Fix up validation and error handling of sign up

datasprayio · Jan 5, 2024 · 7a91de9 · 7a91de9
1 parent 6d42d5f
commit 7a91de9
Showing 1 changed file with 7 additions and 4 deletions.
diff --git a/dataspray-stream-control/src/main/java/io/dataspray/stream/control/AuthNzResource.java b/dataspray-stream-control/src/main/java/io/dataspray/stream/control/AuthNzResource.java
@@ -121,6 +121,13 @@ public SignUpResponse signUp(SignUpRequest request) {
                     .build();
         }
 
+        // Pre-validate password as a parameter to Cognito, password policy will be evaluated by Cognito itself
+        // Password must match regex otherwise Cognito throws InvalidParameterException instead of InvalidPasswordException
+        if (!request.getPassword().matches("^[\\S]+.*[\\S]+$")) {
+            return SignUpResponse.builder()
+                    .errorMsg("Password is too short or contains spaces at the beginning or end.")
+                    .build();
+
         // Validate email address
         EmailValidResult emailValidationResult = emailValidator.check(request.getEmail());
         switch (emailValidationResult) {
@@ -153,10 +160,6 @@ public SignUpResponse signUp(SignUpRequest request) {
                     .build();
         } catch (TooManyRequestsException ex) {
             throw new ClientErrorException(429, ex);
-        } catch (NotAuthorizedException ex) {
-            return SignUpResponse.builder()
-                    .errorMsg("Email address appears to be a disposable email address, please contact support if this is a mistake.")
-                    .build();
         } catch (InvalidPasswordException ex) {
             return SignUpResponse.builder()
                     .errorMsg("Password must be at least 8 characters long, contain at least one uppercase letter, one lowercase letter, one number, and one special character. Password cannot be a common password or have common patterns.")