Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix OutOfBound exception in ApiKey authentication Rest API #3177

Merged
merged 2 commits into from
Dec 16, 2020

Conversation

gbarbon
Copy link
Member

@gbarbon gbarbon commented Dec 15, 2020

This PR fixes an OutOfBound exception caused by too short ApiKey credential when using the Rest APIs. Moreover, the stacktrace produced by an exception in the ApiKey authentication step is now hidden to the final user, and a clearer message is logged.

Related Issue
n/a

Description of the solution adopted
The issue was caused by the length of the API key. If the API key was shorter than KapuaAuthenticationSettingKeys.AUTHENTICATION_CREDENTIAL_APIKEY_PRE_LENGTH (which is set by default to 8), the substring method failed, because such length was shorter that the endIndex parameter. Since it is not possible to have an API key that is shorter than AUTHENTICATION_CREDENTIAL_APIKEY_PRE_LENGTH, the findByApiKey now will fail in this case.

Screenshots
n/a

Any side note on the changes made
n/a

Signed-off-by: Gianluca Barbon <gianluca.barbon@eurotech.com>
…short

Signed-off-by: Gianluca Barbon <gianluca.barbon@eurotech.com>
@gbarbon gbarbon force-pushed the fix-apiKeyAuthOutOfBoundEx branch from 428371c to 480ef2e Compare December 15, 2020 15:27
@gbarbon gbarbon marked this pull request as ready for review December 15, 2020 15:27
@codecov
Copy link

codecov bot commented Dec 15, 2020

Codecov Report

Merging #3177 (480ef2e) into develop (9468dcc) will increase coverage by 0.02%.
The diff coverage is n/a.

Impacted file tree graph

@@              Coverage Diff              @@
##             develop    #3177      +/-   ##
=============================================
+ Coverage      63.06%   63.08%   +0.02%     
- Complexity      2487     2488       +1     
=============================================
  Files           1118     1118              
  Lines          23145    23145              
  Branches        2004     2004              
=============================================
+ Hits           14596    14602       +6     
+ Misses          7627     7620       -7     
- Partials         922      923       +1     
Impacted Files Coverage Δ Complexity Δ
...lugin/authentication/AdminAuthenticationLogic.java 71.42% <0.00%> (-7.15%) 0.00% <0.00%> (ø%)
...nnection/internal/DeviceConnectionServiceImpl.java 67.41% <0.00%> (-2.25%) 16.00% <0.00%> (-1.00%)
...pse/kapua/commons/service/internal/ServiceDAO.java 74.52% <0.00%> (+0.31%) 0.00% <0.00%> (ø%)
.../jbatch/persistence/JPAPersistenceManagerImpl.java 31.60% <0.00%> (+1.03%) 30.00% <0.00%> (ø%)
...apua/job/engine/jbatch/JobEngineServiceJbatch.java 51.85% <0.00%> (+1.85%) 8.00% <0.00%> (ø%)
...ob/engine/jbatch/exception/JobEngineException.java 66.66% <0.00%> (+33.33%) 2.00% <0.00%> (+1.00%)
.../engine/jbatch/exception/JobResumingException.java 50.00% <0.00%> (+50.00%) 1.00% <0.00%> (+1.00%)

@Coduz Coduz added the Bug This is a bug or an unexpected behaviour. Fix it! label Dec 16, 2020
@Coduz Coduz merged commit 2f37244 into eclipse:develop Dec 16, 2020
@gbarbon gbarbon deleted the fix-apiKeyAuthOutOfBoundEx branch December 21, 2020 09:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Bug This is a bug or an unexpected behaviour. Fix it!
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants