fixes #29 ingore extra properties from the token response parsing (#30)

stevehu · web-flow · commit 26f1d4eb9820 · 2024-05-17T09:21:09.000-04:00
diff --git a/src/main/java/com/networknt/client/oauth/OauthHelper.java b/src/main/java/com/networknt/client/oauth/OauthHelper.java
@@ -579,31 +579,22 @@ public static String getEncodedString(TokenRequest request) throws UnsupportedEn
     private static Result<TokenResponse> handleResponse(ContentType contentType, String responseBody) {
         TokenResponse tokenResponse;
         Result<TokenResponse> result;
-        if(logger.isTraceEnabled()) logger.trace("contentType = " + contentType + " responseBody = " +  responseBody);
-        try {
-            //only accept json format response so that can map to a TokenResponse, otherwise escapes server's response and return to the client.
-            if(!contentType.equals(ContentType.APPLICATION_JSON)) {
-                return Failure.of(new Status(GET_TOKEN_ERROR, escapeBasedOnType(contentType, responseBody)));
-            }
-            if (responseBody != null && responseBody.length() > 0) {
-                tokenResponse = Config.getInstance().getMapper().readValue(responseBody, TokenResponse.class);
-                // sometimes, the token response contains an error status instead of the access token.
-                if(tokenResponse != null && tokenResponse.getAccessToken() != null) {
-                    result = Success.of(tokenResponse);
-                } else {
-                    result = Failure.of(new Status(tokenResponse.getStatusCode(), tokenResponse.getCode(), tokenResponse.getMessage(), tokenResponse.getDescription(), tokenResponse.getSeverity()));
-                }
+        if(logger.isTraceEnabled()) logger.trace("contentType = {} responseBody = {}", contentType, responseBody);
+        //only accept json format response so that can map to a TokenResponse, otherwise escapes server's response and return to the client.
+        if(!contentType.equals(ContentType.APPLICATION_JSON)) {
+            return Failure.of(new Status(GET_TOKEN_ERROR, escapeBasedOnType(contentType, responseBody)));
+        }
+        if (responseBody != null && !responseBody.isEmpty()) {
+            tokenResponse = JsonMapper.fromJson(responseBody, TokenResponse.class);
+            // sometimes, the token response contains an error status instead of the access token.
+            if(tokenResponse != null && tokenResponse.getAccessToken() != null) {
+                result = Success.of(tokenResponse);
             } else {
-                result = Failure.of(new Status(GET_TOKEN_ERROR, "no auth server response"));
-                logger.error("Error in token retrieval, response = " + responseBody);
+                result = Failure.of(new Status(tokenResponse.getStatusCode(), tokenResponse.getCode(), tokenResponse.getMessage(), tokenResponse.getDescription(), tokenResponse.getSeverity()));
             }
-        } catch (UnrecognizedPropertyException e) {
-            //in this case, cannot parse success token, which means the server doesn't response a successful token but some messages, we need to pass this message out.
-            result = Failure.of(new Status(GET_TOKEN_ERROR, escapeBasedOnType(contentType, responseBody)));
-            logger.error("Error in token parsing", e);
-        } catch (IOException | RuntimeException e) {
-            result = Failure.of(new Status(GET_TOKEN_ERROR, e.getMessage()));
-            logger.error("Error in token retrieval", e);
+        } else {
+            result = Failure.of(new Status(GET_TOKEN_ERROR, "no auth server response"));
+            logger.error("Error in token retrieval, response = {}", responseBody);
         }
         return result;
     }
diff --git a/src/main/java/com/networknt/client/oauth/TokenResponse.java b/src/main/java/com/networknt/client/oauth/TokenResponse.java
@@ -16,6 +16,7 @@
 
 package com.networknt.client.oauth;
 
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import com.networknt.status.Status;
 
@@ -26,6 +27,7 @@
  * @author Steve Hu
  *
  */
+@JsonIgnoreProperties(ignoreUnknown = true)
 public class TokenResponse extends Status {
     @JsonProperty(value="access_token")
     private String accessToken;
diff --git a/src/test/java/com/networknt/client/oauth/TokenResponseTest.java b/src/test/java/com/networknt/client/oauth/TokenResponseTest.java
@@ -0,0 +1,27 @@
+package com.networknt.client.oauth;
+
+import ch.qos.logback.core.subst.Token;
+import com.networknt.config.Config;
+import com.networknt.http.client.JsonMapper;
+import org.junit.jupiter.api.Test;
+
+public class TokenResponseTest {
+    @Test
+    public void testTokenResponseWithExtraProperties() {
+        String json = "{\"access_token\":\"access_token\",\"token_type\":\"token_type\",\"scope\":\"scope\",\"signature\":\"signature\",\"id\":\"id\", \"issued_at\":1000}";
+        try {
+            TokenResponse tokenResponse = Config.getInstance().getMapper().readValue(json, TokenResponse.class);
+            assert(tokenResponse.getAccessToken().equals("access_token"));
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+    }
+
+    @Test
+    public void testTokenResponseWithExtraPropertiesJsonMapper() {
+        String json = "{\"access_token\":\"access_token\",\"token_type\":\"token_type\",\"scope\":\"scope\",\"signature\":\"signature\",\"id\":\"id\", \"issued_at\":1000}";
+        TokenResponse tokenResponse = JsonMapper.fromJson(json, TokenResponse.class);
+        assert(tokenResponse.getAccessToken().equals("access_token"));
+    }
+
+}
