Re: DirectClient UnsupportedOperationException

[Jérôme LELEU]

Hi,

Please open a PR for any change or bugfix with complete stack traces.

Thanks.

Best regards,

Jérôme

Le jeu. 28 nov. 2024 à 06:55, rayacode <maso...@gmail.com> a écrit :

If anynonymousclient tries too access logout end it will face UnsupportedOperationException which also leads to 500 err in prod mode if it's not handled
there is two way, first there is no point to return Optional of RedirectionAction in direct client. we can directly create unauthorized http aciton right there in direct client and return it which in turn can confuse dev and make it hard for dev to find problem so By throwing an UnsupportedOperationException, the library clearly signals that these operations are not supported for DirectClient. This prevents misuse and confusion.so we only change returning type of overrided methods in DirectClient to none final HttpAction this way we can overide them inside AnonymousClient instead and return unauth rather server error.
second way is two check for if client is instanse of DirectClient in DefaultLogoutLogic. then create unauthorized and return.

please check last three commits in my forked pac4j in this address

https://github.com/rayacode/pac4j/tree/master

--
You received this message because you are subscribed to the Google Groups "Pac4j development mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pac4j-dev+...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/pac4j-dev/755f3271-82f0-407d-87a6-fabae35a8da7n%40googlegroups.com.