Giters

swedenconnect / bankid-saml-idp

A SAML IdP for BankID

Home Page:https://www.swedenconnect.se

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Invalid user message leads to wrong error reported by the IdP

martin-lindstrom opened this issue · comments

commented

If I accidently misconfigure the user message that should be displayed in the app, we report that the operation has expired.

Screenshot 2023-12-15 at 11 44 49

The log:

2023-12-15T11:44:16.140+01:00 DEBUG 1 --- [nio-9070-exec-1] s.s.b.r.service.impl.BankIDClientImpl    : Request serialized {"endUserIp":"192.168.176.1","requirement":{"pinCode":false},"userVisibleData":"RHUgbG9nZ2FyIG51IGluIHRpbGwgZW4gdXRsw6RuZHNrIGUtdGrDpG5zdC4KClZpIGRlbGFyIGbDtmxqYW5kZSBkYXRhIG9tIGRpZzoKKyBEaXR0IHBlcnNvbm51bW1lcgorRGl0dCBmw7ZyLSBvY2ggZWZ0ZXJuYW1u","userVisibleDataFormat":"simpleMarkdownV1"}
bankid-idp                  | 2023-12-15T11:44:16.194+01:00  INFO 1 --- [ctor-http-nio-4] s.s.b.r.service.impl.BankIDClientImpl    : Error in request to bankid: se.swedenconnect.bankid.rpapi.service.AuthenticateRequest@39ffd881
bankid-idp                  | 
bankid-idp                  | se.swedenconnect.bankid.rpapi.service.impl.BankIdUserException: Error to communicate with BankID API response:{errorCode=invalidParameters, details=At (5, 1): Initial token for unordered list items must be '+' and it must be followed by space.}
bankid-idp                  | 	at se.swedenconnect.bankid.rpapi.service.impl.BankIdErrorBodyExtractors.lambda$userErrorBodyExtractor$0(BankIdErrorBodyExtractors.java:39)
bankid-idp                  | 	Suppressed: reactor.core.publisher.FluxOnAssembly$OnAssemblyException: 
bankid-idp                  | Error has been observed at the following site(s):
bankid-idp                  | 	*__checkpoint ⇢ 400 BAD_REQUEST from POST https://appapi2.test.bankid.com/rp/v6.0/auth [DefaultWebClient]
bankid-idp                  | Original Stack Trace:
bankid-idp                  | 		at se.swedenconnect.bankid.rpapi.service.impl.BankIdErrorBodyExtractors.lambda$userErrorBodyExtractor$0(BankIdErrorBodyExtractors.java:39)
bankid-idp                  | 		at reactor.core.publisher.FluxMapFuseable$MapFuseableSubscriber.onNext(FluxMapFuseable.java:113)
bankid-idp                  | 		at reactor.core.publisher.MonoFlatMap$FlatMapMain.onNext(MonoFlatMap.java:158)
bankid-idp                  | 		at reactor.core.publisher.FluxContextWrite$ContextWriteSubscriber.onNext(FluxContextWrite.java:107)
bankid-idp                  | 		at reactor.core.publisher.FluxMapFuseable$MapFuseableConditionalSubscriber.onNext(FluxMapFuseable.java:299)
bankid-idp                  | 		at reactor.core.publisher.FluxFilterFuseable$FilterFuseableConditionalSubscriber.onNext(FluxFilterFuseable.java:337)
bankid-idp                  | 		at reactor.core.publisher.Operators$BaseFluxToMonoOperator.completePossiblyEmpty(Operators.java:2071)
bankid-idp                  | 		at reactor.core.publisher.MonoCollect$CollectSubscriber.onComplete(MonoCollect.java:145)
bankid-idp                  | 		at reactor.core.publisher.FluxMap$MapSubscriber.onComplete(FluxMap.java:144)
bankid-idp                  | 		at reactor.core.publisher.FluxPeek$PeekSubscriber.onComplete(FluxPeek.java:260)
bankid-idp                  | 		at reactor.core.publisher.FluxMap$MapSubscriber.onComplete(FluxMap.java:144)
bankid-idp                  | 		at reactor.netty.channel.FluxReceive.onInboundComplete(FluxReceive.java:413)
bankid-idp                  | 		at reactor.netty.channel.ChannelOperations.onInboundComplete(ChannelOperations.java:444)
bankid-idp                  | 		at reactor.netty.channel.ChannelOperations.terminate(ChannelOperations.java:498)
bankid-idp                  | 		at reactor.netty.http.client.HttpClientOperations.onInboundNext(HttpClientOperations.java:753)
bankid-idp                  | 		at reactor.netty.channel.ChannelOperationsHandler.channelRead(ChannelOperationsHandler.java:114)
bankid-idp                  | 		at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
bankid-idp                  | 		at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
bankid-idp                  | 		at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
bankid-idp                  | 		at io.netty.channel.CombinedChannelDuplexHandler$DelegatingChannelHandlerContext.fireChannelRead(CombinedChannelDuplexHandler.java:436)
bankid-idp                  | 		at io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:346)
bankid-idp                  | 		at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:318)
bankid-idp                  | 		at io.netty.channel.CombinedChannelDuplexHandler.channelRead(CombinedChannelDuplexHandler.java:251)
bankid-idp                  | 		at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:442)
bankid-idp                  | 		at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
bankid-idp                  | 		at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
bankid-idp                  | 		at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1471)
bankid-idp                  | 		at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1334)
commented

Fixed in #236. Will be part of 1.1.3.