Improved exception handling in ApiKey authentication when ApiKey too …

…short

Signed-off-by: Gianluca Barbon <gianluca.barbon@eurotech.com>

service/security/shiro/src/main/java/org/eclipse/kapua/service/authentication/credential/shiro/CredentialServiceImpl.java

@@ -343,9 +343,14 @@ public CredentialListResult findByUserId(KapuaId scopeId, KapuaId userId)
 
     @Override
     public Credential findByApiKey(String apiKey) throws KapuaException {
+
+        KapuaAuthenticationSetting setting = KapuaAuthenticationSetting.getInstance();
+        int preLength = setting.getInt(KapuaAuthenticationSettingKeys.AUTHENTICATION_CREDENTIAL_APIKEY_PRE_LENGTH);
+
         //
         // Argument Validation
         ArgumentValidator.notEmptyOrNull(apiKey, "apiKey");
+        ArgumentValidator.lengthRange(apiKey, preLength, null, "apiKey");
 
         //
         // Do the find
@@ -355,8 +360,6 @@ public Credential findByApiKey(String apiKey) throws KapuaException {
 
             //
             // Build search query
-            KapuaAuthenticationSetting setting = KapuaAuthenticationSetting.getInstance();
-            int preLength = setting.getInt(KapuaAuthenticationSettingKeys.AUTHENTICATION_CREDENTIAL_APIKEY_PRE_LENGTH);
             String preSeparator = setting.getString(KapuaAuthenticationSettingKeys.AUTHENTICATION_CREDENTIAL_APIKEY_PRE_SEPARATOR);
             String apiKeyPreValue = apiKey.substring(0, preLength).concat(preSeparator);
 

service/security/shiro/src/main/java/org/eclipse/kapua/service/authentication/shiro/realm/ApiKeyAuthenticatingRealm.java

@@ -24,6 +24,7 @@
 import org.apache.shiro.session.Session;
 import org.apache.shiro.subject.Subject;
 import org.eclipse.kapua.KapuaException;
+import org.eclipse.kapua.KapuaIllegalArgumentException;
 import org.eclipse.kapua.KapuaRuntimeException;
 import org.eclipse.kapua.commons.security.KapuaSecurityUtils;
 import org.eclipse.kapua.locator.KapuaLocator;
@@ -39,6 +40,8 @@
 import org.eclipse.kapua.service.user.User;
 import org.eclipse.kapua.service.user.UserService;
 import org.eclipse.kapua.service.user.UserStatus;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.util.Date;
 import java.util.Map;
@@ -51,6 +54,8 @@
  */
 public class ApiKeyAuthenticatingRealm extends AuthenticatingRealm {
 
+    private static final Logger logger = LoggerFactory.getLogger(ApiKeyAuthenticatingRealm.class);
+
     private static final KapuaLocator LOCATOR = KapuaLocator.getInstance();
 
     /**
@@ -95,11 +100,13 @@ protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authent
         //
         // Find credentials
         // FIXME: manage multiple credentials and multiple credentials type
-        final Credential credential;
+        Credential credential = null;
         try {
             credential = KapuaSecurityUtils.doPrivileged(() -> credentialService.findByApiKey(tokenApiKey));
         } catch (AuthenticationException ae) {
             throw ae;
+        } catch (KapuaIllegalArgumentException kiae) {
+            logger.warn("Api Key value is not valid");
         } catch (Exception e) {
             throw new ShiroException("Error while find credentials!", e);
         }
@@ -123,7 +130,8 @@ protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authent
         // Get the associated user by name
         final User user;
         try {
-            user = KapuaSecurityUtils.doPrivileged(() -> userService.find(credential.getScopeId(), credential.getUserId()));
+            Credential finalCredential = credential;
+            user = KapuaSecurityUtils.doPrivileged(() -> userService.find(finalCredential.getScopeId(), finalCredential.getUserId()));
         } catch (AuthenticationException ae) {
             throw ae;
         } catch (Exception e) {