[ES-1033] review comments fixed

Signed-off-by: Venkata Saidurga Polamraju <saidurgacsea@gmail.com>
Infosys · May 20, 2024 · 4e0bde9 · 4e0bde9
1 parent d4a3873
commit 4e0bde9
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 8 deletions.
diff --git a/esignet-core/src/main/java/io/mosip/esignet/core/constants/ErrorConstants.java b/esignet-core/src/main/java/io/mosip/esignet/core/constants/ErrorConstants.java
@@ -45,6 +45,7 @@ public class ErrorConstants {
     public static final String INVALID_CHALLENGE="invalid_challenge";
     public static final String INVALID_STATUS = "invalid_status";
     public static final String INVALID_AUTH_CODE = "invalid_auth_code";
+    public static final String INVALID_ID_TOKEN_HINT= "invalid_id_token_hint";
     public static final String AUTH_FACTOR_MISMATCH = "auth_factor_mismatch";
     public static final String UNSUPPORTED_ID_FORMAT = "unsupported_id_format";
     public static final String LINK_CODE_GEN_FAILED = "link_code_gen_failed";

diff --git a/oidc-service-impl/src/main/java/io/mosip/esignet/services/AuthorizationServiceImpl.java b/oidc-service-impl/src/main/java/io/mosip/esignet/services/AuthorizationServiceImpl.java
@@ -166,26 +166,29 @@ public OAuthDetailResponseV2 getOauthDetailsV2(OAuthDetailRequestV2 oauthDetailR
 
     @Override
     public OAuthDetailResponseV2 getOauthDetailsV3(OAuthDetailRequestV3 oauthDetailReqDto, HttpServletRequest httpServletRequest) throws EsignetException {
+        if (oauthDetailReqDto.getIdTokenHint() == null || oauthDetailReqDto.getIdTokenHint().isEmpty()) {
+            throw new EsignetException(ErrorConstants.INVALID_ID_TOKEN_HINT);
+        }
         String subject = getSubject(oauthDetailReqDto.getIdTokenHint());
         boolean isCookiePresent = Arrays.stream(httpServletRequest.getCookies()).anyMatch(x -> x.getName().equals(subject));
         if (!isCookiePresent) {
-            throw new EsignetException("unknown_id_token_hint");
+            throw new EsignetException(ErrorConstants.INVALID_ID_TOKEN_HINT);
         }
         return getOauthDetailsV2(oauthDetailReqDto);
     }
 
     private String getSubject(String idTokenHint) {
         String[] jwtParts = idTokenHint.split("\\.");
-        String payload = new String(Base64.getDecoder().decode(jwtParts[1]));
-        JSONObject payloadJson = null;
-        String subject;
+        if (jwtParts.length != 3) {
+            throw new EsignetException(ErrorConstants.INVALID_ID_TOKEN_HINT);
+        }
         try {
-            payloadJson = new JSONObject(payload);
-            subject = payloadJson.getString("sub");
+            String payload = new String(Base64.getDecoder().decode(jwtParts[1]));
+            JSONObject payloadJson = new JSONObject(payload);
+            return payloadJson.getString("sub");
         } catch (JSONException e) {
-            throw new EsignetException("unknown_id_token_hint");
+            throw new EsignetException(ErrorConstants.INVALID_ID_TOKEN_HINT);
         }
-        return subject;
     }
 
     @Override