small changes, prepare v1.5.0

nilsbehlen · nilsbehlen · commit 125990d9d5a7 · 2025-10-20T12:51:05.000+02:00
diff --git a/pom.xml b/pom.xml
@@ -5,7 +5,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>org.privacyidea</groupId>
     <artifactId>privacyidea-java-client</artifactId>
-    <version>1.4.0</version>
+    <version>1.5.0</version>
     <packaging>jar</packaging>
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@@ -83,16 +83,16 @@
             <version>4.13.2</version>
             <scope>test</scope>
         </dependency>
-        <dependency>
-            <groupId>com.squareup.okhttp3</groupId>
-            <artifactId>okhttp</artifactId>
-            <version>4.12.0</version>
-        </dependency>
         <dependency>
             <groupId>org.jetbrains.kotlin</groupId>
             <artifactId>kotlin-stdlib</artifactId>
             <version>1.9.0</version>
         </dependency>
+        <dependency>
+            <groupId>com.squareup.okhttp3</groupId>
+            <artifactId>okhttp</artifactId>
+            <version>4.12.0</version>
+        </dependency>
         <dependency>
             <groupId>com.squareup.okio</groupId>
             <artifactId>okio</artifactId>
diff --git a/src/main/java/org/privacyidea/AsyncRequestCallable.java b/src/main/java/org/privacyidea/AsyncRequestCallable.java
@@ -24,6 +24,7 @@
 import okhttp3.Call;
 import okhttp3.Callback;
 import okhttp3.Response;
+import okhttp3.ResponseBody;
 import org.jetbrains.annotations.NotNull;
 
 import static org.privacyidea.PIConstants.ENDPOINT_AUTH;
@@ -76,15 +77,23 @@ public void onFailure(@NotNull Call call, @NotNull IOException e)
     @Override
     public void onResponse(@NotNull Call call, @NotNull Response response) throws IOException
     {
-        if (response.body() != null)
+        // The body of the response can be in `body()` for success cases or in `errorBody()` for error cases.
+        // We need to handle both and ensure the body is closed to prevent resource leaks.
+        // The body can only be consumed once.
+        try (ResponseBody responseBody = response.body())
         {
-            String s = response.body().string();
-            if (!privacyIDEA.logExcludedEndpoints().contains(path) && !ENDPOINT_AUTH.equals(path))
+            if (responseBody != null)
             {
-                privacyIDEA.log(path + ":\n" + privacyIDEA.parser.formatJson(s));
+                String s = responseBody.string();
+                if (!privacyIDEA.logExcludedEndpoints().contains(path))
+                {
+                    privacyIDEA.log(path + " (" + response.code() + "):\n" + privacyIDEA.parser.formatJson(s));
+                }
+                callbackResult[0] = s;
             }
-            callbackResult[0] = s;
         }
-        latch.countDown();
+        finally {
+            latch.countDown();
+        }
     }
 }
diff --git a/src/main/java/org/privacyidea/JSONParser.java b/src/main/java/org/privacyidea/JSONParser.java
@@ -73,6 +73,7 @@
 import static org.privacyidea.PIConstants.TIME;
 import static org.privacyidea.PIConstants.TOKEN;
 import static org.privacyidea.PIConstants.TOKENS;
+import static org.privacyidea.PIConstants.TOKEN_TYPE_PASSKEY;
 import static org.privacyidea.PIConstants.TOKEN_TYPE_WEBAUTHN;
 import static org.privacyidea.PIConstants.TRANSACTION_ID;
 import static org.privacyidea.PIConstants.TYPE;
@@ -277,6 +278,7 @@ else if ("interactive".equals(modeFromResponse))
                                     });
             }
 
+            // Multichallenge
             JsonArray arrChallenges = detail.getAsJsonArray(MULTI_CHALLENGE);
             if (arrChallenges != null)
             {
@@ -311,6 +313,10 @@ else if ("interactive".equals(modeFromResponse))
                             webauthnSignRequests.add(webauthnSignRequest);
                         }
                     }
+                    else if (TOKEN_TYPE_PASSKEY.equals(type))
+                    {
+                        response.passkeyChallenge = challenge.toString();
+                    }
                     else
                     {
                         response.multiChallenge.add(new Challenge(serial, message, clientMode, image, transactionID, type));
diff --git a/src/main/java/org/privacyidea/PIResponse.java b/src/main/java/org/privacyidea/PIResponse.java
@@ -124,6 +124,17 @@ public String pushTransactionId() {
         return null;
     }
 
+    public boolean hasChallenges()
+    {
+        return (multiChallenge != null && !multiChallenge.isEmpty()) ||
+               isNotBlank(mergedSignRequest()) ||
+               isNotBlank(passkeyChallenge);
+    }
+
+    private boolean isNotBlank(String str) {
+        return str != null && !str.trim().isEmpty();
+    }
+
     /**
      * Get the messages of all token that require an input field (HOTP, TOTP, SMS, Email...) reduced to a single string.
      *

Original file line number	Diff line number	Diff line change
`@@ -24,6 +24,7 @@`
`24`	`24`	`import okhttp3.Call;`
`25`	`25`	`import okhttp3.Callback;`
`26`	`26`	`import okhttp3.Response;`
	`27`	`+import okhttp3.ResponseBody;`
`27`	`28`	`import org.jetbrains.annotations.NotNull;`
`28`	`29`
`29`	`30`	`import static org.privacyidea.PIConstants.ENDPOINT_AUTH;`
`@@ -76,15 +77,23 @@ public void onFailure(@NotNull Call call, @NotNull IOException e)`
`76`	`77`	`@Override`
`77`	`78`	`public void onResponse(@NotNull Call call, @NotNull Response response) throws IOException`
`78`	`79`	`{`
`79`		`- if (response.body() != null)`
	`80`	+ // The body of the response can be in `body()` for success cases or in `errorBody()` for error cases.
	`81`	`+ // We need to handle both and ensure the body is closed to prevent resource leaks.`
	`82`	`+ // The body can only be consumed once.`
	`83`	`+ try (ResponseBody responseBody = response.body())`
`80`	`84`	`{`
`81`		`- String s = response.body().string();`
`82`		`- if (!privacyIDEA.logExcludedEndpoints().contains(path) && !ENDPOINT_AUTH.equals(path))`
	`85`	`+ if (responseBody != null)`
`83`	`86`	`{`
`84`		`- privacyIDEA.log(path + ":\n" + privacyIDEA.parser.formatJson(s));`
	`87`	`+ String s = responseBody.string();`
	`88`	`+ if (!privacyIDEA.logExcludedEndpoints().contains(path))`
	`89`	`+ {`
	`90`	`+ privacyIDEA.log(path + " (" + response.code() + "):\n" + privacyIDEA.parser.formatJson(s));`
	`91`	`+ }`
	`92`	`+ callbackResult[0] = s;`
`85`	`93`	`}`
`86`		`- callbackResult[0] = s;`
`87`	`94`	`}`
`88`		`- latch.countDown();`
	`95`	`+ finally {`
	`96`	`+ latch.countDown();`
	`97`	`+ }`
`89`	`98`	`}`
`90`	`99`	`}`
Original file line number	Diff line number	Diff line change
`@@ -73,6 +73,7 @@`
`73`	`73`	`import static org.privacyidea.PIConstants.TIME;`
`74`	`74`	`import static org.privacyidea.PIConstants.TOKEN;`
`75`	`75`	`import static org.privacyidea.PIConstants.TOKENS;`
	`76`	`+import static org.privacyidea.PIConstants.TOKEN_TYPE_PASSKEY;`
`76`	`77`	`import static org.privacyidea.PIConstants.TOKEN_TYPE_WEBAUTHN;`
`77`	`78`	`import static org.privacyidea.PIConstants.TRANSACTION_ID;`
`78`	`79`	`import static org.privacyidea.PIConstants.TYPE;`
`@@ -277,6 +278,7 @@ else if ("interactive".equals(modeFromResponse))`
`277`	`278`	`});`
`278`	`279`	`}`
`279`	`280`
	`281`	`+ // Multichallenge`
`280`	`282`	`JsonArray arrChallenges = detail.getAsJsonArray(MULTI_CHALLENGE);`
`281`	`283`	`if (arrChallenges != null)`
`282`	`284`	`{`
`@@ -311,6 +313,10 @@ else if ("interactive".equals(modeFromResponse))`
`311`	`313`	`webauthnSignRequests.add(webauthnSignRequest);`
`312`	`314`	`}`
`313`	`315`	`}`
	`316`	`+ else if (TOKEN_TYPE_PASSKEY.equals(type))`
	`317`	`+ {`
	`318`	`+ response.passkeyChallenge = challenge.toString();`
	`319`	`+ }`
`314`	`320`	`else`
`315`	`321`	`{`
`316`	`322`	`response.multiChallenge.add(new Challenge(serial, message, clientMode, image, transactionID, type));`