Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

oidc/callback: handle missing state param #1392

Merged
merged 5 commits into from
Feb 12, 2025
Merged

oidc/callback: handle missing state param #1392

merged 5 commits into from
Feb 12, 2025

Conversation

alxndrsn
Copy link
Contributor

@alxndrsn alxndrsn commented Feb 10, 2025
edited
Loading

Without this check, a request without a state parameter will generate an internal server error and receive a 500-status response.

This change sends the client through the proper error-handling route.

Closes #1391

What has been done to verify that this works as intended?

Added a test!

Why is this the best possible solution? Were any other approaches considered?

This could also be an e2e test, but an integration test should run and fail faster, giving faster feedback.

How does this change affect users? Describe intentional changes to behavior and behavior that could have accidentally been affected by code changes. In other words, what are the regression risks?

This change should only affect users in unhappy paths.

Does this change require updates to the API documentation? If so, please update docs/api.yaml as part of this PR.

I don't think so.

Before submitting this PR, please make sure you have:

  • run make test and confirmed all checks still pass OR confirm CircleCI build passes
  • verified that any code from external sources are properly credited in comments or that everything is internally sourced

/oidc/callback: handle missing state param
2da6f01 
Without this check, a request without a state parameter will generate an
internal server error and receive a 500-status response.

This change sends the client through the proper error-handling route.
@alxndrsn alxndrsn requested a review from ktuite February 10, 2025 06:40
@alxndrsn alxndrsn mentioned this pull request Feb 10, 2025
Open
2 tasks
@alxndrsn alxndrsn changed the title /oidc/callback: handle missing state param oidc/callback: handle missing state param Feb 10, 2025
@alxndrsn alxndrsn merged commit 8387cbe into getodk:master Feb 12, 2025
6 checks passed
@alxndrsn alxndrsn deleted the oidc-integration-tests branch February 12, 2025 05:44
alxndrsn pushed a commit to alxndrsn/odk-central-backend that referenced this pull request Feb 12, 2025
test/oidc: add missing describe() blocks
e4c81ab 
These were incorrectly excluded while merging getodk#1392 & getodk#1399 into master.
@alxndrsn alxndrsn mentioned this pull request Feb 12, 2025
Merged
alxndrsn added a commit that referenced this pull request Feb 18, 2025
@alxndrsn
test/oidc: add missing describe() blocks (#1400)
2f57a02 
These were incorrectly excluded while merging #1392 & #1399 into master.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ktuite ktuite ktuite approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Calling /oidc/callback without a state param triggers internal server error
2 participants
@alxndrsn @ktuite