From 066518c8fabe10d038af7fa166293d4c56018301 Mon Sep 17 00:00:00 2001 From: Luke Lee Date: Mon, 27 Jun 2016 10:28:38 +0200 Subject: [PATCH] Fix bug in handling of failed github authentication request - The error scenario from the flask.oauthlib.authorized_response() doesn't return None. It can return an Exception object as well. So, checking for None is not very effective. - This fixes the limited issue we've seen in production related to the return from the oauthlib not having the `access_token` in it. This bug was leading to a `KeyError` and masking the real reason github didn't return us the token. --- pskb_website/views.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pskb_website/views.py b/pskb_website/views.py index 3c2a2b5..99bffea 100644 --- a/pskb_website/views.py +++ b/pskb_website/views.py @@ -138,9 +138,9 @@ def authorized(): """URL for Github auth callback""" resp = remote.github.authorized_response() - if resp is None: - flash('Access denied: reason=%s error=%s' % ( - request.args['error'], request.args['error_description']), + if resp is None or resp.get('access_token') is None: + flash('Access denied: reason=%s error=%s resp=%s' % ( + request.args['error'], request.args['error_description'], resp), category='error') return redirect(url_for('index'))