Skip to content

Commit

Permalink
Catch all unhandled ClientErrorExceptions (#744)
Browse files Browse the repository at this point in the history
  • Loading branch information
nscuro authored Jun 18, 2024
1 parent 37c8934 commit e0f083e
Show file tree
Hide file tree
Showing 2 changed files with 111 additions and 0 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
/*
* This file is part of Dependency-Track.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* SPDX-License-Identifier: Apache-2.0
* Copyright (c) OWASP Foundation. All Rights Reserved.
*/
package org.dependencytrack.resources.v1.exception;

import alpine.server.resources.GlobalExceptionHandler;

import javax.ws.rs.ClientErrorException;
import javax.ws.rs.core.Response;
import javax.ws.rs.ext.ExceptionMapper;
import javax.ws.rs.ext.Provider;

/**
* An {@link ExceptionMapper} to handle {@link ClientErrorException}s, that would otherwise be
* handled by Alpine's {@link GlobalExceptionHandler}, resulting in a misleading {@code HTTP 500} response.
*
* @since 4.11.0
*/
@Provider
public class ClientErrorExceptionMapper implements ExceptionMapper<ClientErrorException> {

@Override
public Response toResponse(ClientErrorException exception) {
return exception.getResponse();
}

}
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
/*
* This file is part of Dependency-Track.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* SPDX-License-Identifier: Apache-2.0
* Copyright (c) OWASP Foundation. All Rights Reserved.
*/
package org.dependencytrack.resources.v1.exception;

import org.dependencytrack.JerseyTestRule;
import org.dependencytrack.ResourceTest;
import org.glassfish.jersey.server.ResourceConfig;
import org.junit.ClassRule;
import org.junit.Test;

import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.core.Response;

import static org.assertj.core.api.Assertions.assertThat;

public class ClientErrorExceptionMapperTest extends ResourceTest {

@ClassRule
public static JerseyTestRule jersey = new JerseyTestRule(
new ResourceConfig(TestResource.class)
.register(ClientErrorExceptionMapper.class));

@Test
public void testNotFound() {
final Response response = jersey.target("/does/not/exist")
.request()
.get();

assertThat(response.getStatus()).isEqualTo(404);
}

@Test
public void testMethodNotAllowed() {
final Response response = jersey.target("/test/foo")
.request()
.delete();

assertThat(response.getStatus()).isEqualTo(405);
}

@Path("/test")
public static class TestResource {

@GET
@Path("/foo")
public String foo() {
return "foo";
}

}

}

0 comments on commit e0f083e

Please sign in to comment.