consent: do not send 404 on revoke consent / delete login (#2397)

ory · Mar 22, 2021 · 854b9ee · 854b9ee
1 parent f6ef751
commit 854b9ee
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 11 deletions.
diff --git a/consent/handler.go b/consent/handler.go
@@ -98,7 +98,6 @@ func (h *Handler) SetRoutes(admin *x.RouterAdmin) {
 //     Responses:
 //       204: emptyResponse
 //       400: genericError
-//       404: genericError
 //       500: genericError
 func (h *Handler) DeleteConsentSession(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
 	subject := r.URL.Query().Get("subject")
@@ -111,12 +110,12 @@ func (h *Handler) DeleteConsentSession(w http.ResponseWriter, r *http.Request, p
 
 	switch {
 	case len(client) > 0:
-		if err := h.r.ConsentManager().RevokeSubjectClientConsentSession(r.Context(), subject, client); err != nil {
+		if err := h.r.ConsentManager().RevokeSubjectClientConsentSession(r.Context(), subject, client); err != nil && !errors.Is(err, x.ErrNotFound) {
 			h.r.Writer().WriteError(w, r, err)
 			return
 		}
 	case allClients:
-		if err := h.r.ConsentManager().RevokeSubjectConsentSession(r.Context(), subject); err != nil {
+		if err := h.r.ConsentManager().RevokeSubjectConsentSession(r.Context(), subject); err != nil && !errors.Is(err, x.ErrNotFound) {
 			h.r.Writer().WriteError(w, r, err)
 			return
 		}
@@ -211,7 +210,6 @@ func (h *Handler) GetConsentSessions(w http.ResponseWriter, r *http.Request, ps
 //     Responses:
 //       204: emptyResponse
 //       400: genericError
-//       404: genericError
 //       500: genericError
 func (h *Handler) DeleteLoginSession(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
 	subject := r.URL.Query().Get("subject")
@@ -220,7 +218,7 @@ func (h *Handler) DeleteLoginSession(w http.ResponseWriter, r *http.Request, ps
 		return
 	}
 
-	if err := h.r.ConsentManager().RevokeSubjectLoginSession(r.Context(), subject); err != nil {
+	if err := h.r.ConsentManager().RevokeSubjectLoginSession(r.Context(), subject); err != nil && !errors.Is(err, x.ErrNotFound) {
 		h.r.Writer().WriteError(w, r, err)
 		return
 	}

diff --git a/docs/docs/reference/api.mdx b/docs/docs/reference/api.mdx
@@ -6746,7 +6746,6 @@ This endpoint revokes a subject's granted consent sessions for a specific OAuth
 | ------ | -------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
 | 204    | [No Content](https://tools.ietf.org/html/rfc7231#section-6.3.5)            | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. | None                                |
 | 400    | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)           | genericError                                                                                                                  | [genericError](#schemagenericerror) |
-| 404    | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)             | genericError                                                                                                                  | [genericError](#schemagenericerror) |
 | 500    | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError                                                                                                                  | [genericError](#schemagenericerror) |
 
 ##### Examples
@@ -6755,10 +6754,8 @@ This endpoint revokes a subject's granted consent sessions for a specific OAuth
 
 ```json
 {
-  "debug": "The database adapter was unable to find the element",
-  "error": "The requested resource could not be found",
-  "error_description": "Object with ID 12345 does not exist",
-  "status_code": 404
+  "error": "invalid_request",
+  "error_description": "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. Query parameter 'subject' is not defined but should have been."
 }
 ```
 
@@ -6931,7 +6928,6 @@ invalidates-a-subject's-authentication-session-responses"
 | ------ | -------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- |
 | 204    | [No Content](https://tools.ietf.org/html/rfc7231#section-6.3.5)            | Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. | None                                |
 | 400    | [Bad Request](https://tools.ietf.org/html/rfc7231#section-6.5.1)           | genericError                                                                                                                  | [genericError](#schemagenericerror) |
-| 404    | [Not Found](https://tools.ietf.org/html/rfc7231#section-6.5.4)             | genericError                                                                                                                  | [genericError](#schemagenericerror) |
 | 500    | [Internal Server Error](https://tools.ietf.org/html/rfc7231#section-6.6.1) | genericError                                                                                                                  | [genericError](#schemagenericerror) |
 
 ##### Examples