From 602d53b56c2ba1fc769754fc4ea1b6000cd41bf9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marko=20Mili=C4=87?= <marko@tesobe.com>
Date: Wed, 4 Mar 2026 05:51:47 +0100
Subject: [PATCH 1/2] feature/Tweak endpoint verifyUserCredentials v6.0.0

---
 .../main/scala/code/api/v6_0_0/APIMethods600.scala  | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala b/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala
index 3105f4cdf0..df99c89907 100644
--- a/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala
+++ b/obp-api/src/main/scala/code/api/v6_0_0/APIMethods600.scala
@@ -8752,8 +8752,7 @@ trait APIMethods600 {
       case "users" :: "verify-credentials" :: Nil JsonPost json -> _ => {
         cc => implicit val ec = EndpointContext(Some(cc))
           for {
-            (Full(u), callContext) <- authenticatedAccess(cc)
-            postedData <- NewStyle.function.tryons(s"$InvalidJsonFormat The Json body should be the PostVerifyUserCredentialsJsonV600", 400, callContext) {
+            postedData <- NewStyle.function.tryons(s"$InvalidJsonFormat The Json body should be the PostVerifyUserCredentialsJsonV600", 400, Some(cc)) {
               json.extract[PostVerifyUserCredentialsJsonV600]
             }
             // Validate credentials using the existing AuthUser mechanism
@@ -8788,27 +8787,27 @@ trait APIMethods600 {
                 }
               }
             // Check if account is locked
-            _ <- Helper.booleanToFuture(UsernameHasBeenLocked, 401, callContext) {
+            _ <- Helper.booleanToFuture(UsernameHasBeenLocked, 401, Some(cc)) {
               resourceUserIdBox != Full(code.model.dataAccess.AuthUser.usernameLockedStateCode)
             }
             // Check if credentials are valid
             resourceUserId <- Future {
               resourceUserIdBox
             } map {
-              x => unboxFullOrFail(x, callContext, s"$InvalidLoginCredentials Failed to authenticate user credentials.", 401)
+              x => unboxFullOrFail(x, Some(cc), s"$InvalidLoginCredentials Failed to authenticate user credentials.", 401)
             }
             // Get the user object
             user <- Future {
               Users.users.vend.getUserByResourceUserId(resourceUserId)
             } map {
-              x => unboxFullOrFail(x, callContext, s"$InvalidLoginCredentials User account not found in system.", 401)
+              x => unboxFullOrFail(x, Some(cc), s"$InvalidLoginCredentials User account not found in system.", 401)
             }
             // Verify provider matches if specified and not empty
-            _ <- Helper.booleanToFuture(s"$InvalidLoginCredentials Authentication provider mismatch.", 401, callContext) {
+            _ <- Helper.booleanToFuture(s"$InvalidLoginCredentials Authentication provider mismatch.", 401, Some(cc)) {
               postedData.provider.isEmpty || user.provider == postedData.provider
             }
           } yield {
-            (JSONFactory200.createUserJSON(user), HttpCode.`200`(callContext))
+            (JSONFactory200.createUserJSON(user), HttpCode.`200`(Some(cc)))
           }
       }
     }

From bb67283762ba707e68526f4e4d7929ea3f56449c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marko=20Mili=C4=87?= <marko@tesobe.com>
Date: Wed, 4 Mar 2026 09:36:38 +0100
Subject: [PATCH 2/2] feature/Improve Direct Login error handling

---
 .../src/main/scala/code/api/directlogin.scala  | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/obp-api/src/main/scala/code/api/directlogin.scala b/obp-api/src/main/scala/code/api/directlogin.scala
index 5af1ac11ff..482c72fcf4 100644
--- a/obp-api/src/main/scala/code/api/directlogin.scala
+++ b/obp-api/src/main/scala/code/api/directlogin.scala
@@ -352,6 +352,10 @@ object DirectLogin extends RestHelper with MdcLoggable {
           case false => false
         }*/
         case _ => false
+      } recover {
+        case e: Throwable =>
+          logger.error(s"validatorFuture.validAccessTokenFuture failed: ${e.getMessage}", e)
+          false
       }
     }
 
@@ -427,6 +431,10 @@ object DirectLogin extends RestHelper with MdcLoggable {
       Tokens.tokens.vend.getTokenByKeyAndTypeFuture(tokenKey, TokenType.Access) map {
         case Full(token) => token.isValid
         case _ => false
+      } recover {
+        case e: Throwable =>
+          logger.error(s"validatorFutureWithParams.validAccessTokenFuture failed: ${e.getMessage}", e)
+          false
       }
     }
 
@@ -630,6 +638,10 @@ object DirectLogin extends RestHelper with MdcLoggable {
     Tokens.tokens.vend.getTokenByKeyFuture(token) map {
       case Full(t) => t.consumerId.foreign
       case _ => Empty
+    } recover {
+      case e: Throwable =>
+        logger.error(s"getConsumerFromDirectLoginToken failed: ${e.getMessage}", e)
+        Empty
     }
   }
 
@@ -640,7 +652,7 @@ object DirectLogin extends RestHelper with MdcLoggable {
    * @return Future[Box[User]]
    */
   def getUserFromDirectLoginToken(token: String): Future[Box[User]] = {
-    for {
+    (for {
       tokenBox <- Tokens.tokens.vend.getTokenByKeyFuture(token)
       userIdBox = tokenBox.map(_.userForeignKey.get)
       user <- userIdBox match {
@@ -649,6 +661,10 @@ object DirectLogin extends RestHelper with MdcLoggable {
       }
     } yield {
       user
+    }) recover {
+      case e: Throwable =>
+        logger.error(s"getUserFromDirectLoginToken failed: ${e.getMessage}", e)
+        Empty
     }
   }
 }