WSO2 Open Banking Accelerator is a collection of technologies that increases the speed and reduces the complexity of adopting open banking compliance. Instead of building a solution from scratch, you can use WSO2 Open Banking Accelerator to meet all legislative requirements with additional benefits beyond compliance.
Apache License 2.0
7
stars
21
forks
source link
[Accelerator] - Server error for requests with invalid Authorization Header and without Authorization Header #5
Description:
Getting a server error for requests with invalid Authorization Header and without/empty Authorization Header.
Request with invalid Authorization Header.
TID: [-1234] [] [2022-07-17 08:18:51,682] ERROR {org.apache.synapse.transport.passthru.ServerWorker} - Error processing POST request for : /xs2a/v1/consents. java.lang.NullPointerException
at com.wso2.openbanking.accelerator.gateway.util.GatewayUtils.getPayloadFromJWT(GatewayUtils.java:67)
at com.wso2.openbanking.berlin.gateway.executors.SignatureValidationExecutor.extractClientIdFromJWT(SignatureValidationExecutor.java:704)
at com.wso2.openbanking.berlin.gateway.executors.SignatureValidationExecutor.preProcessRequest(SignatureValidationExecutor.java:232)
at com.wso2.openbanking.accelerator.gateway.executor.core.OBExtensionListenerImpl.preProcessRequest(OBExtensionListenerImpl.java:52)
at org.wso2.carbon.apimgt.gateway.handlers.ext.listener.ExtensionListenerUtil.preProcessRequest_aroundBody0(ExtensionListenerUtil.java:90)
at org.wso2.carbon.apimgt.gateway.handlers.ext.listener.ExtensionListenerUtil.preProcessRequest(ExtensionListenerUtil.java:85)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.handleRequest_aroundBody46(APIAuthenticationHandler.java:392)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.handleRequest(APIAuthenticationHandler.java:361)
at org.apache.synapse.api.API.process(API.java:389)
at org.apache.synapse.api.AbstractApiHandler.apiProcessNonDefaultStrategy(AbstractApiHandler.java:107)
at org.apache.synapse.api.AbstractApiHandler.identifyAPI(AbstractApiHandler.java:127)
at org.apache.synapse.api.AbstractApiHandler.dispatchToAPI(AbstractApiHandler.java:59)
at org.apache.synapse.api.rest.RestRequestHandler.dispatchToAPI(RestRequestHandler.java:84)
at org.apache.synapse.api.rest.RestRequestHandler.process(RestRequestHandler.java:70)
at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:54)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:344)
at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:101)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:375)
at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:434)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:182)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:834)
TID: [-1234] [] [2022-07-17 08:18:51,684] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Listener I/O dispatcher-7 << "HTTP/1.1 500 Internal Server Error[\r][\n]"
TID: [-1234] [] [2022-07-17 08:18:51,684] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Listener I/O dispatcher-7 << "Content-Type: application/json; charset=UTF-8[\r][\n]"
TID: [-1234] [] [2022-07-17 08:18:51,684] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Listener I/O dispatcher-7 << "Date: Sun, 17 Jul 2022 08:18:51 GMT[\r][\n]"
TID: [-1234] [] [2022-07-17 08:18:51,684] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Listener I/O dispatcher-7 << "Transfer-Encoding: chunked[\r][\n]"
TID: [-1234] [] [2022-07-17 08:18:51,684] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Listener I/O dispatcher-7 << "Connection: Keep-Alive[\r][\n]"
TID: [-1234] [] [2022-07-17 08:18:51,685] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Listener I/O dispatcher-7 << "[\r][\n]"
TID: [-1234] [] [2022-07-17 08:18:51,685] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Listener I/O dispatcher-7 << "4e[\r][\n]"
TID: [-1234] [] [2022-07-17 08:18:51,685] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Listener I/O dispatcher-7 << "{"Fault":{"faultcode":"soapenv:Server","faultstring":"unknown","detail":null}}[\r][\n]"
Request without/empty Authorization Header.
