[jira] Commented: (SHINDIG-935) Gadget authentication failure causes javascript error in jsonrpccontainer.js

Mon, 09 Mar 2009 07:21:14 -0700 

    [ 
https://issues.apache.org/jira/browse/SHINDIG-935?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12680155#action_12680155
 ] 

Chris Chabot commented on SHINDIG-935:
--------------------------------------

I've posted the following message to shindig-dev, i'll await the response there 
before taking action:

I'm wondering if this is an error in the jsonrpccontainer.js or in my 
implementation of the RPC protocol.

If an error occurred (for instance, an invalid or empty security token) php 
shindig will return a '200 OK' with the error code and message in the json 
structure. However this breaks the jsonrpccontainer because it thinks the 
requested completed ok, and assumes the presence of a response object. However 
no response object is set, only an error code and message, thus causing 
javascript errors.

Since with RPC there can be multiple responses, setting the HTTP error code 
seems illogical, the meta request completed ok, nor would there be a 
predictable way of determining exactly which http code of which batched request 
to use :)


> Gadget authentication failure causes javascript error in  jsonrpccontainer.js
> -----------------------------------------------------------------------------
>
>                 Key: SHINDIG-935
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-935
>             Project: Shindig
>          Issue Type: Bug
>          Components: PHP
>    Affects Versions: trunk
>            Reporter: Justin Mitchell
>            Priority: Minor
>
> When a RPC call is made to the server, JsonRpcServlet checks the security 
> token, if the token is null an error is returned to the client in the form of 
> a json message i.e. {"code":401,"message":"The request did not have a proper 
> security token nor oauth message and unauthenticated
>  requests are not allowed"}}. When sendResponse in jsonrpccontainer.js is 
> called there is an error on this line: if (request.key && response.id != 
> request.key) { because the response object is undefined.
> To stop this error occurring and for an error to be returned to the caller, I 
> set the HTTP header in JsonRpcServlet to return HTTP status code 401. This 
> causes the function hadError in io.js to call sendResponse with the errors 
> array of the result set, which stops the above code being called and in turn 
> calls JsonRpcContainer.generateErrorResponse. So in the end an error is 
> returned to the callback function. 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to