From 1a31bc65548a25a59f297dc696c2ce0acc8ebbf5 Mon Sep 17 00:00:00 2001 From: Niels van Huijstee Date: Wed, 21 Dec 2016 15:58:05 +0100 Subject: [PATCH] User authentication failure to return 403 --- oidc_provider/tests/test_token_endpoint.py | 1 + oidc_provider/views.py | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/oidc_provider/tests/test_token_endpoint.py b/oidc_provider/tests/test_token_endpoint.py index 8a3ca22..72c1080 100644 --- a/oidc_provider/tests/test_token_endpoint.py +++ b/oidc_provider/tests/test_token_endpoint.py @@ -214,6 +214,7 @@ class TokenTestCase(TestCase): print(response_dict) self.assertEqual(400, response.status_code) + self.assertEqual(403, response.status_code) self.assertEqual('access_denied', response_dict['error']) def test_password_grant_get_access_token_invalid_client_credentials(self): diff --git a/oidc_provider/views.py b/oidc_provider/views.py index 1c94d05..b1eb420 100644 --- a/oidc_provider/views.py +++ b/oidc_provider/views.py @@ -167,8 +167,10 @@ class TokenView(View): return TokenEndpoint.response(dic) - except (TokenError, UserAuthError) as error: + except TokenError as error: return TokenEndpoint.response(error.create_dict(), status=400) + except UserAuthError as error: + return TokenEndpoint.response(error.create_dict(), status=403) @require_http_methods(['GET', 'POST'])