New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
smallrye jwt 401 cannot be intercepted by ExceptionMapper #29896
Comments
/cc @Ladicek(smallrye), @evanchooly(kotlin), @geoand(kotlin), @jmartisk(smallrye), @phillip-kruger(smallrye), @radcortez(smallrye), @sberyozkin(jwt) |
Hi @olivierbeltrandocintoo @michalvavrik has opened #29590 to also support exception mapping for Resteasy Reactive in the proactive auth mode |
Yep, I agree with Sergey, and if you experience problem in 2.14.2.Final, let's try also 2.15.0.Final please. #29590 should handle this, but let's keep the issue open please so that I can link the PR with issue. @olivierbeltrandocintoo please let me know if it worked, thank you. |
Firstly many many thanks !! Note: The app I have right now is running with Quarkus Setting the @Provider
@Priority(1)
class AuthenticationExceptionMapper : ExceptionMapper<AuthenticationFailedException?> {
override fun toResponse(exception: AuthenticationFailedException?): Response {
val message = exception?.cause?.message ?: "could not get cause"
return Response.status(Response.Status.UNAUTHORIZED)
.entity(
Json.createObjectBuilder()
.add("authentfail", message)
.add("code", 401)
.build()
)
.build()
}
} result {"authentfail":"SRJWT07000: Failed to verify a token","code":401} The drawback though is that I had to 'protect' manually the endpoints (ie. add the Again, many many thanks for the help I really look forward to see the ExceptionMapper also doing the job with the Cheers, |
I forgot to mention that I failed to make the other piece of code in the examples to work. |
We have test that should be similar to your case https://github.com/quarkusio/quarkus/blob/main/extensions/smallrye-jwt/deployment/src/test/java/io/quarkus/jwt/test/EnabledProactiveAuthFailedExceptionHandlerTest.java, but I agree with exception mappers note. |
Just FYI, it is not required if you prefer not to,
should do as well |
Thank you :) |
quarkusio#29896 (cherry picked from commit 8ed165f)
Describe the bug
Hello,
I cannot seem to be able to intercept the
quarkus-smallrye-jwt
401 error resulting from a request with an invalid token.Of course the normal use case of having a valid token works perfectly, and I am able to catch exceptions thrown from the code with ExceptionMapper (which is aweseome).
I have read several tickets about not being able to intercept/customize those exceptions, and I did not really succeed at discovering what was the good combination to get this working.
Would you please be so kind as to give me a pointer on a working configuration ?
content of the
application.properties
I have tried different implementations with the following exceptions as a parameter to the Generic
Exception
AuthenticationFailedException
UnauthorizedException
They look like this (I have hardcoded the error code because I am stuck before :))
I also have tried the ResponseFilter that work for normal requests, but for the JWT auth it is bypassed
The quarkus.platform.version in my pom.xml file
Expected behavior
I should be able to override the response sent on an authentication failure (401) from the
quarkus-smallrye-jwt
stack, and return a custom body. Example of bodies that I'd like to send :)Actual behavior
Empty body, with 401 http status code
How to Reproduce?
quarkus extension add 'smallrye-jwt,smallrye-jwt-build'
resources
dirAuthorization
header withBearer
From there I tried what was described above to catch the default 401 and override it but I did not manage.
Output of
uname -a
orver
Microsoft Windows [version 10.0.22000.1335]
Output of
java -version
openjdk version "17" 2021-09-14 OpenJDK Runtime Environment (build 17+35-2724) OpenJDK 64-Bit Server VM (build 17+35-2724, mixed mode, sharing)
GraalVM version (if different from Java)
No response
Quarkus version or git rev
2.14.2.Final
Build tool (ie. output of
mvnw --version
orgradlew --version
)Apache Maven 3.8.6 (84538c9988a25aec085021c365c560670ad80f63) Maven home: C:\Users\OlivierBeltrando.m2\wrapper\dists\apache-maven-3.8.6-bin\67568434\apache-maven-3.8.6 Java version: 17, vendor: Oracle Corporation, runtime: C:\Users\OlivierBeltrando\bin\openjdk-17+35_windows-x64_bin\jdk-17 Default locale: fr_FR, platform encoding: Cp1252 OS name: "windows 10", version: "10.0", arch: "amd64", family: "windows"
Additional information
No response
The text was updated successfully, but these errors were encountered: