[ALS-4981] Validate UUID passed to OpenAuthenticationService.authenti…

…cate
hms-dbmi · Sep 14, 2023 · a3253c8 · a3253c8
1 parent 05371e3
commit a3253c8
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/.../main/java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OpenAuthenticationService.java b/.../main/java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OpenAuthenticationService.java
@@ -36,8 +36,14 @@ public Response authenticate(Map<String, String> authRequest) {
 
         // Try to get the user by UUID
         if (StringUtils.isNotBlank(userUUID)) {
-            UUID uuid = UUID.fromString(userUUID);
-            current_user = userRepository.findByUUID(uuid);
+            try {
+                UUID uuid = UUID.fromString(userUUID);
+                current_user = userRepository.findByUUID(uuid);
+            } catch (IllegalArgumentException e) {
+                logger.error("Invalid UUID: " + userUUID);
+                // If we reach this the database could have been restarted and the UUID is no longer valid
+                // We will create a new user
+            }
         }
 
         // If we can't find the user by UUID, create a new one