Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Misleading HTTP status code for oauth2_client_credentials authenticator #504

Merged
merged 1 commit into from Aug 31, 2020
Merged

fix: Misleading HTTP status code for oauth2_client_credentials authenticator #504

merged 1 commit into from Aug 31, 2020

Conversation

NavindrenBaskaran
Copy link
Contributor

@NavindrenBaskaran NavindrenBaskaran commented Aug 24, 2020
edited

Related issue

Closes #496

Proposed changes

Checklist

  • I have read the contributing guidelines.
  • I have read the security policy.
  • I confirm that this pull request does not address a security
    vulnerability. If this pull request addresses a security. vulnerability, I
    confirm that I got green light (please contact
    security@ory.sh) from the maintainers to push
    the changes.
  • I have added tests that prove my fix is effective or that my feature
    works.
  • I have added or changed the documentation.

Further comments

@CLAassistant
Copy link

CLAassistant commented Aug 24, 2020
edited

CLA assistant check
All committers have signed the CLA.

@NavindrenBaskaran NavindrenBaskaran changed the title Update: return appropriate error response based on the oauth2 clientc… fix: Misleading HTTP status code for oauth2_client_credentials authenticator Aug 24, 2020
@NavindrenBaskaran
Copy link
Contributor Author

NavindrenBaskaran commented Aug 24, 2020
edited

@aeneasr I've managed to return proper HTTP Error response based on the oauth2 clientcredentials response. I'm in the midst of writing test for this fix, will want to get some feedback pertaining the implementation.

aeneasr
aeneasr requested changes Aug 26, 2020
View reviewed changes
pipeline/authn/authenticator_oauth2_client_credentials.go
return errors.Wrapf(helper.ErrUpstreamServiceNotFound, err.Error())
} else if rErr.Response.StatusCode == http.StatusUnauthorized {
return errors.Wrapf(helper.ErrUnauthorized, err.Error())
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A default case is missing. If that case were to happen, this would let the request pass even if an error occurred. I recommend using switch with a defaults!

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @aeneasr, yeap have made unauthorized as the default case.

@aeneasr aeneasr added corp/next feat New feature or request. labels Aug 26, 2020
@NavindrenBaskaran
Copy link
Contributor Author

Hey @aeneasr can help review this please. Thanks.

@aeneasr
Copy link
Member

aeneasr commented Aug 31, 2020

Sorry for the slow response, this looks good! Thank you :)

@aeneasr aeneasr merged commit 0f65631 into ory:master Aug 31, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aeneasr aeneasr aeneasr approved these changes

Assignees
No one assigned
Labels
feat New feature or request.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@NavindrenBaskaran @CLAassistant @aeneasr