User authentication failure to return 403

2016-12-21 15:58:05 +01:00 · 2016-12-21 15:58:05 +01:00 · 1a31bc6554
parent f7908bb1b9
commit 1a31bc6554
2 changed files with 4 additions and 1 deletions
--- a/oidc_provider/tests/test_token_endpoint.py
+++ b/oidc_provider/tests/test_token_endpoint.py
@ -214,6 +214,7 @@ class TokenTestCase(TestCase):
        print(response_dict)

        self.assertEqual(400, response.status_code)
+        self.assertEqual(403, response.status_code)
        self.assertEqual('access_denied', response_dict['error'])

    def test_password_grant_get_access_token_invalid_client_credentials(self):
--- a/oidc_provider/views.py
+++ b/oidc_provider/views.py
@ -167,8 +167,10 @@ class TokenView(View):

            return TokenEndpoint.response(dic)

-        except (TokenError, UserAuthError) as error:
+        except TokenError as error:
            return TokenEndpoint.response(error.create_dict(), status=400)
+        except UserAuthError as error:
+            return TokenEndpoint.response(error.create_dict(), status=403)


@require_http_methods(['GET', 'POST'])