Fix bug which caused exceptions when attempting to redirect to the console login page

When the registrar console code determines that a user has not logged in, it redirects to a login page. But when authenticating as an internal request (which should never happen), the redirection code encountered an exception, resulting in a 500 error. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=163867018
2025-07-11 21:48:18 +02:00 · 2017-08-01 12:21:13 -07:00 · 2017-08-01 12:21:13 -07:00 · 5fefa8906d
commit 5fefa8906d
parent 2a29ada032
2 changed files with 33 additions and 1 deletions
--- a/java/google/registry/ui/server/registrar/ConsoleUiAction.java
+++ b/java/google/registry/ui/server/registrar/ConsoleUiAction.java
@ -82,7 +82,19 @@ public final class ConsoleUiAction implements Runnable {
  public void run() {
    if (!authResult.userAuthInfo().isPresent()) {
      response.setStatus(SC_MOVED_TEMPORARILY);
-      response.setHeader(LOCATION, userService.createLoginURL(req.getRequestURI()));
+      String location;
+      try {
+        location = userService.createLoginURL(req.getRequestURI());
+      } catch (IllegalArgumentException e) {
+        // UserServiceImpl.createLoginURL() throws IllegalArgumentException if underlying API call
+        // returns an error code of NOT_ALLOWED. createLoginURL() assumes that the error is caused
+        // by an invalid URL. But in fact, the error can also occur if UserService doesn't have any
+        // user information, which happens when the request has been authenticated as internal. In
+        // this case, we want to avoid dying before we can send the redirect, so just redirect to
+        // the root path.
+        location = "/";
+      }
+      response.setHeader(LOCATION, location);
      return;
    }
    User user = authResult.userAuthInfo().get().user();
--- a/javatests/google/registry/ui/server/registrar/ConsoleUiActionTest.java
+++ b/javatests/google/registry/ui/server/registrar/ConsoleUiActionTest.java
@ -14,7 +14,9 @@

 package google.registry.ui.server.registrar;

+import static com.google.common.net.HttpHeaders.LOCATION;
 import static com.google.common.truth.Truth.assertThat;
+import static javax.servlet.http.HttpServletResponse.SC_MOVED_TEMPORARILY;
 import static org.mockito.Matchers.any;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
@ -112,4 +114,22 @@ public class ConsoleUiActionTest {
    action.run();
    assertThat(response.getPayload()).contains("<h1>You need permission</h1>");
  }
+
+  @Test
+  public void testNoUser_redirect() throws Exception {
+    when(request.getRequestURI()).thenReturn("/test");
+    action.authResult = AuthResult.NOT_AUTHENTICATED;
+    action.run();
+    assertThat(response.getStatus()).isEqualTo(SC_MOVED_TEMPORARILY);
+    assertThat(response.getHeaders().get(LOCATION)).isEqualTo("/_ah/login?continue=%2Ftest");
+  }
+
+  @Test
+  public void testNoUserInformationAtAll_redirectToRoot() throws Exception {
+    when(request.getRequestURI()).thenThrow(new IllegalArgumentException());
+    action.authResult = AuthResult.NOT_AUTHENTICATED;
+    action.run();
+    assertThat(response.getStatus()).isEqualTo(SC_MOVED_TEMPORARILY);
+    assertThat(response.getHeaders().get(LOCATION)).isEqualTo("/");
+  }
 }