Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: Override OAuth2AuthenticationException to differentiate the errors thrown by Appsmith #35160

Merged
merged 2 commits into from
Jul 25, 2024
Merged

chore: Override OAuth2AuthenticationException to differentiate the errors thrown by Appsmith #35160

merged 2 commits into from
Jul 25, 2024

Conversation

nsarupr
Copy link
Contributor

@nsarupr nsarupr commented Jul 24, 2024
edited
Loading

Description

Extend OAuth2AuthenticationException so that we can differentiate between AppsmithException and exceptions thrown by Spring Library.
There is not going to be any change to the Authentication flows here, as the we are just inheriting the OAuth2AuthenticationException.

Fixes #35154
Fixes #35157
Fixes #35155

Automation

/ok-to-test tags="@tag.All"

🔍 Cypress test results

Tip

🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉
Workflow run: https://github.com/appsmithorg/appsmith/actions/runs/10092949232
Commit: bc2f204
Cypress dashboard.
Tags: @tag.All
Spec:

Thu, 25 Jul 2024 13:13:00 UTC

Communication

Should the DevRel and Marketing teams inform users about this change?

  • Yes
  • No

Summary by CodeRabbit

  • New Features

    • Introduced a new custom exception for improved handling of OAuth 2.0 authentication errors, enhancing the clarity and robustness of the authentication process.

  • Bug Fixes

    • Enhanced error categorization in the authentication process by refining the error handling logic, allowing for better management of exceptions related to OAuth 2.0.

@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Jul 24, 2024
edited
Loading

Walkthrough

The recent changes enhance authentication error handling within the Appsmith application by introducing a custom exception class, AppsmithOAuth2AuthenticationException. This new class allows for precise categorization of OAuth 2.0 related errors, improving the overall error management strategy. The checkAndCreateUser method in CustomOidcUserServiceCEImpl has been refined to utilize this exception, thereby bolstering the application's security framework and ensuring clearer error reporting.

Changes

Files Change Summary
.../CustomOidcUserServiceCEImpl.java, .../AppsmithOAuth2AuthenticationException.java, .../CustomOAuth2UserServiceCEImpl.java Introduced AppsmithOAuth2AuthenticationException for better error handling of OAuth 2.0 issues. Updated checkAndCreateUser in CustomOidcUserServiceCEImpl to utilize this exception, enhancing error categorization and reporting.

Poem

In the realm of code where exceptions dwell,
A new class emerged, casting a spell.
With OAuth2 woes, it brings light,
Enhancing error handling, making it right.
Appsmith's security shines ever bright! ✨

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share
Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai generate interesting stats about this repository and render them as a table.
    • @coderabbitai show all the console.log statements in this repository.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@github-actions github-actions bot added the skip-changelog Adding this label to a PR prevents it from being listed in the changelog label Jul 24, 2024
@nsarupr nsarupr marked this pull request as ready for review July 25, 2024 05:37
@nsarupr nsarupr requested a review from abhvsn July 25, 2024 05:37
@nsarupr nsarupr added the ok-to-test Required label for CI label Jul 25, 2024
coderabbitai[bot]
coderabbitai bot reviewed Jul 25, 2024
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

Commits

Files that changed from the base of the PR and between ddc2304 and 40071eb.

Files selected for processing (2)
  • app/server/appsmith-server/src/main/java/com/appsmith/server/authentication/handlers/ce/CustomOidcUserServiceCEImpl.java (2 hunks)
  • app/server/appsmith-server/src/main/java/com/appsmith/server/exceptions/AppsmithOAuth2AuthenticationException.java (1 hunks)
Additional comments not posted (2)
app/server/appsmith-server/src/main/java/com/appsmith/server/exceptions/AppsmithOAuth2AuthenticationException.java (1)

1-29: Well-structured class definition.

The AppsmithOAuth2AuthenticationException class is well-structured and correctly extends OAuth2AuthenticationException. The use of Lombok's @Getter annotation simplifies the code by automatically generating getter methods for the error field. The constructors are properly defined to initialize the error object.

app/server/appsmith-server/src/main/java/com/appsmith/server/authentication/handlers/ce/CustomOidcUserServiceCEImpl.java (1)

80-82: Good use of custom exception for better error differentiation.

The change to use AppsmithOAuth2AuthenticationException enhances error differentiation by clearly distinguishing between Appsmith-specific exceptions and OAuth2 exceptions. The added comments provide clarity on the purpose of this change, which is a good practice.

coderabbitai[bot]
coderabbitai bot reviewed Jul 25, 2024
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 40071eb and bc2f204.

Files selected for processing (1)
  • app/server/appsmith-server/src/main/java/com/appsmith/server/authentication/handlers/ce/CustomOAuth2UserServiceCEImpl.java (2 hunks)
Additional comments not posted (4)
app/server/appsmith-server/src/main/java/com/appsmith/server/authentication/handlers/ce/CustomOAuth2UserServiceCEImpl.java (4)

6-7: Good import!

The import of AppsmithOAuth2AuthenticationException is necessary for the enhanced error handling.

15-15: Good import!

The import of OAuth2Error is necessary for creating detailed error messages.

71-72: Excellent error handling!

The .onErrorMap clause is a great addition for transforming AppsmithException instances into AppsmithOAuth2AuthenticationException instances.

73-77: Well-implemented error transformation!

