diff --git a/docs/Mobile-Token-API.md b/docs/Mobile-Token-API.md index a7ddf261..a3eaa723 100644 --- a/docs/Mobile-Token-API.md +++ b/docs/Mobile-Token-API.md @@ -75,15 +75,16 @@ Mobile token API provides access to operations. List of error codes in Mobile Token API: -| Code | Description | HTTP Status Code | -|---|---|---| -| `INVALID_REQUEST` | Invalid request sent - missing request object in request | 400 | -| `INVALID_ACTIVATION` | Activation is not valid (it is different from configured activation). Return this error in case the activation does not exist, or in case the activation is not allowed to perform the action (for example, user did not allow operation approvals on such device). | 400 | -| `POWERAUTH_AUTH_FAIL` | PowerAuth authentication failed | 401 | -| `OPERATION_ALREADY_FINISHED` | Operation is already finished | 400 | -| `OPERATION_ALREADY_FAILED` | Operation is already failed | 400 | -| `OPERATION_ALREADY_CANCELED` | Operation is already canceled | 400 | -| `OPERATION_EXPIRED` | Operation is expired | 400 | +| Code | Description | HTTP Status Code | +|------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------| +| `INVALID_REQUEST` | Invalid request sent - missing request object in request | 400 | +| `INVALID_ACTIVATION` | Activation is not valid (it is different from configured activation). Return this error in case the activation does not exist, or in case the activation is not allowed to perform the action (for example, user did not allow operation approvals on such device). | 400 | +| `POWERAUTH_AUTH_FAIL` | PowerAuth authentication failed | 401 | +| `OPERATION_ALREADY_FINISHED` | Operation is already finished | 400 | +| `OPERATION_ALREADY_FAILED` | Operation is already failed | 400 | +| `OPERATION_ALREADY_CANCELED` | Operation is already canceled | 400 | +| `OPERATION_EXPIRED` | Operation is expired | 400 | +| `OPERATION_FAILED` | PowerAuth server operation approval fails. | 401 | ## Localization diff --git a/enrollment-server/src/main/java/com/wultra/app/enrollmentserver/errorhandling/DefaultExceptionHandler.java b/enrollment-server/src/main/java/com/wultra/app/enrollmentserver/errorhandling/DefaultExceptionHandler.java index 685fd754..80ac42a4 100644 --- a/enrollment-server/src/main/java/com/wultra/app/enrollmentserver/errorhandling/DefaultExceptionHandler.java +++ b/enrollment-server/src/main/java/com/wultra/app/enrollmentserver/errorhandling/DefaultExceptionHandler.java @@ -18,6 +18,7 @@ package com.wultra.app.enrollmentserver.errorhandling; +import com.wultra.security.powerauth.lib.mtoken.model.enumeration.ErrorCode; import io.getlime.core.rest.model.base.response.ErrorResponse; import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException; import lombok.extern.slf4j.Slf4j; @@ -57,7 +58,7 @@ public class DefaultExceptionHandler { @ResponseStatus(HttpStatus.BAD_REQUEST) public @ResponseBody ErrorResponse handleInvalidRequestException(InvalidRequestObjectException ex) { logger.warn("Error occurred when processing request object.", ex); - return new ErrorResponse("INVALID_REQUEST", "Invalid request object."); + return new ErrorResponse(ErrorCode.INVALID_REQUEST, "Invalid request object."); } /** @@ -69,7 +70,7 @@ public class DefaultExceptionHandler { @ResponseStatus(HttpStatus.BAD_REQUEST) public @ResponseBody ErrorResponse handlePushRegistrationException(PushRegistrationFailedException ex) { logger.warn("Error occurred when registering to push server.", ex); - return new ErrorResponse("PUSH_REGISTRATION_FAILED", "Push registration failed in Mobile Token API component."); + return new ErrorResponse(ErrorCode.PUSH_REGISTRATION_FAILED, "Push registration failed in Mobile Token API component."); } /** @@ -81,7 +82,7 @@ public class DefaultExceptionHandler { @ResponseStatus(HttpStatus.UNAUTHORIZED) public @ResponseBody ErrorResponse handleUnauthorizedException(PowerAuthAuthenticationException ex) { logger.warn("Unable to verify device registration - authentication failed.", ex); - return new ErrorResponse("POWERAUTH_AUTH_FAIL", "Unable to verify device registration."); + return new ErrorResponse(ErrorCode.POWERAUTH_AUTH_FAIL, "Unable to verify device registration."); } /** diff --git