A malformed PAPE request that sends max_auth_age as a non-integer causes
PapeRequest.getMaxAuthAge() to throw a NumberFormatException , which is not
declared in the method signature or mentioned in the javadoc.
Should either handle the error internally or make it obvious to API users about
this behavior.
Here is how I handle it:
Index: src/org/openid4java/message/pape/PapeRequest.java
===================================================================
--- src/org/openid4java/message/pape/PapeRequest.java (revision 733)
+++ src/org/openid4java/message/pape/PapeRequest.java (working copy)
@@ -160,9 +160,13 @@
{
String maxAuthAge = getParameterValue("max_auth_age");
- if (maxAuthAge != null)
- return Integer.parseInt(maxAuthAge);
- else
+ if (maxAuthAge != null) {
+ try {
+ return Integer.parseInt(maxAuthAge);
+ } catch (NumberFormatException e) {
+ return -1;
+ }
+ } else
return -1;
}
Original issue reported on code.google.com by j...@slushpupie.com on 8 Feb 2013 at 6:11
Original issue reported on code.google.com by
j...@slushpupie.comon 8 Feb 2013 at 6:11