Move OAuth2 error messages to Resources.resx for localization#5357
Merged
mikaelweave merged 3 commits intopersonal/mikaelw/fix-415-error-handlingfrom Jan 28, 2026
Merged
Conversation
Co-authored-by: mikaelweave <[email protected]>
Co-authored-by: mikaelweave <[email protected]>
Contributor
Author
|
Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details. Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
Copilot
AI
changed the title
[WIP] Add RFC-compliant error handling for TokenIntrospectionController
Move OAuth2 error messages to Resources.resx for localization
Jan 28, 2026
mikaelweave
approved these changes
Jan 28, 2026
mikaelweave
merged commit 9953f52
into
personal/mikaelw/fix-415-error-handling
3 checks passed
mikaelweave
added a commit
that referenced
this pull request
Jan 28, 2026
) * Add support for UnsupportedMediaType error handling in FhirController * Add support for UnsupportedMediaType error handling in FhirController * Implement OAuth2 error handling and token introspection validation - Added OAuth2BadRequestException for handling bad request errors. - Introduced OAuth2ExceptionFilterAttribute to return RFC 6749 compliant error responses. - Updated TokenIntrospectionController to validate content type and token presence. - Enhanced TokenIntrospectionControllerTests to cover new validation scenarios. - Added documentation for token introspection examples. * Refactor authorization checks in TokenIntrospectionController to allow any data action for token introspection * Fix for local authority issues * Refactor authentication and authorization handling in DevelopmentIdentityProviderRegistrationExtensions and FhirServerServiceCollectionExtensions * Add authorization middleware to FhirServerApplicationBuilderExtensions and remove redundant authorization call from FhirServerServiceCollectionExtensions * Implement conditional authorization middleware for development identity provider * Remove redundant [Authorize] attribute from TokenIntrospectionController * Add script to generate runsettings for E2E tests and update .gitignore * Update Token Introspection examples and remove redundant authorization test * Remove unsupported media type handling and related resources * Fix security alert: Remove user input from log entry * Add sample requests for RFC 7662 Token Introspection endpoint * Move OAuth2 error messages to Resources.resx for localization (#5357) * Initial plan * Move error messages to Resources.resx for localization Co-authored-by: mikaelweave <[email protected]> * Add periods to error messages for consistency Co-authored-by: mikaelweave <[email protected]> --------- Co-authored-by: copilot-swe-agent[bot] <[email protected]> Co-authored-by: mikaelweave <[email protected]> --------- Co-authored-by: Copilot <[email protected]> Co-authored-by: mikaelweave <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Moves hardcoded OAuth2 error messages in
TokenIntrospectionControllertoResources.resxfor proper localization support.Changes:
OAuth2ContentTypeMustBeFormUrlEncodedandOAuth2TokenParameterRequiredresource stringsTokenIntrospectionControllerto reference resource strings instead of hardcoded valuesTokenIntrospectionControllerTeststo use resource string references in assertionsRelated issues
AB#181870
Testing
TokenIntrospectionControllerTestsverify error messages via resource stringsResources.OAuth2ContentTypeMustBeFormUrlEncodedandResources.OAuth2TokenParameterRequiredFHIR Team Checklist
Semver Change (docs)
Patch
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.