Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DefaultAuthenticationClient.translateException() should be able to handle null errorCode #193

Closed
1 of 2 tasks
kaichunlin opened this issue Jun 1, 2022 · 2 comments
Closed
1 of 2 tasks

DefaultAuthenticationClient.translateException() should be able to handle null errorCode #193

kaichunlin opened this issue Jun 1, 2022 · 2 comments
Assignees
@arvindkrishnakumar-okta
Labels
OKTA-595542

Comments

@kaichunlin
Copy link

ℹ️ If you have a question, please post it on the Okta Developer Forum instead. Issues in this repository are reserved for bug reports and feature requests only.

I'm submitting a

  • bug report
  • feature request

Background info

We use a gateway that monitors the traffic to the actual login APIs to block malicious actors. When that happens, the call returns as an HTTP 4xx error with no payload.
But OKTA SDK expects to always have a payload with errorCode when a failure is encountered, so DefaultAuthenticationClient.translateException() will throw a NullPointerException

Expected behavior

The SDK should gracefully handle the no-payload scenario and ideally returns the HTTP code so the app can handle it appropriately (e.g. logs the user out if it's blocked by the gateway for security reasons, show an error message if it's HTTP 500, etc)

What went wrong?

See Background info

Steps to reproduce

  1. Use Charles to intercept one of the API calls
  2. Change HTTP status code to 4xx, and remove the payload
  3. A NullPointerException is thrown by AuthenticationClient.authenticate()

SDK Version

2.0.2
@arvindkrishnakumar-okta
Copy link
Contributor

arvindkrishnakumar-okta commented Jun 1, 2022
edited

@kaichunlin Thanks for posting!

Okta's 4xx responses usually contain a body. Can you share the full stack trace?

@kaichunlin
Copy link
Author

@arvindkrishnakumar-okta as mentioned in Background info, when a call is blocked by the gateway, a 4xx error with an empty body will be returned.
Here's the stack (with application-level entries removed):

0 = {StackTraceElement@11947} "com.okta.authn.sdk.impl.client.DefaultAuthenticationClient.translateException(DefaultAuthenticationClient.java:318)"
1 = {StackTraceElement@11948} "com.okta.authn.sdk.impl.client.DefaultAuthenticationClient.doPost(DefaultAuthenticationClient.java:309)"
2 = {StackTraceElement@11949} "com.okta.authn.sdk.impl.client.DefaultAuthenticationClient.authenticate(DefaultAuthenticationClient.java:83)"
3 = {StackTraceElement@11950} "com.okta.authn.sdk.client.AuthenticationClient.authenticate(AuthenticationClient.java:108)"
4 = {StackTraceElement@11951} "com.okta.authn.sdk.impl.client.DefaultAuthenticationClient.authenticate(DefaultAuthenticationClient.java:74)"

Merged
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@arvindkrishnakumar-okta arvindkrishnakumar-okta

Labels
OKTA-595542
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kaichunlin @arvindkrishnakumar-okta