sergehuber opened a new pull request, #771: URL: https://github.com/apache/unomi/pull/771
**JIRA:** [UNOMI-928](https://issues.apache.org/jira/browse/UNOMI-928) — *Improve REST API error handling with dedicated exception mappers and enhanced logging* **Base:** `master` (standalone backport — not stacked) ## Summary Backport REST error-handling improvements from `unomi-3-dev` so Jackson deserialization failures are reported as client errors (HTTP 400) instead of leaking as HTTP 500, with sanitized request-context logging and consistent JSON error bodies. ## What changed - **New** `JsonMappingExceptionMapper` — maps `JsonMappingException` → `400 {"errorMessage":"badRequest"}` - **New** `InternalServerErrorExceptionMapper` — maps `InternalServerErrorException`; downgrades to `400 badRequest` when root cause is JSON deserialization (`JsonMappingException` / `JsonParseException`), otherwise `500 internalServerError` with detailed sanitized logging - **Updated** `RuntimeExceptionMapper` — enriched logging (request method/URI/query, root cause, WARN vs ERROR by cause type); response remains `500` (JSON causes only affect log level, not status) - **Refactor (DRY):** shared `AbstractRestExceptionMapper` (request context, root cause, standard JSON responses) and `LogSanitizer` (log-injection defenses, length limits) - **Tests:** `RestExceptionMapperTest` (6) and `LogSanitizerTest` (7); adds `junit-jupiter` test dependency to `rest/pom.xml` All mappers register via existing `@Provider` + `@Component(service = ExceptionMapper.class)` — no blueprint/feature wiring changes. ## Behavior notes for reviewers | Exception / path | HTTP status | Response body | |---|---|---| | `JsonMappingException` (direct) | 400 | `{"errorMessage":"badRequest"}` | | `InternalServerErrorException` with JSON deserialization root cause | 400 | `{"errorMessage":"badRequest"}` | | `InternalServerErrorException` with non-JSON root cause | 500 | `{"errorMessage":"internalServerError"}` | | `RuntimeException` (including JSON root cause) | 500 | `{"errorMessage":"internalServerError"}` | Existing validation paths (`InvalidRequestExceptionMapper`, schema validation on custom deserializers) are unchanged and may still return different 400 bodies (plain text) before these mappers apply. ## Out of scope / follow-up - **`ItemDeserializer` robustness gap:** malformed non-object `Item` JSON (e.g. `"source":"string"`) still throws `ClassCastException` → 500 via `RuntimeExceptionMapper`. Present in `unomi-3-dev` too; candidate for a separate JIRA (not part of this backport). - No integration test added: public endpoints hit custom deserializers/schema validation first, so mapper contract is covered by unit tests instead. ## Test plan - [x] `mvn -pl rest -am test -Dtest='RestExceptionMapperTest,LogSanitizerTest' -Dsurefire.failIfNoSpecifiedTests=false` - [x] Full `./build.sh` / integration test suite (reviewer) - [x] Manual smoke: POST malformed JSON to a REST endpoint that reaches Jackson directly → expect 400 `badRequest` where applicable -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
