From 2a3bf9b6bbb3ccdf046a4b7ed3bc604882e57c9a Mon Sep 17 00:00:00 2001 From: Rob Winch Date: Thu, 5 Sep 2019 13:31:30 -0500 Subject: [PATCH] DefaultReactiveOAuth2UserService IOException Improve handling of IOException to report an AuthenticationServiceExceptionThere are many reasons that a DefaultReactiveOAuth2UserService might fail due to an IOException (i.e. SSLHandshakeException). In those cases we should use a AuthenticationServiceException so that users are aware there is likely some misconfiguration. Fixes gh-7370 --- .../client/userinfo/DefaultReactiveOAuth2UserService.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultReactiveOAuth2UserService.java b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultReactiveOAuth2UserService.java index 108d837240..71a0fee913 100644 --- a/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultReactiveOAuth2UserService.java +++ b/oauth2/oauth2-client/src/main/java/org/springframework/security/oauth2/client/userinfo/DefaultReactiveOAuth2UserService.java @@ -17,7 +17,7 @@ package org.springframework.security.oauth2.client.userinfo; -import java.net.UnknownHostException; +import java.io.IOException; import java.util.HashSet; import java.util.Map; import java.util.Set; @@ -140,7 +140,7 @@ public class DefaultReactiveOAuth2UserService implements ReactiveOAuth2UserServi return new DefaultOAuth2User(authorities, attrs, userNameAttributeName); }) - .onErrorMap(UnknownHostException.class, t -> new AuthenticationServiceException("Unable to access the userInfoEndpoint " + userInfoUri, t)) + .onErrorMap(e -> e instanceof IOException, t -> new AuthenticationServiceException("Unable to access the userInfoEndpoint " + userInfoUri, t)) .onErrorMap(t -> !(t instanceof AuthenticationServiceException), t -> { OAuth2Error oauth2Error = new OAuth2Error(INVALID_USER_INFO_RESPONSE_ERROR_CODE, "An error occurred reading the UserInfo Success response: " + t.getMessage(), null); return new OAuth2AuthenticationException(oauth2Error, oauth2Error.toString(), t);