diff --git a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/AuthenticationService.java b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/AuthenticationService.java index 4f6f8c220c1..da135892788 100644 --- a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/AuthenticationService.java +++ b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/AuthenticationService.java @@ -139,35 +139,80 @@ private void handleSuccessAuthResponse(AuthServiceRequestWrapper request, AuthSe private void handleFailedAuthResponse(AuthServiceRequestWrapper request, AuthServiceResponseWrapper response, AuthServiceResponse authServiceResponse) throws AuthServiceException { - String errorCode = null; - String errorMessage = null; if (request.isAuthFlowConcluded()) { - authServiceResponse.setSessionDataKey(request.getSessionDataKey()); - authServiceResponse.setFlowStatus(AuthServiceConstants.FlowStatus.FAIL_COMPLETED); - AuthenticationResult authenticationResult = getAuthenticationResult(request); - if (authenticationResult != null) { - errorCode = (String) authenticationResult.getProperty(FrameworkConstants.AUTH_ERROR_CODE); - errorMessage = (String) authenticationResult.getProperty(FrameworkConstants.AUTH_ERROR_MSG); - } + handleFailedConcludedAuthResponse(request, authServiceResponse); } else { - authServiceResponse.setSessionDataKey(request.getSessionDataKey()); - authServiceResponse.setFlowStatus(AuthServiceConstants.FlowStatus.FAIL_INCOMPLETE); - List authenticatorDataList = request.getAuthInitiationData(); - AuthServiceResponseData responseData = new AuthServiceResponseData(authenticatorDataList); - authServiceResponse.setData(responseData); - errorCode = getErrorCode(response); - errorMessage = getErrorMessage(response); + handleFailedIncompleteAuthResponse(request, response, authServiceResponse); + } + } + + private void handleFailedConcludedAuthResponse(AuthServiceRequestWrapper request, + AuthServiceResponse authServiceResponse) { + + String errorCode = AuthServiceConstants.ErrorMessage.ERROR_AUTHENTICATION_FAILURE.code(); + String errorMessage = AuthServiceConstants.ErrorMessage.ERROR_AUTHENTICATION_FAILURE.message(); + String errorDescription = AuthServiceConstants.ErrorMessage.ERROR_AUTHENTICATION_FAILURE.description(); + String internalErrorCode = null; + String internalErrorMessage = null; + + authServiceResponse.setSessionDataKey(request.getSessionDataKey()); + authServiceResponse.setFlowStatus(AuthServiceConstants.FlowStatus.FAIL_COMPLETED); + AuthenticationResult authenticationResult = getAuthenticationResult(request); + if (authenticationResult != null) { + internalErrorCode = (String) authenticationResult.getProperty(FrameworkConstants.AUTH_ERROR_CODE); + internalErrorMessage = (String) authenticationResult.getProperty(FrameworkConstants.AUTH_ERROR_MSG); + } + + String errorMsgBuilder = StringUtils.EMPTY; + if (StringUtils.isNotBlank(internalErrorCode)) { + errorMsgBuilder = internalErrorCode; + } + + if (StringUtils.isNotBlank(internalErrorMessage)) { + if (StringUtils.isNotBlank(errorMsgBuilder)) { + errorMsgBuilder = errorMsgBuilder + AuthServiceConstants.INTERNAL_ERROR_MSG_SEPARATOR + + internalErrorMessage; + } else if (StringUtils.isBlank(errorMsgBuilder)) { + errorMsgBuilder = internalErrorMessage; + } + } + + /*If there is an error message and an error code provided from the authentication framework then the + final error message will be set as " - ". + This is done to preserve the error details while sending out a standard error response.*/ + if (StringUtils.isNotBlank(errorMsgBuilder)) { + errorMessage = errorMsgBuilder; } + AuthServiceErrorInfo errorInfo = new AuthServiceErrorInfo(errorCode, errorMessage, errorDescription); + authServiceResponse.setErrorInfo(errorInfo); + } + + private void handleFailedIncompleteAuthResponse(AuthServiceRequestWrapper request, AuthServiceResponseWrapper + response, AuthServiceResponse authServiceResponse) throws AuthServiceException { + + String errorCode; + String errorMessage; + String errorDescription = AuthServiceConstants.ErrorMessage. + ERROR_AUTHENTICATION_FAILURE_RETRY_AVAILABLE.description(); + + authServiceResponse.setSessionDataKey(request.getSessionDataKey()); + authServiceResponse.setFlowStatus(AuthServiceConstants.FlowStatus.FAIL_INCOMPLETE); + List authenticatorDataList = request.getAuthInitiationData(); + AuthServiceResponseData responseData = new AuthServiceResponseData(authenticatorDataList); + authServiceResponse.setData(responseData); + errorCode = getErrorCode(response); + errorMessage = getErrorMessage(response); + if (StringUtils.isBlank(errorCode)) { - errorCode = AuthServiceConstants.ERROR_CODE_UNKNOWN_ERROR; + errorCode = AuthServiceConstants.ErrorMessage.ERROR_AUTHENTICATION_FAILURE_RETRY_AVAILABLE.code(); } if (StringUtils.isBlank(errorMessage)) { - errorMessage = AuthServiceConstants.ERROR_MSG_UNKNOWN_ERROR; + errorMessage = AuthServiceConstants.ErrorMessage.ERROR_AUTHENTICATION_FAILURE_RETRY_AVAILABLE.message(); } - AuthServiceErrorInfo errorInfo = new AuthServiceErrorInfo(errorCode, errorMessage); + AuthServiceErrorInfo