fixes

Signed-off-by: Pavel Jareš <[email protected]>

Author: pj892031

api-catalog-services/src/main/java/org/zowe/apiml/apicatalog/config/DefaultExcptionHandler.java renamed to api-catalog-services/src/main/java/org/zowe/apiml/apicatalog/config/DefaultExceptionHandler.java

@@ -30,7 +30,7 @@
 @Slf4j
 @ControllerAdvice
 @RequiredArgsConstructor
-public class DefaultExcptionHandler {
+public class DefaultExceptionHandler {
 
     private final AuthExceptionHandler authExceptionHandler;
 
@@ -46,7 +46,7 @@ public Mono<ResponseEntity<ApiMessageView>> handleException(ServerWebExchange ex
         };
 
         try {
-            authExceptionHandler.handleException(exchange.getRequest().getURI().toString(), consumer, exchange.getResponse().getHeaders()::add, exception);
+            authExceptionHandler.handleException(exchange.getRequest().getPath().value(), consumer, exchange.getResponse().getHeaders()::add, exception);
             return MonoOperator.just(responseJson.get());
         } catch (ServletException e) {
             log.error("Cannot handle exception: {}", exception, e);

api-catalog-services/src/main/resources/application.yml

@@ -179,7 +179,7 @@ management:
     endpoints:
         migrate-legacy-ids: true
         web:
-            base-path: /application
+            base-path: /apicatalog/application
             exposure:
                 include: health,info,hystrixstream
     health:

api-catalog-services/src/test/java/org/zowe/apiml/apicatalog/functional/ApiCatalogProtectedEndpointTest.java

@@ -27,7 +27,7 @@ public class ApiCatalogProtectedEndpointTest extends ApiCatalogFunctionalTest {
     void requestSuccessWithBody() {
         // the method could return 200 or 503 depends on the state, but the aim is to check if it is accessible
         given().when()
-            .get(getCatalogUriWithPath("application/health"))
+            .get(getCatalogUriWithPath("apicatalog/application/health"))
         .then()
             .statusCode(not(HttpStatus.SC_UNAUTHORIZED))
             .body("status", not(nullValue()))

api-catalog-services/src/test/resources/application.yml

@@ -156,7 +156,7 @@ management:
     endpoints:
         migrate-legacy-ids: true
         web:
-            base-path: /application
+            base-path: /apicatalog/application
             exposure:
                 include: health,info
     health:

apiml-security-common/build.gradle

@@ -4,6 +4,7 @@ dependencies {
     implementation libs.spring.boot.starter.web
     implementation libs.spring.boot.starter.security
     implementation libs.reactor
+    implementation libs.spring.webflux
 
     implementation libs.apache.commons.lang3
     implementation libs.http.client5

apiml-security-common/src/main/java/org/zowe/apiml/security/common/error/AuthExceptionHandler.java

@@ -23,6 +23,7 @@
 import org.springframework.security.authentication.InsufficientAuthenticationException;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.stereotype.Component;
+import org.springframework.web.reactive.resource.NoResourceFoundException;
 import org.zowe.apiml.config.ApplicationInfo;
 import org.zowe.apiml.constants.ApimlConstants;
 import org.zowe.apiml.message.api.ApiMessageView;
@@ -32,8 +33,6 @@
 import java.util.Map;
 import java.util.function.BiConsumer;
 
-import static java.util.Map.entry;
-
 /**
  * Exception handler deals with exceptions (methods listed below) that are thrown during the authentication process
  */
@@ -60,11 +59,15 @@ private static class HandlerContext {
     }
 
     @FunctionalInterface
-    private interface ExceptionHandler {
-        void handle(RuntimeException ex, HandlerContext ctx);
+    private interface ExceptionHandler<E> {
+        void handle(E ex, HandlerContext ctx);
+    }
+
+    private <E extends Exception> Map.Entry<Class<E>, ExceptionHandler<E>> entry(Class<E> clazz, ExceptionHandler<E> handler) {
+        return Map.entry(clazz, handler);
     }
 
-    private final Map<Class<? extends RuntimeException>, ExceptionHandler> exceptionHandlers = Map.ofEntries(
+    private final Map<Class<? extends Exception>, ExceptionHandler> exceptionHandlers = Map.ofEntries(
         entry(InsufficientAuthenticationException.class,
             (ex, ctx) -> handleAuthenticationRequired(ctx.requestUri, ctx.function, ctx.addHeader, ex)),
         entry(BadCredentialsException.class,
@@ -76,7 +79,7 @@ private interface ExceptionHandler {
         entry(TokenNotValidException.class,
             (ex, ctx) -> handleTokenNotValid(ctx.requestUri, ctx.function, ctx.addHeader, ex)),
         entry(NoMainframeIdentityException.class,
-            (ex, ctx) -> handleNoMainframeIdentity(ctx.requestUri, ctx.function, ctx.addHeader, (NoMainframeIdentityException) ex)),
+            (ex, ctx) -> handleNoMainframeIdentity(ctx.requestUri, ctx.function, ctx.addHeader, ex)),
         entry(TokenNotProvidedException.class,
             (ex, ctx) -> handleTokenNotProvided(ctx.requestUri, ctx.function, ex)),
         entry(TokenExpireException.class,
@@ -90,7 +93,7 @@ private interface ExceptionHandler {
         entry(InvalidCertificateException.class,
             (ex, ctx) -> handleInvalidCertificate(ctx.function, ex)),
         entry(ZosAuthenticationException.class,
-            (ex, ctx) -> handleZosAuthenticationException(ctx.function, (ZosAuthenticationException) ex)),
+            (ex, ctx) -> handleZosAuthenticationException(ctx.function, ex)),
         entry(InvalidTokenTypeException.class,
             (ex, ctx) -> handleInvalidTokenTypeException(ctx.requestUri, ctx.function, ex)),
         entry(AuthenticationServiceException.class,
@@ -99,13 +102,15 @@ private interface ExceptionHandler {
             (ex, ctx) -> handleAuthenticationException(ctx.requestUri, ctx.function, ex)),
         entry(ServiceNotAccessibleException.class,
             (ex, ctx) -> handleServiceNotAccessibleException(ctx.requestUri, ctx.function, ex)),
+        entry(NoResourceFoundException.class,
+            (ex, ctx) -> handleNoResourceFoundException(ctx.function, ex)),
         entry(RuntimeException.class,
             (ex, ctx) -> handleRuntimeException(ctx.requestUri, ctx.function, ex))
     );
 
     private ExceptionHandler resolveHandler(RuntimeException ex) {
         Class<?> exClass = ex.getClass();
-        while (exClass != null && RuntimeException.class.isAssignableFrom(exClass)) {
+        while (exClass != null) {
             ExceptionHandler handler = exceptionHandlers.get(exClass);
             if (handler != null) {
                 return handler;
@@ -235,6 +240,11 @@ private void handleServiceNotAccessibleException(String uri, BiConsumer<ApiMessa
         function.accept(message, status);
     }
 
+    private void handleNoResourceFoundException(BiConsumer<ApiMessageView, HttpStatus> function, NoResourceFoundException ex) {
+        log.debug(MESSAGE_FORMAT, HttpStatus.NOT_FOUND.value(), ex.getMessage());
+        writeErrorResponse("org.zowe.apiml.common.notFound", HttpStatus.NOT_FOUND, function);
+    }
+
     private void handleRuntimeException(String uri, BiConsumer<ApiMessageView, HttpStatus> function, RuntimeException ex) {
         log.debug(MESSAGE_FORMAT, HttpStatus.INTERNAL_SERVER_ERROR.value(), ex.getMessage());
         writeErrorResponse("org.zowe.apiml.common.internalRequestError", HttpStatus.INTERNAL_SERVER_ERROR, function, uri, ExceptionUtils.getMessage(ex), ExceptionUtils.getRootCauseMessage(ex));