The logic for transforming AppsmithException into AppsmithOAuth2AuthenticationException is well-implemented, enhancing error differentiation and clarity.

@nsarupr nsarupr added ok-to-test Required label for CI and removed ok-to-test Required label for CI labels Jul 25, 2024
@nsarupr nsarupr merged commit ad71b8e into release Jul 25, 2024
86 checks passed
@nsarupr nsarupr deleted the fix/auth/override-oauth-authentication-exception branch July 25, 2024 14:17
nsarupr added a commit that referenced this pull request Jul 26, 2024
@nsarupr
chore: Override OAuth2AuthenticationException to differentiate the er…
4916b81 
…rors thrown by Appsmith (#35160)

## Description
> Extend OAuth2AuthenticationException so that we can differentiate
between AppsmithException and exceptions thrown by Spring Library.
> There is not going to be any change to the Authentication flows here,
as the we are just inheriting the OAuth2AuthenticationException.


Fixes #`Issue Number`  
_or_  
Fixes `Issue URL`
> [!WARNING]  
> _If no issue exists, please create an issue first, and check with the
maintainers if the issue is valid._

## Automation

/ok-to-test tags="@tag.All"

### 🔍 Cypress test results
<!-- This is an auto-generated comment: Cypress test results  -->
> [!TIP]
> 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉
> Workflow run:
<https://github.com/appsmithorg/appsmith/actions/runs/10092949232>
> Commit: bc2f204
> <a
href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=10092949232&attempt=2"
target="_blank">Cypress dashboard</a>.
> Tags: `@tag.All`
> Spec:
> <hr>Thu, 25 Jul 2024 13:13:00 UTC
<!-- end of auto-generated comment: Cypress test results  -->


## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [ ] No


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit


- **New Features**
- Introduced a new custom exception for improved handling of OAuth 2.0
authentication errors, enhancing the clarity and robustness of the
authentication process.
  
- **Bug Fixes**
- Enhanced error categorization in the authentication process by
refining the error handling logic, allowing for better management of
exceptions related to OAuth 2.0.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Nilesh Sarupriya <[email protected]>
@github-actions github-actions bot added Bug Something isn't working Critical This issue needs immediate attention. Drop everything else High This issue blocks a user from building or impacts a lot of users Integrations Product Issues related to a specific integration Login / Signup Authentication flows Low An issue that is neither critical nor breaks a user flow Needs Triaging Needs attention from maintainers to triage Production Release Blocker This issue must be resolved before the release SSO Issues, requests and enhancements around Single sign-on. Platform Administration Pod Issues related to platform administration & management and removed Bug Something isn't working labels Jul 26, 2024
MajaharZemoso pushed a commit to MajaharZemoso/appsmith that referenced this pull request Jul 28, 2024
@nsarupr @MajaharZemoso
chore: Override OAuth2AuthenticationException to differentiate the er…
67582c4 
…rors thrown by Appsmith (appsmithorg#35160)

## Description
> Extend OAuth2AuthenticationException so that we can differentiate
between AppsmithException and exceptions thrown by Spring Library.
> There is not going to be any change to the Authentication flows here,
as the we are just inheriting the OAuth2AuthenticationException.


Fixes #`Issue Number`  
_or_  
Fixes `Issue URL`
> [!WARNING]  
> _If no issue exists, please create an issue first, and check with the
maintainers if the issue is valid._

## Automation

/ok-to-test tags="@tag.All"

### 🔍 Cypress test results
<!-- This is an auto-generated comment: Cypress test results  -->
> [!TIP]
> 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉
> Workflow run:
<https://github.com/appsmithorg/appsmith/actions/runs/10092949232>
> Commit: bc2f204
> <a
href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=10092949232&attempt=2"
target="_blank">Cypress dashboard</a>.
> Tags: `@tag.All`
> Spec:
> <hr>Thu, 25 Jul 2024 13:13:00 UTC
<!-- end of auto-generated comment: Cypress test results  -->


## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [ ] No


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit


- **New Features**
- Introduced a new custom exception for improved handling of OAuth 2.0
authentication errors, enhancing the clarity and robustness of the
authentication process.
  
- **Bug Fixes**
- Enhanced error categorization in the authentication process by
refining the error handling logic, allowing for better management of
exceptions related to OAuth 2.0.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->

---------

Co-authored-by: Nilesh Sarupriya <[email protected]>
@coderabbitai coderabbitai bot mentioned this pull request Nov 15, 2024
Merged
2 tasks
@coderabbitai coderabbitai bot mentioned this pull request Jan 29, 2025
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@abhvsn abhvsn abhvsn approved these changes

@nidhi-nair nidhi-nair Awaiting requested review from nidhi-nair

@sondermanish sondermanish Awaiting requested review from sondermanish

Assignees
No one assigned
Labels
Critical This issue needs immediate attention. Drop everything else High This issue blocks a user from building or impacts a lot of users Integrations Product Issues related to a specific integration Login / Signup Authentication flows Low An issue that is neither critical nor breaks a user flow Needs Triaging Needs attention from maintainers to triage ok-to-test Required label for CI Platform Administration Pod Issues related to platform administration & management Production Release Blocker This issue must be resolved before the release skip-changelog Adding this label to a PR prevents it from being listed in the changelog SSO Issues, requests and enhancements around Single sign-on.
Projects
None yet
Milestone
No milestone
2 participants
@nsarupr @abhvsn