Global Exception Handler Response Format

ricksu978 commented 1 year ago

參考資料之一 https://www.baeldung.com/rest-api-error-handling-best-practices

除了設計格式，還有重點思考回傳 4xx & 5xx 的條件，甚麼時候該回傳 4xx 甚麼時候該回傳 5xx? 希望能有「具體」的規則可循。

m1a2st commented 1 year ago

參考資料 https://josipmisko.com/posts/rest-api-error-handling 節錄重點

HTTP Status Codes: Use HTTP status codes to indicate errors in REST APIs.
Error Codes: Use domain-specific error codes to provide more detailed information about the error.
Error Messages: Include error messages in the response body to help API consumers understand the error context.
Error Trace ID: Use a unique error trace ID to track and trace errors throughout the system.
Error Message Format: Use the application/problem+json (Problem Detail) media type to format error responses in JSON.

Should the response body include the HTTP status code? The response body should not include the HTTP status code. Including it in the response body adds to the network payload and it is redundant. Should error response include the exception message? Based on RFC7807, error response should not include the exception message or stack trace

m1a2st commented 1 year ago

參考資料 https://datatracker.ietf.org/doc/html/rfc7807

{
    "type": "https:example.com/probs/out-of-credit",
    "title": "You do not have enough credit.",
    "detail": "Your current balance is 30, but that costs 50.",
    "instance": "/account/12345/msgs/abc",
    "balance": 30,
    "accounts": ["/account/12345",
                 "/account/67890"]
}

m1a2st commented 1 year ago

Java Exception 分為

Error ：嚴重錯誤
- StackOverflow
- OutOfMemory
Exception ：可捕獲異常
- Exception ：編譯時異常
- RuntimeException：運行時異常

今天要處理的都是運行時異常

Http Status Code

4XX 為 client 端問題
5XX 為 Server 端問題

先不考慮 Error 的情況，發生 Error 的狀況時，伺服器應該就直接掛點。

若編譯時異常直接向外拋出，給 AOP 處理時，我認為狀態碼應該要屬於 5XX

而一般運行時異常，像是 NullPointerException, ArrayIndexOutOfBoundedException，也應該屬於伺服器端錯誤所以此類狀態碼也應該為 5XX

而應該拋出 4XX 異常的應為

自定義例外，如 NotFoundexcption, PlatFormException 不影響程式運作的例外
@Valid 檢查而拋出的例外也應為 4XX

常見回傳狀態碼

400 Bad Request ：由於明顯的客戶端錯誤，伺服器不能或不會處理該請求。
401 Unauthorized ：未認證
403 Forbidden：未授權
404 Not Found：請求失敗，請求所希望得到的資源未被在伺服器上發現，但允許使用者的後續請求
412 Precondition Failed：伺服器在驗證在請求的頭欄位中給出先決條件時，沒能滿足其中的一個或多個。
500 Internal Server Error：通用錯誤訊息，伺服器遇到了一個未曾預料的狀況，導致了它無法完成對請求的處理。沒有給出具體錯誤資訊。
503 Service Unavailable：由於臨時的伺服器維護或者過載，伺服器當前無法處理請求。

有可能後續會需要的狀態碼

407 Proxy Authentication Required
408 Request Timeout
429 Too Many Requests
440 Login Time-out

Exception Message

bealung

{
  "timestamp": "2020-01-01T00:00:00.000+0000",
  "status": 500,
  "error": "Internal Server Error",
  "message": "Exception Message",
  "path": "/api/v1/xxx"
}

rfc7807

{
  "type": "https://example.com/probs/out-of-credit",
  "title": "You do not have enough credit.",
  "detail": "Your current balance is 30, but that costs 50.",
  "instance": "/account/12345/msgs/abc",
  "balance": 30,
  "accounts": ["/account/12345", "/account/67890"]
}

myself

{
  "timestamp": "2020-01-01T00:00:00.000+0000",
  "httpMethod" : "GET",
  "path": "/api/v1/xxx",
  "title": "You do not have enough credit.",
  "message": "Your current balance is 30, but that costs 50."
}

ricksu978 commented 1 year ago

而一般運行時異常，像是 NullPointerException, ArrayIndexOutOfBoundedException，也應該屬於伺服器端錯誤所以此類狀態碼也應該為 5XX

而應該拋出 4XX 異常的應為

自定義例外，如 NotFoundexcption, PlatFormException 不影響程式運作的例外

@Valid 檢查而拋出的例外也應為 4XX

讚！

m1a2st commented 1 year ago

跟Rick討論完，暫定結果

{
  "timestamp": "2020-01-01T00:00:00.000+0000",
  "errorCode": "U0001",
  "message": "Your current balance is 30, but that costs 50."
}

Game-as-a-Service / Lobby-Platform-Service