Skip to content

Commit

Permalink
Add logging for invalid callbacks
Browse files Browse the repository at this point in the history
  • Loading branch information
@zechmeister
zechmeister committed Oct 30, 2024
1 parent a0d9b21 commit be4d76e
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions src/main/java/de/bund/digitalservice/a2j/service/subscriber/CallbackVerificationFilter.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package de.bund.digitalservice.a2j.service.subscriber;

import dev.fitko.fitconnect.api.domain.validation.ValidationResult;
import dev.fitko.fitconnect.client.SenderClient;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
Expand Down Expand Up @@ -42,15 +43,17 @@ protected void doFilterInternal(
String requestBody =
new String(wrappedRequest.getContentAsByteArray(), request.getCharacterEncoding());

if (!senderClient
ValidationResult result = senderClient
.validateCallback(
request.getHeader("callback-authentication"),
Long.parseLong(request.getHeader("callback-timestamp")),
requestBody,
callbackSecret)
.isValid()) {
callbackSecret);

if (!result.isValid()) {
logger.info("Received invalid fit-connect callback");
logger.info(result.getProblems().toString());
logger.info(result.getError().getMessage());
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
return;
}
Expand Down

0 comments on commit be4d76e

Please sign in to comment.