CorsErrorResponseException prints wrong http code in the exception message #29451
Closed
1 of 2 tasks
Labels
area/core
help wanted
kind/bug
Categorizes a PR related to a bug
priority/low
status/auto-bump
status/auto-expire
team/core-shared
Before reporting an issue
Area
core
Describe the bug
When a
CorsErrorResponseException
is thrown, the message in the exception and the stack trace is alwaysHTTP 500 Internal Server Error
, independently of the actual http error code passed to theCorsErrorResponseException
constructor.We use Datadog to monitor our Keycloak instance. The direct impact that we're having with this bug is that Datadog interprets any
CorsErrorResponseException
as an error and is causing false positives.Version
24.0.4
Regression
Expected behavior
The error message in the exception should not be misleading. It should either include the correct http code or a more informative message.
Actual behavior
The error message in the exception is always
HTTP 500 Internal Server Error
How to Reproduce?
It can be reproduced with anything that throws a
CorsErrorResponseException
For example, invoking the token endpoint with
grant_type=refresh_token
and passing an expiredrefresh_token
The log level must be debug to see the stack trace
Anything else?
I believe that the solution may be to invoke the superclass with the status and maybe also with the errorDescription so that the message is more informative. For example:
There are other classes that also extend
WebApplicationException
which may benefit from the samesuper
calling.The text was updated successfully, but these errors were encountered: