You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on May 31, 2022. It is now read-only.
When attempting to access a syntactically invalid URL (but allowed by the Browser), like /[], on a Spring application with the OAuth2 Client enabled (using @EnableOAuth2Client), an exception is thrown.
This seems to be caused by OAuth2ClientContextFilter use of ServletUriComponentsBuilder.fromRequest to compute the 'current URL', which is later used to implement AccessTokenRequest.getCurrentUri. As invalid URLs throw a URISyntaxException on fromRequest, an uncaught exception is raised, causing a 500 error.
Expected Behavior
The server returns a 4xx class error (like a 400 or a 404) or allows the filter chain to proceed.
Actual Behavior
The server returns a 500 error.
Steps to reproduce
Create a new Spring Boot app with Web and Cloud OAuth2
Add @EnableOAuth2Client to your app
Navigate to http://localhost:8080/[]
The text was updated successfully, but these errors were encountered:
We are encountering this as well. In fact, the Spring error handling like @ControllerAdvice, etc, is not catching the error. The 500 and the stack trace for us is being sent to the client.
Description
When attempting to access a syntactically invalid URL (but allowed by the Browser), like
/[]
, on a Spring application with the OAuth2 Client enabled (using@EnableOAuth2Client
), an exception is thrown.This seems to be caused by
OAuth2ClientContextFilter
use ofServletUriComponentsBuilder.fromRequest
to compute the 'current URL', which is later used to implementAccessTokenRequest.getCurrentUri
. As invalid URLs throw aURISyntaxException
onfromRequest
, an uncaught exception is raised, causing a 500 error.Expected Behavior
The server returns a 4xx class error (like a 400 or a 404) or allows the filter chain to proceed.
Actual Behavior
The server returns a 500 error.
Steps to reproduce
Web
andCloud OAuth2
@EnableOAuth2Client
to your apphttp://localhost:8080/[]
The text was updated successfully, but these errors were encountered: