Merge pull request #689 from microsoftgraph/bugfix/error-payload-verbosity

- fixes a bug where the errors would log sensitive payload information when not set to verbose

Author: baywet

src/main/java/com/microsoft/graph/http/GraphServiceException.java

@@ -1,16 +1,16 @@
 // ------------------------------------------------------------------------------
 // Copyright (c) 2017 Microsoft Corporation
-// 
+//
 // Permission is hereby granted, free of charge, to any person obtaining a copy
 // of this software and associated documentation files (the "Software"), to deal
 // in the Software without restriction, including without limitation the rights
 // to use, copy, modify, merge, publish, distribute, sub-license, and/or sell
 // copies of the Software, and to permit persons to whom the Software is
 // furnished to do so, subject to the following conditions:
-// 
+//
 // The above copyright notice and this permission notice shall be included in
 // all copies or substantial portions of the Software.
-// 
+//
 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -174,7 +174,7 @@ public String getResponseMessage() {
     public String getMessage() {
         return getMessage(verbose);
     }
-    
+
     /**
      * Gets the HTTP status code
      *
@@ -215,7 +215,7 @@ public String getMethod() {
     public String getUrl() {
         return url;
     }
-    
+
     /**
      * Gets the request headers
      * @return the request headers
@@ -255,12 +255,7 @@ public String getMessage(final boolean verbose) {
             if (verbose) {
                 sb.append(requestBody);
             } else {
-                final int bodyLength = Math.min(MAX_BREVITY_LENGTH, requestBody.length());
-                final String truncatedBody = requestBody.substring(0, bodyLength);
-                sb.append(truncatedBody);
-                if (truncatedBody.length() == MAX_BREVITY_LENGTH) {
-                    sb.append(TRUNCATION_MARKER);
-                }
+                sb.append(TRUNCATION_MARKER);
             }
         }
         sb.append(NEW_LINE).append(NEW_LINE);
@@ -402,7 +397,7 @@ public static <T> GraphServiceException createFromConnection(final IHttpRequest
                 error,
                 isVerbose);
     }
-    
+
     /**
      * Creates a Graph service exception from a given failed HTTP request
      *

src/main/java/com/microsoft/graph/requests/extensions/ChunkedUploadResult.java

@@ -66,7 +66,7 @@ public ChunkedUploadResult(ClientException error) {
      * @param exception The exception received from server.
      */
     public ChunkedUploadResult(GraphServiceException exception) {
-        this(new ClientException(exception.getMessage(/* verbose */ true), exception));
+        this(new ClientException(exception.getMessage(), exception));
     }
 
     /**
@@ -122,4 +122,4 @@ public UploadSession getSession() {
     public ClientException getError() {
         return this.error;
     }
-}
+}

src/test/java/com/microsoft/graph/http/GraphServiceExceptionTests.java

@@ -31,7 +31,7 @@ public void testError() {
         assertTrue(message.indexOf("truncated") > 0);
         assertEquals(error,exception.getServiceError());
     }
-	
+
 	@Test
 	public void testVerboseError() {
 		GraphErrorResponse errorResponse = new GraphErrorResponse();
@@ -82,7 +82,7 @@ public Map<String, String> getHeaders() {
         assertTrue(message.indexOf("Error code: Unable to parse error response message") == 0);
         assertTrue(message.indexOf("http://localhost") > 0);
     }
-	
+
 	@Test
 	public void testNullConnection() {
 		DefaultLogger logger = new DefaultLogger();
@@ -124,5 +124,24 @@ public InputStream getInputStream() throws IOException {
         assertTrue(message.indexOf("Error code: Unable to parse error response message") == 0);
         assertTrue(message.indexOf("http://localhost") > 0);
     }
-
+    @Test
+    public void requestPayloadShouldNotBePartOfMessageWhenNotVerbose(){
+        final GraphErrorResponse errorResponse = new GraphErrorResponse();
+        final GraphError error = new GraphError();
+        error.code = GraphErrorCodes.UNAUTHENTICATED.toString();
+        errorResponse.error = error;
+        final GraphServiceException exception = new GraphServiceException(null,null,new ArrayList<String>(),"requestPayload",401,"Unauthorized",new ArrayList<String>(),errorResponse, false);
+        final String message = exception.getMessage();
+        assertFalse(message.indexOf("requestPayload") > 0);
+    }
+    @Test
+    public void requestPayloadShouldBePartOfMessageWhenVerbose(){
+        final GraphErrorResponse errorResponse = new GraphErrorResponse();
+        final GraphError error = new GraphError();
+        error.code = GraphErrorCodes.UNAUTHENTICATED.toString();
+        errorResponse.error = error;
+        final GraphServiceException exception = new GraphServiceException(null,null,new ArrayList<String>(),"requestPayload",401,"Unauthorized",new ArrayList<String>(),errorResponse, true);
+        final String message = exception.getMessage();
+        assertTrue(message.indexOf("requestPayload") > 0);
+    }
 }