Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve error messages in OidcIdTokenValidator #6323

Closed
jgrandja opened this issue Dec 21, 2018 · 1 comment
Closed

Improve error messages in OidcIdTokenValidator #6323

jgrandja opened this issue Dec 21, 2018 · 1 comment
Assignees
@jgrandja
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Milestone
5.2.0.M1

Comments

@jgrandja
Copy link
Contributor

When a validation check fails in OidcIdTokenValidator the error message returned only has invalid_id_token. We should provide more informative error messages to the user that may include the claim name/value in the error message.
@jgrandja jgrandja self-assigned this Dec 21, 2018
@jgrandja jgrandja added type: enhancement A general enhancement in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) OIDC labels Dec 21, 2018
@jgrandja jgrandja added this to the 5.2.0.M1 milestone Dec 21, 2018
@raphaelDL
Copy link
Contributor

Hi Joe, I tried the next:

I added message descriptions, and grouped errors in two steps, required fields and violated rules. I think is easier if we report the user more errors at once. Or maybe am I missing something?

What do you think? Just let me know I'm happy to improve it

@raphaelDL raphaelDL mentioned this issue Jan 3, 2019
Closed
raphaelDL added a commit to raphaelDL/spring-security that referenced this issue Jan 8, 2019
@raphaelDL
Improve error messages in OidcIdTokenValidator
e18078a 
This commit ensures that error messages contain more specific
information regarding the reported error.

Fixes: spring-projectsgh-6323
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jgrandja jgrandja

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Projects
None yet
Milestone
5.2.0.M1
Development

No branches or pull requests
2 participants
@raphaelDL @jgrandja