a/enrollment-server/src/main/java/com/wultra/app/enrollmentserver/errorhandling/MobileTokenAuthException.java b/enrollment-server/src/main/java/com/wultra/app/enrollmentserver/errorhandling/MobileTokenAuthException.java index d2f5810a..28fdf0ec 100644 --- a/enrollment-server/src/main/java/com/wultra/app/enrollmentserver/errorhandling/MobileTokenAuthException.java +++ b/enrollment-server/src/main/java/com/wultra/app/enrollmentserver/errorhandling/MobileTokenAuthException.java @@ -18,6 +18,8 @@ package com.wultra.app.enrollmentserver.errorhandling; +import com.wultra.security.powerauth.lib.mtoken.model.enumeration.ErrorCode; + import java.io.Serial; /** @@ -31,7 +33,10 @@ public class MobileTokenAuthException extends MobileTokenException { private static final long serialVersionUID = -4602362062047233809L; public MobileTokenAuthException() { - super("POWERAUTH_AUTH_FAIL", "Authentication failed"); + super(ErrorCode.POWERAUTH_AUTH_FAIL, "Authentication failed"); } + public MobileTokenAuthException(final String code, final String message) { + super(code, message); + } } diff --git a/enrollment-server/src/main/java/com/wultra/app/enrollmentserver/impl/service/MobileTokenService.java b/enrollment-server/src/main/java/com/wultra/app/enrollmentserver/impl/service/MobileTokenService.java index c5aaa297..956032fa 100644 --- a/enrollment-server/src/main/java/com/wultra/app/enrollmentserver/impl/service/MobileTokenService.java +++ b/enrollment-server/src/main/java/com/wultra/app/enrollmentserver/impl/service/MobileTokenService.java @@ -25,7 +25,6 @@ import com.wultra.app.enrollmentserver.impl.service.converter.MobileTokenConverter; import com.wultra.core.http.common.request.RequestContext; import com.wultra.security.powerauth.client.PowerAuthClient; -import com.wultra.security.powerauth.client.model.enumeration.OperationStatus; import com.wultra.security.powerauth.client.model.enumeration.SignatureType; import com.wultra.security.powerauth.client.model.enumeration.UserActionResult; import com.wultra.security.powerauth.client.model.error.PowerAuthClientException; @@ -35,6 +34,7 @@ import com.wultra.security.powerauth.client.model.response.OperationDetailResponse; import com.wultra.security.powerauth.client.model.response.OperationUserActionResponse; import com.wultra.security.powerauth.lib.mtoken.model.entity.Operation; +import com.wultra.security.powerauth.lib.mtoken.model.enumeration.ErrorCode; import com.wultra.security.powerauth.lib.mtoken.model.response.OperationListResponse; import io.getlime.core.rest.model.base.response.Response; import io.getlime.security.powerauth.rest.api.spring.service.HttpCustomizationService; @@ -181,8 +181,8 @@ public Response operationApprove(@NotNull final OperationApproveParameterObject return new Response(); } else { final OperationDetailResponse operation = approveResponse.getOperation(); - handleStatus(operation.getStatus()); - throw new MobileTokenAuthException(); + handleStatus(operation); + throw new MobileTokenAuthException(ErrorCode.OPERATION_FAILED, "PowerAuth server operation approval fails"); } } @@ -208,7 +208,7 @@ public void operationFailApprove(@NotNull String operationId, @NotNull RequestCo ); final OperationDetailResponse operation = failApprovalResponse.getOperation(); - handleStatus(operation.getStatus()); + handleStatus(operation); } /** @@ -262,8 +262,8 @@ public Response operationReject( return new Response(); } else { final OperationDetailResponse operation = rejectResponse.getOperation(); - handleStatus(operation.getStatus()); - throw new MobileTokenAuthException(); + handleStatus(operation); + throw new MobileTokenAuthException(ErrorCode.OPERATION_FAILED, "PowerAuth server operation rejection fails"); } } @@ -285,7 +285,7 @@ private OperationDetailResponse getOperationDetail(String operationId) throws Po httpCustomizationService.getQueryParams(), httpCustomizationService.getHttpHeaders() ); - handleStatus(operationDetail.getStatus()); + handleStatus(operationDetail); return operationDetail; } @@ -297,22 +297,21 @@ private OperationDetailResponse getOperationDetail(String operationId) throws Po *
  • CANCELLED, APPROVED, REJECTED, or EXPIRED - throws exception with appropriate code and message.
