ruwanta
commented
4 years ago There are few error codes and types defined in SCIM specification [1] What we can do is to have a error translator, to translate the given exception or error to the standard defined by SCIM.
SCIM allows the error detail to be more verbose and human readable.
So we could think of having translation mechanism to {ErrorCode, DcimType, Detail} tuple from internal exception or error
Description: Policy errors list is hardcoded in
org.wso2.carbon.identity.scim2.common.impl.SCIMUserManager.handleErrorsOnUserNameAndPasswordPolicy(Throwable e)Natively all username and password code are not managed. Developers can also add their own custom policies and errors code.
If an unknown error code is received a generic CharonException is thrown and a 500 is returned to the caller.
{"schemas":["urn:ietf:params:scim:api:messages:2.0:Error"],"detail":"Error while updating attributes of user: test","status":"500"}But in those cases it's a user mistake so a 4XX must be returned and an explicit error message must be sent back depending of the policy.Suggestion: Create an error code range convention for user errors or a specific class exception to catch.
Suggested Labels: BUG
Affected Product Version: All
OS, DB, other environment details and versions:
N/A
Steps to reproduce: Create your own password policy and try a bad pattern.
Related Issues: N/A