diff --git a/obp-api/src/main/scala/code/api/directlogin.scala b/obp-api/src/main/scala/code/api/directlogin.scala index 5af1ac11ff..482c72fcf4 100644 --- a/obp-api/src/main/scala/code/api/directlogin.scala +++ b/obp-api/src/main/scala/code/api/directlogin.scala @@ -352,6 +352,10 @@ object DirectLogin extends RestHelper with MdcLoggable { case false => false }*/ case _ => false + } recover { + case e: Throwable => + logger.error(s"validatorFuture.validAccessTokenFuture failed: ${e.getMessage}", e) + false } } @@ -427,6 +431,10 @@ object DirectLogin extends RestHelper with MdcLoggable { Tokens.tokens.vend.getTokenByKeyAndTypeFuture(tokenKey, TokenType.Access) map { case Full(token) => token.isValid case _ => false + } recover { + case e: Throwable => + logger.error(s"validatorFutureWithParams.validAccessTokenFuture failed: ${e.getMessage}", e) + false } } @@ -630,6 +638,10 @@ object DirectLogin extends RestHelper with MdcLoggable { Tokens.tokens.vend.getTokenByKeyFuture(token) map { case Full(t) => t.consumerId.foreign case _ => Empty + } recover { + case e: Throwable => + logger.error(s"getConsumerFromDirectLoginToken failed: ${e.getMessage}", e) + Empty } } @@ -640,7 +652,7 @@ object DirectLogin extends RestHelper with MdcLoggable { * @return Future[Box[User]] */ def getUserFromDirectLoginToken(token: String): Future[Box[User]] = { - for { + (for { tokenBox <- Tokens.tokens.vend.getTokenByKeyFuture(token) userIdBox = tokenBox.map(_.userForeignKey.get) user <- userIdBox match { @@ -649,6 +661,10 @@ object DirectLogin extends RestHelper with MdcLoggable { } } yield { user + }) recover { + case e: Throwable => + logger.error(s"getUserFromDirectLoginToken failed: ${e.getMessage}", e) + Empty } } } diff --git a/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala b/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala index 3105f4cdf0..df99c89907 100644 --- a/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala +++ b/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala @@ -8752,8 +8752,7 @@ trait APIMethods600 { case "users" :: "verify-credentials" :: Nil JsonPost json -> _ => { cc => implicit val ec = EndpointContext(Some(cc)) for { - (Full(u), callContext) <- authenticatedAccess(cc) - postedData <- NewStyle.function.tryons(s"$InvalidJsonFormat The Json body should be the PostVerifyUserCredentialsJsonV600", 400, callContext) { + postedData <- NewStyle.function.tryons(s"$InvalidJsonFormat The Json body should be the PostVerifyUserCredentialsJsonV600", 400, Some(cc)) { json.extract[PostVerifyUserCredentialsJsonV600] } // Validate credentials using the existing AuthUser mechanism @@ -8788,27 +8787,27 @@ trait APIMethods600 { } } // Check if account is locked - _ <- Helper.booleanToFuture(UsernameHasBeenLocked, 401, callContext) { + _ <- Helper.booleanToFuture(UsernameHasBeenLocked, 401, Some(cc)) { resourceUserIdBox != Full(code.model.dataAccess.AuthUser.usernameLockedStateCode) } // Check if credentials are valid resourceUserId <- Future { resourceUserIdBox } map { - x => unboxFullOrFail(x, callContext, s"$InvalidLoginCredentials Failed to authenticate user credentials.", 401) + x => unboxFullOrFail(x, Some(cc), s"$InvalidLoginCredentials Failed to authenticate user credentials.", 401) } // Get the user object user <- Future { Users.users.vend.getUserByResourceUserId(resourceUserId) } map { - x => unboxFullOrFail(x, callContext, s"$InvalidLoginCredentials User account not found in system.", 401) + x => unboxFullOrFail(x, Some(cc), s"$InvalidLoginCredentials User account not found in system.", 401) } // Verify provider matches if specified and not empty - _ <- Helper.booleanToFuture(s"$InvalidLoginCredentials Authentication provider mismatch.", 401, callContext) { + _ <- Helper.booleanToFuture(s"$InvalidLoginCredentials Authentication provider mismatch.", 401, Some(cc)) { postedData.provider.isEmpty || user.provider == postedData.provider } } yield { - (JSONFactory200.createUserJSON(user), HttpCode.`200`(callContext)) + (JSONFactory200.createUserJSON(user), HttpCode.`200`(Some(cc))) } } }