Merge lp:~leonardr/launchpad/distinguish-between-unauthorized-and-forbidden into lp:launchpad/db-devel
Proposed by
Leonard Richardson
Status: | Merged |
---|---|
Merge reported by: | Leonard Richardson |
Merged at revision: | not available |
Proposed branch: | lp:~leonardr/launchpad/distinguish-between-unauthorized-and-forbidden |
Merge into: | lp:launchpad/db-devel |
Diff against target: |
80 lines (+34/-8) 2 files modified
lib/canonical/launchpad/browser/oauth.py (+13/-5) lib/canonical/launchpad/pagetests/oauth/access-token.txt (+21/-3) |
To merge this branch: | bzr merge lp:~leonardr/launchpad/distinguish-between-unauthorized-and-forbidden |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Guilherme Salgado (community) | Approve | ||
Review via email: mp+29803@code.launchpad.net |
Description of the change
This branch returns the response code 403 ("Forbidden") when the client attempts to exchange a request token for an access token, but the end-user has explicitly declined to authorize the request token. Previously the response code was 401 ("Unauthorized"), which made it impossible to distinguish between this case and the case where the end-user has not gotten around to make a decision about the request token.
I also return human-readable strings for various error conditions instead of the empty string.
To post a comment you must log in.