Loading...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Major
Fix Version/s: 3.2.9.GA, 3.2.9.CR1
Affects Version/s: None
Component/s: team/eng
Labels:
- upstream-test-coverage

Blocked:
False
Blocked Reason:
None
Ready:
False
Git Pull Request:
https://github.com/quarkusio/quarkus/pull/35542
[QE] How to address?:
---
Intelligence Requested:
Market:

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Fixes #35482

Test already exists when the session cookie is well-formed but contains invalid tokens (401 is returned, the cookie is removed), but if the token is malformed then `500` escapes.

I've just added an `ArrayIndexOutOfBoundsException` catch block - as it may originate from several parts of the code parsing the token, and make sure the cookie is removed.
Minor updates to `OidcProvider` to make sure the error is correctly reported at the `CodeAuthenticationMechanism` level when the session cookie is well-formed but can not be verified.

links to

RHSA-2023:124640 Red Hat build of Quarkus 3.2.9 release and security update

Assignee:: Unassigned

Reporter:: Alexey Loubyansky

Tester:: Michal Vavrik

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2023/11/17 5:25 PM

Updated:: 2023/11/30 11:37 AM

Resolved:: 2023/11/30 11:37 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates