From 3ccf6764c139bb2d5cedb60bbdb18fd79e03ef4e Mon Sep 17 00:00:00 2001 From: Joe Grandja Date: Wed, 24 May 2017 15:43:21 -0400 Subject: [PATCH] Handle unsuccessful UserInfo response Fixes gh-4351 --- .../user/nimbus/NimbusOAuth2UserService.java | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/user/nimbus/NimbusOAuth2UserService.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/user/nimbus/NimbusOAuth2UserService.java index bb5dbf1f7c..dde39be591 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/user/nimbus/NimbusOAuth2UserService.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/user/nimbus/NimbusOAuth2UserService.java @@ -100,8 +100,21 @@ public class NimbusOAuth2UserService implements OAuth2UserService { if (httpResponse.getStatusCode() != HTTPResponse.SC_OK) { UserInfoErrorResponse userInfoErrorResponse = UserInfoErrorResponse.parse(httpResponse); ErrorObject errorObject = userInfoErrorResponse.getErrorObject(); - OAuth2Error oauth2Error = new OAuth2Error(errorObject.getCode(), errorObject.getDescription(), - (errorObject.getURI() != null ? errorObject.getURI().toString() : null)); + + StringBuilder errorDescription = new StringBuilder(); + errorDescription.append("An error occurred while attempting to access the UserInfo Endpoint -> "); + errorDescription.append("Error details: ["); + errorDescription.append("UserInfo Uri: ").append(userInfoUri.toString()); + errorDescription.append(", Http Status: ").append(errorObject.getHTTPStatusCode()); + if (errorObject.getCode() != null) { + errorDescription.append(", Error Code: ").append(errorObject.getCode()); + } + if (errorObject.getDescription() != null) { + errorDescription.append(", Error Description: ").append(errorObject.getDescription()); + } + errorDescription.append("]"); + + OAuth2Error oauth2Error = new OAuth2Error(INVALID_USER_INFO_RESPONSE_ERROR_CODE, errorDescription.toString(), null); throw new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString()); }