Fixed JERSEY-2457.

- OAuth1Exception must call super constructor to properly set response status and headers. - Reproducer unit test added. Change-Id: I4b7e9a2621c9290918c584d2ffe00fc143ddfb03 Signed-off-by: Marek Potociar <marek.potociar@oracle.com>
poonamshah · Mar 26, 2014 · fee2c2b · fee2c2b
1 parent 8956341
commit fee2c2b
Show file tree

Hide file tree

Showing 2 changed files with 85 additions and 14 deletions.
diff --git a/security/oauth1-server/src/main/java/org/glassfish/jersey/server/oauth1/OAuth1Exception.java b/security/oauth1-server/src/main/java/org/glassfish/jersey/server/oauth1/OAuth1Exception.java
@@ -1,7 +1,7 @@
 /*
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
  *
- * Copyright (c) 2010-2013 Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2010-2014 Oracle and/or its affiliates. All rights reserved.
  *
  * The contents of this file are subject to the terms of either the GNU
  * General Public License Version 2 only ("GPL") or the Common Development
@@ -37,10 +37,10 @@
  * only if the new code is made subject to such option by the copyright
  * holder.
  */
-
 package org.glassfish.jersey.server.oauth1;
 
 import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.ResponseBuilder;
 
@@ -54,17 +54,14 @@
  * @author Miroslav Fuksa (miroslav.fuksa at oracle.com)
  */
 public class OAuth1Exception extends WebApplicationException {
-    private final Response.Status status;
-    private final String wwwAuthHeader;
 
     /**
      * Create a new exception.
      * @param status Response status.
      * @param wwwAuthHeader {@code Authorization} header value of the request that cause the exception.
      */
-    public OAuth1Exception(Response.Status status, String wwwAuthHeader) {
-        this.status = status;
-        this.wwwAuthHeader = wwwAuthHeader;
+    public OAuth1Exception(final Response.Status status, final String wwwAuthHeader) {
+        super(createResponse(status, wwwAuthHeader));
     }
 
     /**
@@ -73,23 +70,22 @@ public OAuth1Exception(Response.Status status, String wwwAuthHeader) {
      * @return Response status code.
      */
     public Response.Status getStatus() {
-        return status;
+        return Response.Status.fromStatusCode(super.getResponse().getStatus());
     }
 
     /**
-     * Get the {@code Authorization} header of the request that cause the exception.
+     * Get the {@code WWW-Authenticate} header of the request that cause the exception.
      *
-     * @return Authorization header value.
+     * @return {@code WWW-Authenticate} header value.
      */
     public String getWwwAuthHeader() {
-        return wwwAuthHeader;
+        return super.getResponse().getHeaderString(HttpHeaders.WWW_AUTHENTICATE);
     }
 
-    @Override
-    public Response getResponse() {
+    private static Response createResponse(Response.Status status, String wwwAuthHeader) {
         ResponseBuilder rb = Response.status(status);
         if (wwwAuthHeader != null) {
-            rb.header("WWW-Authenticate", wwwAuthHeader);
+            rb.header(HttpHeaders.WWW_AUTHENTICATE, wwwAuthHeader);
         }
         return rb.build();
     }

diff --git a/...y/oauth1-server/src/test/java/org/glassfish/jersey/server/oauth1/OAuth1ExceptionTest.java b/...y/oauth1-server/src/test/java/org/glassfish/jersey/server/oauth1/OAuth1ExceptionTest.java
@@ -0,0 +1,75 @@
+/*
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
+ *
+ * Copyright (c) 2014 Oracle and/or its affiliates. All rights reserved.
+ *
+ * The contents of this file are subject to the terms of either the GNU
+ * General Public License Version 2 only ("GPL") or the Common Development
+ * and Distribution License("CDDL") (collectively, the "License").  You
+ * may not use this file except in compliance with the License.  You can
+ * obtain a copy of the License at
+ * http://glassfish.java.net/public/CDDL+GPL_1_1.html
+ * or packager/legal/LICENSE.txt.  See the License for the specific
+ * language governing permissions and limitations under the License.
+ *
+ * When distributing the software, include this License Header Notice in each
+ * file and include the License file at packager/legal/LICENSE.txt.
+ *
+ * GPL Classpath Exception:
+ * Oracle designates this particular file as subject to the "Classpath"
+ * exception as provided by Oracle in the GPL Version 2 section of the License
+ * file that accompanied this code.
+ *
+ * Modifications:
+ * If applicable, add the following below the License Header, with the fields
+ * enclosed by brackets [] replaced by your own identifying information:
+ * "Portions Copyright [year] [name of copyright owner]"
+ *
+ * Contributor(s):
+ * If you wish your version of this file to be governed by only the CDDL or
+ * only the GPL Version 2, indicate your decision by adding "[Contributor]
+ * elects to include this software in this distribution under the [CDDL or GPL
+ * Version 2] license."  If you don't indicate a single choice of license, a
+ * recipient has the option to distribute your version of this file under
+ * either the CDDL, the GPL Version 2 or to extend the choice of license to
+ * its licensees as provided above.  However, if you add GPL Version 2 code
+ * and therefore, elected the GPL Version 2 license, then the option applies
+ * only if the new code is made subject to such option by the copyright
+ * holder.
+ */
+package org.glassfish.jersey.server.oauth1;
+
+import javax.ws.rs.core.HttpHeaders;
+import javax.ws.rs.core.Response;
+
+import org.junit.Test;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
+
+/**
+ * {@link OAuth1Exception} unit tests.
+ *
+ * @author Marek Potociar (marek.potociar at oracle.com)
+ */
+public class OAuth1ExceptionTest {
+    /**
+     * Reproducer for JERSEY-2457.
+     */
+    @Test
+    public void testExceptionGetters() {
+        OAuth1Exception exception;
+
+        exception = new OAuth1Exception(Response.Status.BAD_REQUEST, null);
+        assertEquals(Response.Status.BAD_REQUEST, exception.getStatus());
+        assertEquals(Response.Status.BAD_REQUEST.getStatusCode(), exception.getResponse().getStatus());
+        assertNull(exception.getWwwAuthHeader());
+        assertNull(exception.getResponse().getHeaderString(HttpHeaders.WWW_AUTHENTICATE));
+
+
+        exception = new OAuth1Exception(Response.Status.INTERNAL_SERVER_ERROR, "testAuth");
+        assertEquals(Response.Status.INTERNAL_SERVER_ERROR, exception.getStatus());
+        assertEquals(Response.Status.INTERNAL_SERVER_ERROR.getStatusCode(), exception.getResponse().getStatus());
+        assertEquals("testAuth", exception.getWwwAuthHeader());
+        assertEquals("testAuth", exception.getResponse().getHeaderString(HttpHeaders.WWW_AUTHENTICATE));
+    }
+}