search

eclipse / kapua

Eclipse Public License 2.0
222 stars 160 forks source link

FIX - Incorrect exceptions on some wrong MFA login attempts #4057

Closed Agnul97 closed 2 months ago

Agnul97 commented 2 months ago

Before this PR, these 2 behaviors were in place:

  1. If you perform a /user login withauthenticationCode as an empty String, we are throwing an Internal error which results in a HTTP 500 response.
  2. Currently we are reurning MfaRequiredException if a user has MfaOption enabled and does not provide the authenticationCode upon REST API /user login, which is correct. The problem is that we are returning the same error when the authenticationCode is provided but is wrong.

Description of the solution adopted I changed the first behaviour returning a MfaRequiredException and the second one an IncorrectCredentialsException, which is an example of AuthenticationException, the same exception that we throw when we provide wrong username & pw for a user login attempt

Any side note on the changes made Description of any other change that has been made, which is not directly linked to the issue resolution [e.g. Code clean up/Sonar issue resolution]

codecov[bot] commented 2 months ago

Codecov Report

Attention: Patch coverage is 0% with 5 lines in your changes missing coverage. Please review.

Project coverage is 16.78%. Comparing base (901f997) to head (f05a671). Report is 2 commits behind head on develop.

Additional details and impacted files [![Impacted file tree graph](https://app.codecov.io/gh/eclipse/kapua/pull/4057/graphs/tree.svg?width=650&height=150&src=pr&token=1P4N4CApH8&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=eclipse)](https://app.codecov.io/gh/eclipse/kapua/pull/4057?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=eclipse) ```diff @@ Coverage Diff @@ ## develop #4057 +/- ## ============================================= - Coverage 16.78% 16.78% -0.01% Complexity 22 22 ============================================= Files 2006 2006 Lines 52089 52093 +4 Branches 4384 4385 +1 ============================================= Hits 8745 8745 - Misses 42949 42953 +4 Partials 395 395 ``` | [Files](https://app.codecov.io/gh/eclipse/kapua/pull/4057?dropdown=coverage&src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=eclipse) | Coverage Δ | | |---|---|---| | [...ion/credential/mfa/shiro/MfaOptionServiceImpl.java](https://app.codecov.io/gh/eclipse/kapua/pull/4057?src=pr&el=tree&filepath=service%2Fsecurity%2Fshiro%2Fsrc%2Fmain%2Fjava%2Forg%2Feclipse%2Fkapua%2Fservice%2Fauthentication%2Fcredential%2Fmfa%2Fshiro%2FMfaOptionServiceImpl.java&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=eclipse#diff-c2VydmljZS9zZWN1cml0eS9zaGlyby9zcmMvbWFpbi9qYXZhL29yZy9lY2xpcHNlL2thcHVhL3NlcnZpY2UvYXV0aGVudGljYXRpb24vY3JlZGVudGlhbC9tZmEvc2hpcm8vTWZhT3B0aW9uU2VydmljZUltcGwuamF2YQ==) | `6.79% <0.00%> (-0.14%)` | :arrow_down: |