Remove invalid user EIDs and UIDs from bid request #3891
Conversation
| @@ -35,6 +35,8 @@ const ( | |||
| InvalidBidResponseDSAWarningCode | |||
| SecCookieDeprecationLenWarningCode | |||
| SecBrowsingTopicsWarningCode | |||
| InvalidUserEIDsWarningCode | |||
| InvalidUserUIDsWarningCode | |||
There was a problem hiding this comment.
Do these new warning codes match with PBS-Java? We try to keep in sync.
There was a problem hiding this comment.
Can you please help me to get those error codes. Do we have any document or PR to check new warning codes match with PBS-Java.
There was a problem hiding this comment.
As per prebid-server-java/pull/3465, I understand that the same 999 warning code is being used when removing eids arrays. In the Prebid Server Go repository, 999 corresponds to UnknownErrorCode in the error codes reference. Are we intending to use UnknownErrorCode here as well?
In this PR, I introduced InvalidUserEIDsWarningCode (10013) and InvalidUserUIDsWarningCode (10014). If we are okay with a generic error code, we could use UnknownErrorCode (999). However, please confirm whether we want separate error codes for InvalidUserEIDs and InvalidUserUIDs, or if using 999 would suffice.
Kindly provide your input on this.
| @@ -1,42 +0,0 @@ | |||
| { | |||
There was a problem hiding this comment.
Instead of removing these tests cases, please modify them to prove the new behavior.
| @@ -1296,8 +1296,14 @@ func (deps *endpointDeps) validateUser(req *openrtb_ext.RequestWrapper, aliases | |||
| // Check Universal User ID | |||
| eids := userExt.GetEid() | |||
| if eids != nil { | |||
| eidsValue := *eids | |||
| for eidIndex, eid := range eidsValue { | |||
|
|
|||
There was a problem hiding this comment.
Nitpick; Please remove the leading empty line.
|
|
||
| if len(eidErrors) > 0 { | ||
| errL = append(errL, eidErrors...) | ||
| } |
There was a problem hiding this comment.
Likely fine to keep this logic here for now. We want to separate validation from fixing in the future. We can refactor this new logic along with the rest later. Thoughts @bsardo?
endpoints/openrtb2/auction.go
Outdated
| validEIDs = append(validEIDs, eid) | ||
| } else { | ||
| errorsList = append(errorsList, &errortypes.Warning{ | ||
| Message: fmt.Sprintf("Removed EID with empty UIDs (source: %s)", eid.Source), |
There was a problem hiding this comment.
Please keep with the established error message format. Perhaps something like:
request.user.ext.eids[0] (source: %s) contains only empty uids and is removed from the request
endpoints/openrtb2/auction_test.go
Outdated
| expectedErrorMessages []string | ||
| }{ | ||
| { | ||
| name: "Valid EID with non-empty UID", |
There was a problem hiding this comment.
Go test names cannot contain spaces so they are replaced with a dash character. This makes it hard to locate the failing test based on its name. Recommend using simpler test names like:
one-eid-one-uid-validone-eid-one-uid-emptymany-mixedone-eid-many-uid-empty
The parent test name is within scope so it's easy to locate in source. Please apply this guidance to other tests added in this PR.
endpoints/openrtb2/auction_test.go
Outdated
| t.Run(tc.name, func(t *testing.T) { | ||
| validEIDs, errorsList := validateEIDs(tc.input) | ||
|
|
||
| if len(validEIDs) != len(tc.expected) { |
There was a problem hiding this comment.
Please use testify assert statements where possible. This can be written as follows which will compare the contents instead of just the array lengths, yielding more concrete tests.
assert.ElementsMatch(e, tc.expected, validEIDs)
| expectedValidUIDs: nil, | ||
| expectedErrors: nil, | ||
| }, | ||
| } |
There was a problem hiding this comment.