errorInfo = new AuthServiceErrorInfo(errorCode, errorMessage, errorDescription); authServiceResponse.setErrorInfo(errorInfo); } diff --git a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/model/auth/service/AuthServiceErrorInfo.java b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/model/auth/service/AuthServiceErrorInfo.java index 6b587a1525a..b4379d07f17 100644 --- a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/model/auth/service/AuthServiceErrorInfo.java +++ b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/model/auth/service/AuthServiceErrorInfo.java @@ -25,15 +25,17 @@ public class AuthServiceErrorInfo { private String errorCode; private String errorMessage; + private String errorDescription; public AuthServiceErrorInfo() { } - public AuthServiceErrorInfo(String errorCode, String errorMessage) { + public AuthServiceErrorInfo(String errorCode, String errorMessage, String errorDescription) { this.errorCode = errorCode; this.errorMessage = errorMessage; + this.errorDescription = errorDescription; } public String getErrorCode() { @@ -55,4 +57,14 @@ public void setErrorMessage(String errorMessage) { this.errorMessage = errorMessage; } + + public String getErrorDescription() { + + return errorDescription; + } + + public void setErrorDescription(String errorDescription) { + + this.errorDescription = errorDescription; + } } diff --git a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/util/auth/service/AuthServiceConstants.java b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/util/auth/service/AuthServiceConstants.java index fd9a989384a..7b051d32665 100644 --- a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/util/auth/service/AuthServiceConstants.java +++ b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/util/auth/service/AuthServiceConstants.java @@ -41,11 +41,10 @@ public enum FlowStatus { public static final String FLOW_ID = "flowId"; public static final String AUTHENTICATOR_SEPARATOR = ";"; public static final String AUTHENTICATOR_IDP_SEPARATOR = ":"; + public static final String INTERNAL_ERROR_MSG_SEPARATOR = "-"; public static final String AUTH_FAILURE_PARAM = "authFailure"; public static final String AUTH_FAILURE_MSG_PARAM = "authFailureMsg"; public static final String ERROR_CODE_PARAM = "errorCode"; - public static final String ERROR_CODE_UNKNOWN_ERROR = "UNKNOWN_ERROR"; - public static final String ERROR_MSG_UNKNOWN_ERROR = "Unknown error occurred."; public static final String ERROR_CODE_PREFIX = "ABA-"; /** @@ -57,7 +56,13 @@ public enum ErrorMessage { ERROR_INVALID_AUTH_REQUEST("60001", "Invalid authentication request.", "Received authentication request is invalid."), - ERROR_INVALID_AUTHENTICATOR_ID("60002", + ERROR_AUTHENTICATION_FAILURE("60002", + "Authentication failure.", + "Authentication flow has concluded with a failure."), + ERROR_AUTHENTICATION_FAILURE_RETRY_AVAILABLE("60003", + "Authentication failure.", + "Authentication failure please retry."), + ERROR_INVALID_AUTHENTICATOR_ID("60004", "Invalid authenticatorId.", "Provided authenticatorId %s is invalid."), diff --git a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/test/java/org/wso2/carbon/identity/application/authentication/framework/AuthenticationServiceTest.java b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/test/java/org/wso2/carbon/identity/application/authentication/framework/AuthenticationServiceTest.java index 2db89abc0e1..0df68a90c23 100644 --- a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/test/java/org/wso2/carbon/identity/application/authentication/framework/AuthenticationServiceTest.java +++ b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/test/java/org/wso2/carbon/identity/application/authentication/framework/AuthenticationServiceTest.java @@ -157,16 +157,19 @@ public void testHandleAuthentication(boolean isMultiOpsResponse, String redirect public Object[][] authProviderForFailures() { // String redirectUrl, Object authenticatorFlowStatus, Object authServiceFlowStatus, - // String sessionDataKey, String authenticatorList, String errorCode,String errorMsg + // String sessionDataKey, String authenticatorList, String errorCode, String errorMsg return new Object[][]{ {getFailureRedirectUrl(SESSION_DATA_KEY, SINGLE_AUTHENTICATOR, ERROR_MSG_LOGIN_FAIL), AuthenticatorFlowStatus.INCOMPLETE, AuthServiceConstants.FlowStatus.FAIL_INCOMPLETE, - SESSION_DATA_KEY, SINGLE_AUTHENTICATOR, AuthServiceConstants.ERROR_CODE_UNKNOWN_ERROR, + SESSION_DATA_KEY, SINGLE_AUTHENTICATOR, + AuthServiceConstants.ErrorMessage.ERROR_AUTHENTICATION_FAILURE_RETRY_AVAILABLE.code(), ERROR_MSG_LOGIN_FAIL}, {getFinalRedirectUrl(FINAL_SESSION_DATA_KEY), AuthenticatorFlowStatus.FAIL_COMPLETED, AuthServiceConstants.FlowStatus.FAIL_COMPLETED, - FINAL_SESSION_DATA_KEY, StringUtils.EMPTY, AuthServiceConstants.ERROR_CODE_UNKNOWN_ERROR, - AuthServiceConstants.ERROR_MSG_UNKNOWN_ERROR}, + FINAL_SESSION_DATA_KEY, StringUtils.EMPTY, + AuthServiceConstants.ErrorMessage.ERROR_AUTHENTICATION_FAILURE.code(), + AuthServiceConstants.ErrorMessage.ERROR_AUTHENTICATION_FAILURE.message()} + , }; }