Skip to content

PIN-7241 - Fix bad request body in authorization-server #2176

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 9 commits into
base: develop
Choose a base branch
from
Open

PIN-7241 - Fix bad request body in authorization-server #2176

wants to merge 9 commits into from

Conversation

shuyec
Copy link
Contributor

@shuyec shuyec commented Jul 21, 2025
edited by jira bot
Loading

Related Jira tickets: PIN-7241, PIN-7244, PIN-7308

This PR fixes the error message which gets returned when calling the authorization-server endpoint with a bad formatted request JSON body.
Examples:

  • { -> Expected property name or '}' in JSON at position 7 (line 1 column 8)
  • test -> Unexpected token 't', "test" is not valid JSON
  • {"test":"test" -> Expected ',' or '}' after property value in JSON at position 14 (line 1 column 15)

The PR changes the error to:

{
  "type": "about:blank",
  "title": "Bad request",
  "status": 400,
  "detail": "Expected property name or '}' in JSON at position 1 (line 1 column 2)",
  "errors": [
    {
      "code": "000-9999",
      "detail": "Expected property name or '}' in JSON at position 1 (line 1 column 2)"
    }
  ]
}

@shuyec shuyec added the hotfix label Jul 21, 2025
@shuyec shuyec changed the base branch from develop to main July 21, 2025 16:02
shuyec
shuyec commented Jul 21, 2025
View reviewed changes
packages/commons/src/router/zodiosValidationErrorHandler.ts
const errors = zodError.error.map((e) => fromZodIssue(e));
const { detail, errors } =
zodError instanceof Error
? { detail: zodError.message, errors: [zodError] }
Copy link
Contributor Author

@shuyec shuyec Jul 21, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

.message adds Expected property name or '}' in JSON at position 1 (line 1 column 2) which is not very clean, but it's descriptive of what's happening.
It could be changed to an Unexpected error message.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

z.ZodError is also a instance of Error. So this will always end up on the first branch of the ternary.
body-parser throws a SyntaxError, I would check for it

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can change that to SyntaxError, but, from my understanding, Zod parsing errors are handled by this.

@shuyec shuyec marked this pull request as ready for review July 22, 2025 07:03
@shuyec shuyec changed the base branch from main to develop July 25, 2025 07:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AsterITA AsterITA AsterITA approved these changes

@taglioni-r taglioni-r taglioni-r approved these changes

@beetlecrunch beetlecrunch Awaiting requested review from beetlecrunch beetlecrunch is a code owner

@galales galales Awaiting requested review from galales galales is a code owner

@Carminepo2 Carminepo2 Awaiting requested review from Carminepo2 Carminepo2 is a code owner

Assignees
No one assigned
Labels
authorization-server hotfix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@shuyec @AsterITA @Carminepo2 @taglioni-r @beetlecrunch