Please add a test case for a nil input.
|
Hi @Pubmatic-Supriya-Patil, can you please merge with master (no rebase) and resolve conflicts? Thanks! |
|
Thank you for contributing this feature Please address the comments and we will re-review. |
HI @bsardo I have updated branch and addressed review comments. |
endpoints/openrtb2/auction.go
Outdated
| for uidIndex, uid := range eid.UIDs { | ||
| if uid.ID == "" { | ||
| return append(errL, fmt.Errorf("request.user.eids[%d].uids[%d] missing required field: \"id\"", eidIndex, uidIndex)) | ||
| } |
There was a problem hiding this comment.
At this time we will not have empty eid.ID, correct? there is a check for this already in line 1334.
There was a problem hiding this comment.
Also do we need to set "clean" EIDs back to req.User.EIDs?
Something like req.User.EIDs = validEids after the for loop?
Please correct me if I'm wrong. We don't want to fail the entire request if there is at least one invalid EID, correct? Or do we want to drop invalid ones and continue the execution?
If we want to continue the execution - please add this fix and json tests where we validate "clean" user.EIDs and error messages.
There was a problem hiding this comment.
Can we remove if len(eid.UIDs) == 0 { validation also from validateUser function. This is also not possible because validateEids wil return error for emtpy uids. Please provide your suggestions @VeronikaSolovei9
There was a problem hiding this comment.
No no, I didn't ask to delete if len(eid.UIDs) == 0 { - it is needed here. I only asked about if we want to add valid aids to the request. And you fixed this by adding this line: req.User.EIDs = validEids
There was a problem hiding this comment.
Okay. Thanks. Please review PR
|
@Pubmatic-Supriya-Patil : Please respond to this comments. |
|
@Pubmatic-Supriya-Patil can you please merge with master? That should resolve the failing validate-merge check. |
| for eidIndex, eid := range validEids { | ||
| if eid.Source == "" { | ||
| return append(errL, fmt.Errorf("request.user.eids[%d] missing required field: \"source\"", eidIndex)) | ||
| } | ||
|
|
||
| for uidIndex, uid := range eid.UIDs { | ||
| if uid.ID == "" { | ||
| return append(errL, fmt.Errorf("request.user.eids[%d].uids[%d] missing required field: \"id\"", eidIndex, uidIndex)) | ||
| if len(eid.UIDs) == 0 { | ||
| return append(errL, fmt.Errorf("request.user.eids[%d].uids must contain at least one element or be undefined", eidIndex)) |
There was a problem hiding this comment.
This code fails the request if eids look like this:
"eids": [
{
"source": "uidapi.com",
"uids": [
{
"id": ""
},
{
"id": "id111111"
}
]
},
{
"source": "liveramp.com",
"uids": [
{
"id": "id22222"
}
]
},
{
"source": "", <<< this is the problem
"uids": [
{
"id": "123"
},
{
"id": "1234"
}
]
}
]All eids are added to the valid list, because they have at least one valid id. The last eid doesn't have a source and instead of removing this eid from the list of valid aids - we return fatal error and fail the request with unexpected message:
Invalid request: request.user.eids[0].uids[0] contains empty ids and is removed from the request
Invalid request: request.user.eids[2] missing required field: "source"
Possible fix: move these 2 checks to the validateEIDs function after validateUIDs.
Add message to the error list and don't add this aid to the list of valid eids.
There was a problem hiding this comment.
As per my understanding, the logic for removing invalid IDs is specific to eids. We have retained the existing logic for checking the source. However, it is unclear whether we need to check for an empty source and remove that entry while allowing other valid eids. @VeronikaSolovei9, could you please confirm this scenario and clarify the expected behavior in this case?
There was a problem hiding this comment.
I will ask team about the expected behavior.
There was a problem hiding this comment.
My take is that EID.source is required. IMO, makes sense to remove empty sources.
There was a problem hiding this comment.
The team discussed offline. We're in agreement that if EID.source is invalid we should simply remove the corresponding EID without failing the request. We should also add a warning message.
There was a problem hiding this comment.
Thanks for the update. I’ll incorporate the required changes.
This PR solves issue #3859