    • * * - * @param status Operation status. + * @param operation Operation detail. * @throws MobileTokenException In case operation is in status that does not allow processing, the method throws appropriate exception. */ - private void handleStatus(OperationStatus status) throws MobileTokenException { - switch (status) { - case PENDING -> { - // OK, this operation is still pending - } + private static void handleStatus(final OperationDetailResponse operation) throws MobileTokenException { + switch (operation.getStatus()) { + case PENDING -> + logger.debug("OK, operation ID: {} is still pending", operation.getId()); case CANCELED -> - throw new MobileTokenException("OPERATION_ALREADY_CANCELED", "Operation was already canceled"); + throw new MobileTokenException(ErrorCode.OPERATION_ALREADY_CANCELED, "Operation was already canceled"); case APPROVED, REJECTED -> - throw new MobileTokenException("OPERATION_ALREADY_FINISHED", "Operation was already completed"); + throw new MobileTokenException(ErrorCode.OPERATION_ALREADY_FINISHED, "Operation was already completed"); case FAILED -> - throw new MobileTokenException("OPERATION_ALREADY_FAILED", "Operation already failed"); + throw new MobileTokenException(ErrorCode.OPERATION_ALREADY_FAILED, "Operation already failed"); default -> - throw new MobileTokenException("OPERATION_EXPIRED", "Operation already expired"); + throw new MobileTokenException(ErrorCode.OPERATION_EXPIRED, "Operation already expired"); } } diff --git a/mtoken-model/src/main/java/com/wultra/security/powerauth/lib/mtoken/model/enumeration/ErrorCode.java b/mtoken-model/src/main/java/com/wultra/security/powerauth/lib/mtoken/model/enumeration/ErrorCode.java index e14e922a..a6ef3225 100644 --- a/mtoken-model/src/main/java/com/wultra/security/powerauth/lib/mtoken/model/enumeration/ErrorCode.java +++ b/mtoken-model/src/main/java/com/wultra/security/powerauth/lib/mtoken/model/enumeration/ErrorCode.java @@ -36,16 +36,6 @@ public class ErrorCode { */ public static final String INVALID_REQUEST = "INVALID_REQUEST"; - /** - * Error code for situation when an activation is not active. - */ - public static final String ACTIVATION_NOT_ACTIVE = "ACTIVATION_NOT_ACTIVE"; - - /** - * Error code for situation when an activation is not configured. - */ - public static final String ACTIVATION_NOT_CONFIGURED = "ACTIVATION_NOT_CONFIGURED"; - /** * Error code for situation when an invalid activation / device is * attempted for operation manipulation. @@ -75,6 +65,11 @@ public class ErrorCode { */ public static final String OPERATION_ALREADY_CANCELED = "OPERATION_ALREADY_CANCELED"; + /** + * Error code for situation when PowerAuth server operation approval fails. + */ + public static final String OPERATION_FAILED = "OPERATION_FAILED"; + /** * Error code for situation when an operation expired and yet, some further * action was requested with that operation.