedIsNotRequested() {
    Response response = getResponse(LEVEL_2, "SURNAME");
    assertThat(response.getStatus()).isEqualTo(BAD_REQUEST.getStatusCode());

    ErrorMessage errorResponse = response.readEntity(ErrorMessage.class);

    assertThat(errorResponse.getMessage()).isEqualTo("Invalid attributes request: Cannot request attribute without requesting verification status. Please check your MSA configuration settings.");
}
 

@Test
public void shouldErrorIfOnlyVerifiedIsRequested() {
    Response response = getResponse(LEVEL_2, "DATE_OF_BIRTH_VERIFIED");
    assertThat(response.getStatus()).isEqualTo(BAD_REQUEST.getStatusCode());

    ErrorMessage errorResponse = response.readEntity(ErrorMessage.class);

    assertThat(errorResponse.getMessage()).isEqualTo("Invalid attributes request: Cannot request verification status without requesting attribute value");
}
 

@Override
public Response toResponse(JerseyViolationException exception) {
    final String errors = exception.getConstraintViolations()
        .stream().map(violation -> ConstraintMessage.getMessage(violation, exception.getInvocable()))
        .collect(Collectors.joining(", "));

    LOG.warn(String.format("Request body was not valid: %s", errors));

    return Response
        .status(HttpStatus.SC_UNPROCESSABLE_ENTITY)
        .entity(new ErrorMessage(HttpStatus.SC_UNPROCESSABLE_ENTITY, errors))
        .build();
}
 

@Override
public Response toResponse(InvalidEntityIdException exception) {
    LOG.warn(String.format("Request invalid for this service provider. %s", exception.getMessage()));

    return Response
        .status(HttpStatus.SC_BAD_REQUEST)
        .entity(new ErrorMessage(HttpStatus.SC_BAD_REQUEST, exception.getMessage()))
        .build();
}
 

@Override
public Response toResponse(JsonProcessingException exception) {
    LOG.warn(String.format("Unable to parse json in request body. %s", exception.getOriginalMessage()));

    return Response
        .status(HttpStatus.SC_UNPROCESSABLE_ENTITY)
        .entity(new ErrorMessage(HttpStatus.SC_UNPROCESSABLE_ENTITY, exception.getOriginalMessage()))
        .build();
}