Treat the ID token signature validation failure as client error instead of generic error which will be logged as server error later #2628
Conversation
…ic error which will be logged as server error later
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #2628 +/- ##
=========================================
Coverage 55.73% 55.73%
+ Complexity 8234 8183 -51
=========================================
Files 632 632
Lines 47478 47478
Branches 8385 8385
=========================================
Hits 26463 26463
Misses 17228 17228
Partials 3787 3787
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. 🚨 Try these New Features:
|
|
PR builder started |
|
PR builder completed |
There was a problem hiding this comment.
Approving the pull request based on the successful pr build https://github.com/wso2/product-is/actions/runs/11897632050
sadilchamishka
changed the title
|
Hi @sadilchamishka, Please take one of the following actions:
Your prompt attention to this matter is greatly appreciated. Thank you for your understanding and collaboration! 🙏 |
Proposed changes in this pull request
In the OIDC logout request, The ID token signature validation failure is not required to be handled as server error and log the error. It should be a client error as the id token is sent by the client apps, along with OIDC logout request.
The failure should have been handled by this exception block [1], but it is being handled from this exception block[2].
[1] - https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/master/components/org.wso2.carbon.identity.oidc.session/src/main/java/org/wso2/carbon/identity/oidc/session/servlet/OIDCLogoutServlet.java#L244~L251
[2] - https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/master/components/org.wso2.carbon.identity.oidc.session/src/main/java/org/wso2/carbon/identity/oidc/session/servlet/OIDCLogoutServlet.java#L252~L255