Skip to content

ServerBearerTokenAuthenticationConverter throws exceptions instead of signalling error #8865

New issue
New issue
Closed
#8894
Closed
ServerBearerTokenAuthenticationConverter throws exceptions instead of signalling error#8865
#8894
Assignees
qavid
Labels
in: webAn issue in web modules (web, webmvc)status: backportedAn issue that has been backported to maintenance branchestype: bugA general bug
Milestone
5.4.0-RC1
@qavid

Description

@qavid
qavid
opened on Jul 21, 2020

Describe the bug
ServerBearerTokenAuthenticationConverter throws exceptions in case
bearer token doesn't match pattern
or
authorization header and access token query param are both present in request.

To Reproduce
Send invalid bearer token in authorization header. For example, you can add test bellow to ServerBearerTokenAuthenticationConverterTests.

@Test
public void simpleTest() {
	MockServerHttpRequest.BaseBuilder<?> request = MockServerHttpRequest
			.get("/")
			.header(HttpHeaders.AUTHORIZATION, "bearer !!");

	assertThatCode(() -> this.converter.convert(MockServerWebExchange.from(request))).doesNotThrowAnyException();
}

Expected behavior
ServerBearerTokenAuthenticationConverter should signal error after subscribing to returned publisher not to throw error after calling convert method.

I'm able to submit a PR.

Metadata

Metadata

Assignees

Labels

in: webAn issue in web modules (web, webmvc)status: backportedAn issue that has been backported to maintenance branchestype: bugA general bug

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions