Use 400 and 401 error codes as OAuth2 documents, accept 400 as webfinger error code (#597)
This commit is contained in:
parent
91cf2f3a30
commit
1cc9c16b8c
|
@ -73,6 +73,7 @@ class AuthorizationView(LoginRequiredMixin, View):
|
|||
request,
|
||||
"api/oauth_error.html",
|
||||
{"error": f"Invalid response type '{response_type}'"},
|
||||
status=400,
|
||||
)
|
||||
|
||||
application = Application.objects.filter(
|
||||
|
@ -81,7 +82,10 @@ class AuthorizationView(LoginRequiredMixin, View):
|
|||
|
||||
if application is None:
|
||||
return render(
|
||||
request, "api/oauth_error.html", {"error": "Invalid client_id"}
|
||||
request,
|
||||
"api/oauth_error.html",
|
||||
{"error": "Invalid client_id"},
|
||||
status=400,
|
||||
)
|
||||
|
||||
if application.redirect_uris and redirect_uri not in application.redirect_uris:
|
||||
|
@ -89,6 +93,7 @@ class AuthorizationView(LoginRequiredMixin, View):
|
|||
request,
|
||||
"api/oauth_error.html",
|
||||
{"error": "Invalid application redirect URI"},
|
||||
status=401,
|
||||
)
|
||||
|
||||
context = {
|
||||
|
|
|
@ -697,7 +697,7 @@ class Identity(StatorModel):
|
|||
if (
|
||||
response
|
||||
and response.status_code < 500
|
||||
and response.status_code not in [401, 403, 404, 406, 410]
|
||||
and response.status_code not in [400, 401, 403, 404, 406, 410]
|
||||
):
|
||||
raise ValueError(
|
||||
f"Client error fetching webfinger: {response.status_code}",
|
||||
|
|
Loading…
Reference in New Issue