fusionauth-issues icon indicating copy to clipboard operation
fusionauth-issues copied to clipboard
verified publisher icon FusionAuth

Improve error handling for the SAML login endpoint when the caller is missing a `Content-Type` request header

Open robotdan opened this issue 1 year ago • 1 comments

Improve error handling for the SAML login endpoint when the caller is missing a Content-Type request header

Description

When the caller omits the Content-Type ideally we want to provide a nice error message.

If you send a request body to /samlv2/login w/out a Content-Type header, or using an un-supported value, the error will not be displayed nicely.

Instead you'll see something ugly in the logs

Error org.primeframework.mvc.PrimeMVCRequestHandler - Error encountered
org.primeframework.mvc.PrimeException: Missing result for action class [class io.fusionauth.app.action.samlv2.LoginAction] URI [/samlv2/login] and result code [input]

Additionally, ignore the binding request parameter if present.

Community guidelines

All issues filed in this repository must abide by the FusionAuth community guidelines.

robotdan avatar Apr 23 '24 23:04 robotdan

Internal:

  • https://github.com/FusionAuth/fusionauth-app/pull/425

robotdan avatar Apr 23 '24 23:04 robotdan

Shipping in 1.51.0

andrewpai avatar May 03 '24 23:05 andrewpai