Merge pull request #2718 from constantine2nd/develop

simonredfern · web-flow · commit bd5117f42fd5 · 2026-03-04T21:17:01.000+01:00
Direct Login
diff --git a/obp-api/src/main/scala/code/api/directlogin.scala b/obp-api/src/main/scala/code/api/directlogin.scala
@@ -352,6 +352,10 @@ object DirectLogin extends RestHelper with MdcLoggable {
           case false => false
         }*/
         case _ => false
+      } recover {
+        case e: Throwable =>
+          logger.error(s"validatorFuture.validAccessTokenFuture failed: ${e.getMessage}", e)
+          false
       }
     }
 
@@ -427,6 +431,10 @@ object DirectLogin extends RestHelper with MdcLoggable {
       Tokens.tokens.vend.getTokenByKeyAndTypeFuture(tokenKey, TokenType.Access) map {
         case Full(token) => token.isValid
         case _ => false
+      } recover {
+        case e: Throwable =>
+          logger.error(s"validatorFutureWithParams.validAccessTokenFuture failed: ${e.getMessage}", e)
+          false
       }
     }
 
@@ -630,6 +638,10 @@ object DirectLogin extends RestHelper with MdcLoggable {
     Tokens.tokens.vend.getTokenByKeyFuture(token) map {
       case Full(t) => t.consumerId.foreign
       case _ => Empty
+    } recover {
+      case e: Throwable =>
+        logger.error(s"getConsumerFromDirectLoginToken failed: ${e.getMessage}", e)
+        Empty
     }
   }
 
@@ -640,7 +652,7 @@ object DirectLogin extends RestHelper with MdcLoggable {
    * @return Future[Box[User]]
    */
   def getUserFromDirectLoginToken(token: String): Future[Box[User]] = {
-    for {
+    (for {
       tokenBox <- Tokens.tokens.vend.getTokenByKeyFuture(token)
       userIdBox = tokenBox.map(_.userForeignKey.get)
       user <- userIdBox match {
@@ -649,6 +661,10 @@ object DirectLogin extends RestHelper with MdcLoggable {
       }
     } yield {
       user
+    }) recover {
+      case e: Throwable =>
+        logger.error(s"getUserFromDirectLoginToken failed: ${e.getMessage}", e)
+        Empty
     }
   }
 }
diff --git a/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala b/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala
@@ -8752,8 +8752,7 @@ trait APIMethods600 {
       case "users" :: "verify-credentials" :: Nil JsonPost json -> _ => {
         cc => implicit val ec = EndpointContext(Some(cc))
           for {
-            (Full(u), callContext) <- authenticatedAccess(cc)
-            postedData <- NewStyle.function.tryons(s"$InvalidJsonFormat The Json body should be the PostVerifyUserCredentialsJsonV600", 400, callContext) {
+            postedData <- NewStyle.function.tryons(s"$InvalidJsonFormat The Json body should be the PostVerifyUserCredentialsJsonV600", 400, Some(cc)) {
               json.extract[PostVerifyUserCredentialsJsonV600]
             }
             // Validate credentials using the existing AuthUser mechanism
@@ -8788,27 +8787,27 @@ trait APIMethods600 {
                 }
               }
             // Check if account is locked
-            _ <- Helper.booleanToFuture(UsernameHasBeenLocked, 401, callContext) {
+            _ <- Helper.booleanToFuture(UsernameHasBeenLocked, 401, Some(cc)) {
               resourceUserIdBox != Full(code.model.dataAccess.AuthUser.usernameLockedStateCode)
             }
             // Check if credentials are valid
             resourceUserId <- Future {
               resourceUserIdBox
             } map {
-              x => unboxFullOrFail(x, callContext, s"$InvalidLoginCredentials Failed to authenticate user credentials.", 401)
+              x => unboxFullOrFail(x, Some(cc), s"$InvalidLoginCredentials Failed to authenticate user credentials.", 401)
             }
             // Get the user object
             user <- Future {
               Users.users.vend.getUserByResourceUserId(resourceUserId)
             } map {
-              x => unboxFullOrFail(x, callContext, s"$InvalidLoginCredentials User account not found in system.", 401)
+              x => unboxFullOrFail(x, Some(cc), s"$InvalidLoginCredentials User account not found in system.", 401)
             }
             // Verify provider matches if specified and not empty
-            _ <- Helper.booleanToFuture(s"$InvalidLoginCredentials Authentication provider mismatch.", 401, callContext) {
+            _ <- Helper.booleanToFuture(s"$InvalidLoginCredentials Authentication provider mismatch.", 401, Some(cc)) {
               postedData.provider.isEmpty || user.provider == postedData.provider
             }
           } yield {
-            (JSONFactory200.createUserJSON(user), HttpCode.`200`(callContext))
+            (JSONFactory200.createUserJSON(user), HttpCode.`200`(Some(cc)))
           }
       }
     }

