Forward Entitlements Exception Message

storage-core/src/main/java/org/opengroup/osdu/storage/service/EntitlementsAndCacheServiceImpl.java

@@ -14,6 +14,9 @@
 
 package org.opengroup.osdu.storage.service;
 
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import com.lambdaworks.redis.RedisException;
 import org.apache.http.HttpStatus;
 import org.opengroup.osdu.core.common.cache.ICache;
@@ -31,6 +34,8 @@ import org.opengroup.osdu.core.common.util.Crc32c;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import javax.xml.bind.DataBindingException;
+import java.io.IOException;
 import java.util.ArrayList;
 import java.util.HashSet;
 import java.util.List;
@@ -54,6 +59,8 @@ public class EntitlementsAndCacheServiceImpl implements IEntitlementsExtensionSe
     @Autowired
     private JaxRsDpsLog logger;
 
+    private ObjectMapper objectMapper = new ObjectMapper();
+
     @Override
     public String authorize(DpsHeaders headers, String... roles) {
         Groups groups = this.getGroups(headers);
@@ -160,7 +167,8 @@ public class EntitlementsAndCacheServiceImpl implements IEntitlementsExtensionSe
             } catch (EntitlementsException e) {
                 HttpResponse response = e.getHttpResponse();
                 this.logger.error(String.format("Error requesting entitlements service %s", response));
-                throw new AppException(e.getHttpResponse().getResponseCode(), ERROR_REASON, ERROR_MSG, e);
+                String errorMessage = this.deserializeErrorMessage(response.getBody());
+                throw new AppException(e.getHttpResponse().getResponseCode(), ERROR_REASON, errorMessage, e);
             } catch (RedisException ex) {
                 this.logger.error(String.format("Error putting key %s into redis: %s", cacheKey, ex.getMessage()), ex);
             }
@@ -168,6 +176,19 @@ public class EntitlementsAndCacheServiceImpl implements IEntitlementsExtensionSe
         return groups;
     }
 
+    private String deserializeErrorMessage(String response) {
+        try {
+            JsonNode rootNode = objectMapper.readTree(response);
+            JsonNode message = rootNode.get("message");
+            if (message == null) {
+                return ERROR_MSG;
+            }
+            return message.asText();
+        } catch (IOException | DataBindingException e) {
+            return ERROR_MSG;
+        }
+    }
+
     protected static String getGroupCacheKey(DpsHeaders headers) {
         String key = String.format("entitlement-groups:%s:%s", headers.getPartitionIdWithFallbackToAccountId(),
                 headers.getAuthorization());

storage-core/src/test/java/org/opengroup/osdu/storage/service/EntitlementsAndCacheServiceImplTest.java

@@ -151,6 +151,7 @@ public class EntitlementsAndCacheServiceImplTest {
 
         HttpResponse response = mock(HttpResponse.class);
         when(response.getResponseCode()).thenReturn(HttpStatus.SC_INTERNAL_SERVER_ERROR);
+        when(response.getBody()).thenReturn("{\"code\":500,\"reason\":\"Access denied\",\"message\":\"The user is not authorized to perform this action\"}");
 
         EntitlementsException expectedException = new EntitlementsException(ERROR_MSG, response);
 
@@ -169,6 +170,33 @@ public class EntitlementsAndCacheServiceImplTest {
         }
     }
 
+    @Test
+    public void should_throwAppExceptionAndPropagateMessage_when_entitlementExceptionHappens() throws EntitlementsException {
+
+        final String ERROR_MSG = "FATAL ERROR";
+
+        HttpResponse response = mock(HttpResponse.class);
+        when(response.getResponseCode()).thenReturn(HttpStatus.SC_FORBIDDEN);
+        when(response.getBody()).thenReturn("{\"code\":403,\n" +
+                "\"reason\":\"Access denied\",\"message\":\"Invalid data partition id\"}");
+
+        EntitlementsException expectedException = new EntitlementsException(ERROR_MSG, response);
+
+        when(this.entitlementService.getGroups()).thenThrow(expectedException);
+
+        try {
+            this.sut.authorize(this.headers, "role3");
+
+            fail("Should not succeed");
+        } catch (AppException e) {
+            assertEquals(HttpStatus.SC_FORBIDDEN, e.getError().getCode());
+            assertEquals("Access denied", e.getError().getReason());
+            assertEquals("Invalid data partition id", e.getError().getMessage());
+        } catch (Exception e) {
+            fail("Should not get different exception");
+        }
+    }
+
     @Test
     public void should_getGroupsFromCache_when_requestHashIsFoundInCache() throws EntitlementsException {