Add parameter name to JwtClientAssertionAuthenticationConverter error messages #1449
Assignees
Labels
status: declined
A suggestion or change that we don't feel we should currently apply
Comments
felix-hellman
added a commit
to felix-hellman/spring-authorization-server
that referenced
this issue
Nov 17, 2023
felix-hellman
added a commit
to felix-hellman/spring-authorization-server
that referenced
this issue
Nov 17, 2023
|
@felix-hellman Thanks for the PR associated to this issue. However, the changes in the PR would make the Furthermore, I'm not sure enhancing the error message to include the parameter name is the long term solution we're looking. I think we'll need to address this in gh-1240 and implement a holistic solution. I'm going to close this issue and associated PR but feel free to add any additional comments to gh-1240. |
jgrandja
added
status: declined
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Expected Behavior
When client assertions fail validation, the exception message contains the parameter name.
Current Behavior
When client assertions fail validation the exception message is empty.
Context
Since the validation is for internal use and does not expose what parameter has failed validation, it is required to wrap the existing converter and re-run the validation adding the failed parameter name. Adding this will save time when troubleshooting what the client is sending incorrectly without adding additional logging since the exception is already thrown.
The text was updated successfully, but these errors were encountered: