Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve error reporting #204

Merged
merged 5 commits into from
Sep 11, 2024
Merged

Improve error reporting #204

merged 5 commits into from
Sep 11, 2024

Conversation

MKodde
Copy link
Member

@MKodde MKodde commented Sep 2, 2024

  1. The issue with the Authentication status as mentioned in the Pivotal story (link below) was first isolated to a single controller action that fails. The controller action at first could not be called in my setup (caused by a faulty config). And I wanted to ensure this was not due to Symfony unable to evaluate which action to render. I moved off all other actions to a controller of its own. So this was kind of a boyscout action.
  2. I then fixed the actual fault in my own setup (the config issue I mentioned above). And upgraded the error reporting of the Assertions performed in the TiqrConfiguration. Again boyscout work
  3. Finally, when the authn call fails for some reason. The Authn status action will now return a error response that can be dealt with by the JS app. Previously the 500 errror page was returned. It now sends back a generic error response. Which is picked up by the JS app which displays the user friendly error page

See: https://www.pivotaltracker.com/story/show/188205289

@MKodde MKodde force-pushed the feature/improve-error-reporting branch from 7be57f8 to 136a243 Compare September 2, 2024 14:00
@MKodde
Make the Tiqr Configuration validation less cryptic
991d372 
The Assert statements would yield unusable error messages without a path
to know what to go and fix. This change at least tells us what config
item is not right. And what is expected.
@MKodde
Move Authn Status to own controller
6e8410b 
Some additional bootstrapping was required to allow for this (in
services.yaml).
@MKodde
Make the other Authentication controllers invokable
2ad5f77
@MKodde
When authn error occurs, send 'invalid-request'
4160478 
This error status was previously not supported. It is now. The uncaught
errors are caught, and the invalid-request is sent back to the JS app.

That in turn displays the user facing error page.
@MKodde MKodde force-pushed the feature/improve-error-reporting branch from 136a243 to 4160478 Compare September 2, 2024 14:14
mharte-ib
mharte-ib reviewed Sep 11, 2024
View reviewed changes
src/Controller/AuthenticationStatusController.php Show resolved Hide resolved
src/Controller/AuthenticationQrController.php
if (!$this->authenticationService->authenticationRequired()) {
$logger->error('There is no pending authentication request from SP');

return new Response('No authentication required', Response::HTTP_BAD_REQUEST);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've noticed that this code already existed before so it might be out of scope, but it seems to me that the status code of 400 is not correct here.

The request itself seems correct, however it can't be processed on the server. Not sure which status code is best here (because I lack the domain knowledge of when this happens in the grand picture), but it looks to me that the request itself seems valid.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The request in this instance is not valid, the authentication/qr route is called without a pending authentication request present. This indicates a state issue, or someone is manually trying to open the route without having the correct preconditions (there must be a running authentication). So I think a 400 response is not incorrect.

Forbidden (403) also seems fitting. I love these kind of discussions. This one I tend to leave as-is.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If the reason is that the server is in an unexpected state, it sounds like Precondition Failed (412) is a great fit.

400 should really be used if the request itself is incorrect (malformed, for example).

But I'm fine with leaving it as-is :).

@MKodde
Handle unknown statuses as an error
aba1285 
At first I opted to handle the 'invalid-request' manually. But having a
default switch-case to handle all unhandled stati as an error makes more
sense.

And before this commit, the invalid request was handled as a Push
Notification failure. But that was not my intention. I wanted to render
the error page, and for that, we need to call the switchToStatusRequestError
method instead.
@MKodde MKodde force-pushed the feature/improve-error-reporting branch from f929e11 to aba1285 Compare September 11, 2024 07:45
@MKodde MKodde merged commit 745760b into main Sep 11, 2024
2 checks passed
@MKodde MKodde deleted the feature/improve-error-reporting branch September 11, 2024 09:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mharte-ib mharte-ib mharte-ib approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@MKodde @mharte-ib