CORS error when calling REST API with expired access token #3308

lorthirk · 2021-05-12T07:54:25Z

Describe the bug
CORS Filter should not return an error when the token is expired, but a valid HTTP 401 response code is expected. This is probably due to the Shiro Filter being called, and returning an error, before the CORS filter can act, or due to a CORS Filter error during the execution

To Reproduce
Steps to reproduce the behavior:

Login with REST API and obtain an Access Token
Let the Access Token expire
Perform a REST API call after the token has expired
See error

Expected behavior
An HTTP 401 response should be returned

Version of Kapua
1.4.4

Type of deployment
[x] Local Vagrant deployment
[x] Docker
[x] Openshift (in its variants)
[x] Others

Main component affected
[ ] Console (in case of console please report info on which browser you encountered the problem)
[x] REST API
[ ] Message Broker
[ ] - Others

lorthirk added Bug This is a bug or an unexpected behaviour. Fix it! REST API We hope to REST everyday labels May 12, 2021

lorthirk self-assigned this May 12, 2021

lorthirk mentioned this issue Jun 3, 2021

Fix CORS Error with Expired Access Token #3324

Merged

lorthirk closed this as completed in #3324 Jun 7, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CORS error when calling REST API with expired access token #3308

CORS error when calling REST API with expired access token #3308

lorthirk commented May 12, 2021

CORS error when calling REST API with expired access token #3308

CORS error when calling REST API with expired access token #3308

Comments

lorthirk commented May 12, 2021