TID: [-1234] [] [2022-07-17 08:19:24,065] ERROR {org.apache.synapse.transport.passthru.ServerWorker} - Error processing POST request for : /xs2a/v1/consents. java.lang.ArrayIndexOutOfBoundsException: Index 1 out of bounds for length 1
at com.wso2.openbanking.accelerator.gateway.util.GatewayUtils.getPayloadFromJWT(GatewayUtils.java:67)
at com.wso2.openbanking.berlin.gateway.executors.SignatureValidationExecutor.extractClientIdFromJWT(SignatureValidationExecutor.java:704)
at com.wso2.openbanking.berlin.gateway.executors.SignatureValidationExecutor.preProcessRequest(SignatureValidationExecutor.java:232)
at com.wso2.openbanking.accelerator.gateway.executor.core.OBExtensionListenerImpl.preProcessRequest(OBExtensionListenerImpl.java:52)
at org.wso2.carbon.apimgt.gateway.handlers.ext.listener.ExtensionListenerUtil.preProcessRequest_aroundBody0(ExtensionListenerUtil.java:90)
at org.wso2.carbon.apimgt.gateway.handlers.ext.listener.ExtensionListenerUtil.preProcessRequest(ExtensionListenerUtil.java:85)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.handleRequest_aroundBody46(APIAuthenticationHandler.java:392)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.handleRequest(APIAuthenticationHandler.java:361)
at org.apache.synapse.api.API.process(API.java:389)
at org.apache.synapse.api.AbstractApiHandler.apiProcessNonDefaultStrategy(AbstractApiHandler.java:107)
at org.apache.synapse.api.AbstractApiHandler.identifyAPI(AbstractApiHandler.java:127)
at org.apache.synapse.api.AbstractApiHandler.dispatchToAPI(AbstractApiHandler.java:59)
at org.apache.synapse.api.rest.RestRequestHandler.dispatchToAPI(RestRequestHandler.java:84)
at org.apache.synapse.api.rest.RestRequestHandler.process(RestRequestHandler.java:70)
at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:54)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:344)
at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:101)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:375)
at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:434)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:182)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:834)
TID: [-1234] [] [2022-07-17 08:19:24,087] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Listener I/O dispatcher-8 << "HTTP/1.1 500 Internal Server Error[\r][\n]"
TID: [-1234] [] [2022-07-17 08:19:24,087] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Listener I/O dispatcher-8 << "Content-Type: application/json; charset=UTF-8[\r][\n]"
TID: [-1234] [] [2022-07-17 08:19:24,087] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Listener I/O dispatcher-8 << "Date: Sun, 17 Jul 2022 08:19:24 GMT[\r][\n]"
TID: [-1234] [] [2022-07-17 08:19:24,087] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Listener I/O dispatcher-8 << "Transfer-Encoding: chunked[\r][\n]"
TID: [-1234] [] [2022-07-17 08:19:24,088] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Listener I/O dispatcher-8 << "Connection: Keep-Alive[\r][\n]"
TID: [-1234] [] [2022-07-17 08:19:24,088] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Listener I/O dispatcher-8 << "[\r][\n]"
TID: [-1234] [] [2022-07-17 08:19:24,088] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Listener I/O dispatcher-8 << "69[\r][\n]"
TID: [-1234] [] [2022-07-17 08:19:24,088] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Listener I/O dispatcher-8 << "{"Fault":{"faultcode":"soapenv:Server","faultstring":"Index 1 out of bounds for length 1","detail":null}}[\r][\n]"
This behaviour can be observed in all the endpoints.
Suggested Labels:
[For non-committers only. Optional comma separated list of suggested labels. Non committers can’t assign labels to
issues, so this will help issue creators who are not a committer to suggest possible labels. Labels can be found
here - https://github.com/wso2/financial-open-banking/labels]
Suggested Assignees:
[For non-committers only. Optional comma separated list of suggested team members who should attend the issue. Non committers can’t assign issues to assignees, so this will help issue creators who are not a committer to suggest possible assignees]
Description: Getting a server error for requests with invalid Authorization Header and without/empty Authorization Header.
Request with invalid Authorization Header.
Request without/empty Authorization Header.
This behaviour can be observed in all the endpoints.
Suggested Labels: [For non-committers only. Optional comma separated list of suggested labels. Non committers can’t assign labels to issues, so this will help issue creators who are not a committer to suggest possible labels. Labels can be found here - https://github.com/wso2/financial-open-banking/labels]
Suggested Assignees: [For non-committers only. Optional comma separated list of suggested team members who should attend the issue. Non committers can’t assign issues to assignees, so this will help issue creators who are not a committer to suggest possible assignees]
Affected Product Version:
OS, DB, other environment details and versions:
Steps to reproduce:
Related Issues: