exception handling for rest services

2014-08-09 20:11:20 -04:00 · 2014-08-09 20:11:20 -04:00 · 897e47f926
commit 897e47f926
parent c306e338db
4 changed files with 53 additions and 5 deletions
--- a/java/org/owasp/webgoat/service/BaseService.java
+++ b/java/org/owasp/webgoat/service/BaseService.java
@ -3,10 +3,14 @@
 * To change this template file, choose Tools | Templates
 * and open the template in the editor.
 */
-
 package org.owasp.webgoat.service;

+import javax.servlet.http.HttpServletRequest;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.bind.annotation.ResponseStatus;

 /**
 *
@ -15,4 +19,16 @@ import org.springframework.web.bind.annotation.RequestMapping;
@RequestMapping("/service")
 public abstract class BaseService {

+    @ExceptionHandler(Exception.class)
+    @ResponseStatus(value = HttpStatus.I_AM_A_TEAPOT)
+    public @ResponseBody
+    ExceptionInfo handleException(HttpServletRequest request, Exception ex) {
+
+        ExceptionInfo response = new ExceptionInfo();
+        response.setUrl(request.getRequestURL().toString());
+        response.setMessage(ex.getMessage());
+
+        return response;
+    }
+
 }
--- a/java/org/owasp/webgoat/service/ExceptionInfo.java
+++ b/java/org/owasp/webgoat/service/ExceptionInfo.java
@ -0,0 +1,32 @@
+/*
+ * To change this license header, choose License Headers in Project Properties.
+ * To change this template file, choose Tools | Templates
+ * and open the template in the editor.
+ */
+package org.owasp.webgoat.service;
+
+/**
+ *
+ * @author rlawson
+ */
+public class ExceptionInfo {
+
+    private String url;
+    private String message;
+
+    public String getUrl() {
+        return url;
+    }
+
+    public void setUrl(String url) {
+        this.url = url;
+    }
+
+    public String getMessage() {
+        return message;
+    }
+
+    public void setMessage(String message) {
+        this.message = message;
+    }
+}
--- a/java/org/owasp/webgoat/service/HintService.java
+++ b/java/org/owasp/webgoat/service/HintService.java
@ -35,7 +35,7 @@ public class HintService extends BaseService {
        WebSession ws;
        Object o = session.getAttribute(WebSession.SESSION);
        if (o == null || !(o instanceof WebSession)) {
-            return null;
+            throw new IllegalArgumentException("No valid session object found, has session timed out?");
        }
        ws = (WebSession) o;
        AbstractLesson l = ws.getCurrentLesson();
--- a/java/org/owasp/webgoat/service/LessonMenuService.java
+++ b/java/org/owasp/webgoat/service/LessonMenuService.java
@ -35,12 +35,12 @@ public class LessonMenuService extends BaseService {
    @RequestMapping(value = "/lessonmenu.mvc", produces = "application/json")
    public @ResponseBody
    List<LessonMenuItem> showLeftNav(HttpSession session) {
-        //TODO - need Links, rank, title
+        if(true) throw new IllegalArgumentException("No valid session object found, has session timed out?");
        List<LessonMenuItem> menu = new ArrayList<LessonMenuItem>();
        WebSession ws;
        Object o = session.getAttribute(WebSession.SESSION);
        if (o == null || !(o instanceof WebSession)) {
-            return null;
+            throw new IllegalArgumentException("No valid session object found, has session timed out?");
        }
        ws = (WebSession) o;
        AbstractLesson l = ws.getCurrentLesson();