Original file line number	Diff line number	Diff line change
`@@ -352,6 +352,10 @@ object DirectLogin extends RestHelper with MdcLoggable {`
`352`	`352`	`case false => false`
`353`	`353`	`}*/`
`354`	`354`	`case _ => false`
	`355`	`+ } recover {`
	`356`	`+ case e: Throwable =>`
	`357`	`+ logger.error(s"validatorFuture.validAccessTokenFuture failed: ${e.getMessage}", e)`
	`358`	`+ false`
`355`	`359`	`}`
`356`	`360`	`}`
`357`	`361`
`@@ -427,6 +431,10 @@ object DirectLogin extends RestHelper with MdcLoggable {`
`427`	`431`	`Tokens.tokens.vend.getTokenByKeyAndTypeFuture(tokenKey, TokenType.Access) map {`
`428`	`432`	`case Full(token) => token.isValid`
`429`	`433`	`case _ => false`
	`434`	`+ } recover {`
	`435`	`+ case e: Throwable =>`
	`436`	`+ logger.error(s"validatorFutureWithParams.validAccessTokenFuture failed: ${e.getMessage}", e)`
	`437`	`+ false`
`430`	`438`	`}`
`431`	`439`	`}`
`432`	`440`
`@@ -630,6 +638,10 @@ object DirectLogin extends RestHelper with MdcLoggable {`
`630`	`638`	`Tokens.tokens.vend.getTokenByKeyFuture(token) map {`
`631`	`639`	`case Full(t) => t.consumerId.foreign`
`632`	`640`	`case _ => Empty`
	`641`	`+ } recover {`
	`642`	`+ case e: Throwable =>`
	`643`	`+ logger.error(s"getConsumerFromDirectLoginToken failed: ${e.getMessage}", e)`
	`644`	`+ Empty`
`633`	`645`	`}`
`634`	`646`	`}`
`635`	`647`
`@@ -640,7 +652,7 @@ object DirectLogin extends RestHelper with MdcLoggable {`
`640`	`652`	`* @return Future[Box[User]]`
`641`	`653`	`*/`
`642`	`654`	`def getUserFromDirectLoginToken(token: String): Future[Box[User]] = {`
`643`		`- for {`
	`655`	`+ (for {`
`644`	`656`	`tokenBox <- Tokens.tokens.vend.getTokenByKeyFuture(token)`
`645`	`657`	`userIdBox = tokenBox.map(_.userForeignKey.get)`
`646`	`658`	`user <- userIdBox match {`
`@@ -649,6 +661,10 @@ object DirectLogin extends RestHelper with MdcLoggable {`
`649`	`661`	`}`
`650`	`662`	`} yield {`
`651`	`663`	`user`
	`664`	`+ }) recover {`
	`665`	`+ case e: Throwable =>`
	`666`	`+ logger.error(s"getUserFromDirectLoginToken failed: ${e.getMessage}", e)`
	`667`	`+ Empty`
`652`	`668`	`}`
`653`	`669`	`}`
`654`	`670`	`}`
Original file line number	Diff line number	Diff line change
`@@ -8752,8 +8752,7 @@ trait APIMethods600 {`
`8752`	`8752`	`case "users" :: "verify-credentials" :: Nil JsonPost json -> _ => {`
`8753`	`8753`	`cc => implicit val ec = EndpointContext(Some(cc))`
`8754`	`8754`	`for {`
`8755`		`- (Full(u), callContext) <- authenticatedAccess(cc)`
`8756`		`- postedData <- NewStyle.function.tryons(s"$InvalidJsonFormat The Json body should be the PostVerifyUserCredentialsJsonV600", 400, callContext) {`
	`8755`	`+ postedData <- NewStyle.function.tryons(s"$InvalidJsonFormat The Json body should be the PostVerifyUserCredentialsJsonV600", 400, Some(cc)) {`
`8757`	`8756`	`json.extract[PostVerifyUserCredentialsJsonV600]`
`8758`	`8757`	`}`
`8759`	`8758`	`// Validate credentials using the existing AuthUser mechanism`
`@@ -8788,27 +8787,27 @@ trait APIMethods600 {`
`8788`	`8787`	`}`
`8789`	`8788`	`}`
`8790`	`8789`	`// Check if account is locked`
`8791`		`- _ <- Helper.booleanToFuture(UsernameHasBeenLocked, 401, callContext) {`
	`8790`	`+ _ <- Helper.booleanToFuture(UsernameHasBeenLocked, 401, Some(cc)) {`
`8792`	`8791`	`resourceUserIdBox != Full(code.model.dataAccess.AuthUser.usernameLockedStateCode)`
`8793`	`8792`	`}`
`8794`	`8793`	`// Check if credentials are valid`
`8795`	`8794`	`resourceUserId <- Future {`
`8796`	`8795`	`resourceUserIdBox`
`8797`	`8796`	`} map {`
`8798`		`- x => unboxFullOrFail(x, callContext, s"$InvalidLoginCredentials Failed to authenticate user credentials.", 401)`
	`8797`	`+ x => unboxFullOrFail(x, Some(cc), s"$InvalidLoginCredentials Failed to authenticate user credentials.", 401)`
`8799`	`8798`	`}`
`8800`	`8799`	`// Get the user object`
`8801`	`8800`	`user <- Future {`
`8802`	`8801`	`Users.users.vend.getUserByResourceUserId(resourceUserId)`
`8803`	`8802`	`} map {`
`8804`		`- x => unboxFullOrFail(x, callContext, s"$InvalidLoginCredentials User account not found in system.", 401)`
	`8803`	`+ x => unboxFullOrFail(x, Some(cc), s"$InvalidLoginCredentials User account not found in system.", 401)`
`8805`	`8804`	`}`
`8806`	`8805`	`// Verify provider matches if specified and not empty`
`8807`		`- _ <- Helper.booleanToFuture(s"$InvalidLoginCredentials Authentication provider mismatch.", 401, callContext) {`
	`8806`	`+ _ <- Helper.booleanToFuture(s"$InvalidLoginCredentials Authentication provider mismatch.", 401, Some(cc)) {`
`8808`	`8807`	`postedData.provider.isEmpty \|\| user.provider == postedData.provider`
`8809`	`8808`	`}`
`8810`	`8809`	`} yield {`
`8811`		- (JSONFactory200.createUserJSON(user), HttpCode.`200`(callContext))
	`8810`	+ (JSONFactory200.createUserJSON(user), HttpCode.`200`(Some(cc)))
`8812`	`8811`	`}`
`8813`	`8812`	`}`
`8814`	`8813`	`}`