Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

oauth2: return error if error field is present in access token response #442

Closed
wants to merge 1 commit into from
Closed

oauth2: return error if error field is present in access token response #442

wants to merge 1 commit into from

Conversation

beyang
Copy link

@beyang beyang commented Oct 11, 2020

Return an error containing the error, error_description, and error_uri when the error field is present in the access token response, even if the HTTP response code is 2xx.

Fixes #441

@google-cla google-cla bot added the cla: yes label Oct 11, 2020
@gopherbot
Copy link
Contributor

This PR (HEAD: 6057702) has been imported to Gerrit for code review.

Please visit https://go-review.googlesource.com/c/oauth2/+/261220 to see it.

Tip: You can toggle comments from me using the comments slash command (e.g. /comments off)
See the Wiki page for more info

@gopherbot
Copy link
Contributor

Message from Gobot Gobot:

Patch Set 1:

Congratulations on opening your first change. Thank you for your contribution!

Next steps:
A maintainer will review your change and provide feedback. See
https://golang.org/doc/contribute.html#review for more info and tips to get your
patch through code review.

Most changes in the Go project go through a few rounds of revision. This can be
surprising to people new to the project. The careful, iterative review process
is our way of helping mentor contributors and ensuring that their contributions
have a lasting impact.

Please don’t reply on this GitHub thread. Visit golang.org/cl/261220.
After addressing review feedback, remember to publish your drafts!

@beyang beyang mentioned this pull request Oct 11, 2020
Merged
@gopherbot
Copy link
Contributor

Message from Go Bot:

Patch Set 1:

Congratulations on opening your first change. Thank you for your contribution!

Next steps:
A maintainer will review your change and provide feedback. See
https://golang.org/doc/contribute.html#review for more info and tips to get your
patch through code review.

Most changes in the Go project go through a few rounds of revision. This can be
surprising to people new to the project. The careful, iterative review process
is our way of helping mentor contributors and ensuring that their contributions
have a lasting impact.

Please don’t reply on this GitHub thread. Visit golang.org/cl/261220.
After addressing review feedback, remember to publish your drafts!

@bonifaido
Copy link

Related issue #274 (reported by me long ago), I guess this one will get fixed as well.

@bobbytables
Copy link

Came here because Slack does something similar and there's no way to know exactly what the error is. What's missing from this being merged?

@windforce2
Copy link

windforce2 commented Jan 17, 2022
edited
Loading

Hello @codyoss,
Is there any timeline as to when this PR will be finally approved and merged?
If not, there should be some other way for dealing with OAuth2 errors coming in 200-code responses.
Debugging errors in production has been much harder without being able to see those.

@technodrome
Copy link

Also find it quite cumbersome not being able to get the error. Can this be merged?

@hickford
Copy link
Contributor

hickford commented Oct 18, 2022
edited
Loading

@bradfitz Can you take a look or assign a new reviewer? https://go-review.googlesource.com/c/oauth2/+/261220

@beyang
Copy link
Author

beyang commented Apr 11, 2023

Closing due to lack of activity

@beyang beyang closed this Apr 11, 2023
@bobheadxi
Copy link

Could cfe200d have been an equivalent fix?

This was referenced May 4, 2023
Closed
Merged
bobheadxi added a commit to sourcegraph/sourcegraph-public-snapshot that referenced this pull request May 9, 2023
@bobheadxi
deps: revert to golang.org/x/oauth2 upstream (#51495)
44e0db3 
The issue this fork was meant to address
(golang/oauth2#441) has been fixed upstream:

- [proposed fix that was part of
fork](golang/oauth2#442)
- [upstream
fix](golang/oauth2@cfe200d)
(golang/go#58125)

Notably, both implementations change the error returned to render more
verbose details on `.Error()` if the response is a status 200 _but_ an
error (see above issues)

A diff against upstream indicates that there are no other changes:
sourcegraph/oauth2#3

## Test plan

Test suites pass
VolhaBakanouskaya pushed a commit to VolhaBakanouskaya/sourcegraph-public that referenced this pull request Jun 30, 2023
@bobheadxi @ErikaRS
deps: revert to golang.org/x/oauth2 upstream (#51495)
e5f0c18 
The issue this fork was meant to address
(golang/oauth2#441) has been fixed upstream:

- [proposed fix that was part of
fork](golang/oauth2#442)
- [upstream
fix](golang/oauth2@cfe200d)
(golang/go#58125)

Notably, both implementations change the error returned to render more
verbose details on `.Error()` if the response is a status 200 _but_ an
error (see above issues)

A diff against upstream indicates that there are no other changes:
sourcegraph/oauth2#3

## Test plan

Test suites pass
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
cla: yes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

oauth2 swallows token response error if HTTP code is 200
8 participants
@beyang @gopherbot @bonifaido @bobbytables @windforce2 @technodrome @hickford @bobheadxi