The deserializeAsModel()
method performs some basic validation on the
submitted JSON. Your adapter probably needs to perform more validation and send an
AuthnError
to the API client if it finds any errors. Here is how the
TemplateRenderAdapter
validates the names of the provided user
attributes:
private void validateSubmittedAttributes(HttpServletRequest req, SubmitUserAttributes submitted) throws AuthnErrorException
{
if (apiSupport.isApiRequest(req))
{
List<AuthnErrorDetail> errorDetails = new ArrayList<>();
for (String attrName : submitted.getUserAttributes().keySet())
{
if (!extendedAttr.contains(attrName))
{
errorDetails.add(ErrorDetailSpec.INVALID_ATTRIBUTE_NAME.makeInstanceBuilder()
.message("Invalid attribute name: " + attrName).build());
}
}
if (!errorDetails.isEmpty())
{
AuthnError authnError = CommonErrorSpec.VALIDATION_ERROR.makeInstance();
authnError.setDetails(errorDetails);
throw new AuthnErrorException(authnError);
}
}
}