From 1cc9c16b8cadb498bd320e13affd6a3eaa4bd3ca Mon Sep 17 00:00:00 2001 From: Osma Ahvenlampi Date: Mon, 10 Jul 2023 19:19:20 +0300 Subject: [PATCH] Use 400 and 401 error codes as OAuth2 documents, accept 400 as webfinger error code (#597) --- api/views/oauth.py | 7 ++++++- users/models/identity.py | 2 +- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/api/views/oauth.py b/api/views/oauth.py index 4d3b213..a7d67d3 100644 --- a/api/views/oauth.py +++ b/api/views/oauth.py @@ -73,6 +73,7 @@ class AuthorizationView(LoginRequiredMixin, View): request, "api/oauth_error.html", {"error": f"Invalid response type '{response_type}'"}, + status=400, ) application = Application.objects.filter( @@ -81,7 +82,10 @@ class AuthorizationView(LoginRequiredMixin, View): if application is None: return render( - request, "api/oauth_error.html", {"error": "Invalid client_id"} + request, + "api/oauth_error.html", + {"error": "Invalid client_id"}, + status=400, ) if application.redirect_uris and redirect_uri not in application.redirect_uris: @@ -89,6 +93,7 @@ class AuthorizationView(LoginRequiredMixin, View): request, "api/oauth_error.html", {"error": "Invalid application redirect URI"}, + status=401, ) context = { diff --git a/users/models/identity.py b/users/models/identity.py index 5e3e22e..92c3d4f 100644 --- a/users/models/identity.py +++ b/users/models/identity.py @@ -697,7 +697,7 @@ class Identity(StatorModel): if ( response and response.status_code < 500 - and response.status_code not in [401, 403, 404, 406, 410] + and response.status_code not in [400, 401, 403, 404, 406, 410] ): raise ValueError( f"Client error fetching webfinger: {response.status_code}",