Skip to content

Commit

Permalink
return 404 for missing token sessionID (#3137)
Browse files Browse the repository at this point in the history
  • Loading branch information
@gerardsn
gerardsn authored May 24, 2024
1 parent d1bcad0 commit 602d71e
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 3 deletions.
3 changes: 3 additions & 0 deletions auth/api/iam/api.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -231,6 +231,9 @@ func (r Wrapper) RetrieveAccessToken(_ context.Context, request RetrieveAccessTo
var token TokenResponse
err := r.accessTokenClientStore().Get(request.SessionID, &token)
if err != nil {
if errors.Is(err, storage.ErrNotFound) {
return nil, core.NotFoundError("session not found")
}
return nil, err
}
if token.Get("status") == oauth.AccessTokenRequestStatusPending {
Expand Down
5 changes: 2 additions & 3 deletions auth/api/iam/api_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -565,12 +565,11 @@ func TestWrapper_RetrieveAccessToken(t *testing.T) {
assert.IsType(t, RetrieveAccessToken200JSONResponse{}, res)
assert.ErrorIs(t, ctx.client.accessTokenClientStore().Get("id", new(TokenResponse)), storage.ErrNotFound)
})
t.Run("error - unknown sessionID", func(t *testing.T) {
t.Run("error - 404 unknown sessionID", func(t *testing.T) {
ctx := newTestClient(t)

res, err := ctx.client.RetrieveAccessToken(nil, request)

assert.ErrorIs(t, err, storage.ErrNotFound)
assert.ErrorIs(t, err, core.NotFoundError(""))
assert.Nil(t, res)
})
}
Expand Down

0 comments on commit 602d71e

Please sign in to comment.