Improve linked error response

backend/core/src/Core.API/ResponseHandling/PublicKeyLinkedMiddleware.cs

@@ -2,10 +2,12 @@
 // under the Apache License, Version 2.0. See the NOTICE file at the root
 // of this distribution or at http://www.apache.org/licenses/LICENSE-2.0
 
-using Core.Domain.Repositories;
 using System.Net;
 using System.Security.Claims;
 using System.Security.Principal;
+using Core.Domain.Exceptions;
+using Core.Domain.Repositories;
+using Core.Presentation.Models;
 
 namespace Core.API.ResponseHandling;
 
@@ -17,13 +19,16 @@ public class PublicKeyLinkedMiddleware
 {
     private readonly ICustomerDeviceRepository _customerDeviceRepository;
     private readonly RequestDelegate _next;
+    private readonly ILogger<PublicKeyLinkedMiddleware> _logger;
 
     public PublicKeyLinkedMiddleware(
         ICustomerDeviceRepository customerDeviceRepository,
-        RequestDelegate next)
+        RequestDelegate next,
+        ILogger<PublicKeyLinkedMiddleware> logger)
     {
         _customerDeviceRepository = customerDeviceRepository;
         _next = next;
+        _logger = logger;
     }
 
     public async Task Invoke(HttpContext context)
@@ -41,10 +46,9 @@ public async Task Invoke(HttpContext context)
             if (customerDevices is null
                 || customerDevices.PublicKeys.All(keys => keys.PublicKey != pubKey))
             {
-                // TODO: make this a custom error
-
-                context.Response.StatusCode = (int)HttpStatusCode.Forbidden;
-                await context.Response.WriteAsync("Public key not linked to user");
+                _logger.LogError("Public key not linked to user");
+                var customErrors = new CustomErrors(new CustomError("Forbidden", "Unknown public-key", "x-public-key"));
+                await WriteCustomErrors(context.Response, customErrors, (int)HttpStatusCode.Forbidden);
                 return;
             }
         }
@@ -83,4 +87,14 @@ private static bool SkipEndpoint(HttpContext context)
         return context.Request.Path.StartsWithSegments("/health")
                || excludeList.Contains(endpointName);
     }
+
+    private static async Task WriteCustomErrors(HttpResponse httpResponse, CustomErrors customErrors, int statusCode)
+    {
+        httpResponse.StatusCode = statusCode;
+        httpResponse.ContentType = "application/json";
+
+        var response = CustomErrorsResponse.FromCustomErrors(customErrors);
+        var json = System.Text.Json.JsonSerializer.Serialize(response);
+        await httpResponse.WriteAsync(json);
+    }
 }

backend/core/tests/Core.APITests/ResponseHandlingTests/PublicKeyLinkedMiddlewareTests.cs

@@ -87,7 +87,7 @@ public async Task Verify_Returns_Forbidden()
         var response = await client.GetAsync("/verify");
 
         var responseString = await response.Content.ReadAsStringAsync();
-        Assert.AreEqual("Public key not linked to user",
+        Assert.AreEqual("""{"Errors":[{"Code":"Forbidden","Message":"Unknown public-key","Target":"x-public-key"}]}""",
             responseString);
         Assert.AreEqual(HttpStatusCode.Forbidden, response.StatusCode);
     }
@@ -100,7 +100,7 @@ public async Task Verify_Returns_Ok()
         var response = await client.GetAsync("/verify");
 
         var responseString = await response.Content.ReadAsStringAsync();
-        Assert.AreEqual("Public key not linked to user",
+        Assert.AreEqual("""{"Errors":[{"Code":"Forbidden","Message":"Unknown public-key","Target":"x-public-key"}]}""",
             responseString);
         Assert.AreEqual(HttpStatusCode.Forbidden, response.StatusCode);
     }