diff options
| author | mrw1593 <botahamec@outlook.com> | 2023-06-18 19:00:16 -0400 |
|---|---|---|
| committer | mrw1593 <botahamec@outlook.com> | 2023-06-18 19:00:16 -0400 |
| commit | 27ab8b4d2ea815a2bac432e7393adf19429135f9 (patch) | |
| tree | cfa21cdc1d3b5c2e152d3419badf8d1f9c347ea7 | |
| parent | 1d51343bc819ec19a593e224f61245b3b0f639b1 (diff) | |
A couple more errors
| -rw-r--r-- | src/api/oauth.rs | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/src/api/oauth.rs b/src/api/oauth.rs index 353f287..5d1f12a 100644 --- a/src/api/oauth.rs +++ b/src/api/oauth.rs @@ -236,7 +236,7 @@ async fn authorize( .append_header((header::LOCATION, redirect_uri.as_str())) .finish() } - _ => todo!("unsupported response type"), + _ => AuthorizeError::invalid_scope(redirect_uri, state).error_response(), } } @@ -460,6 +460,14 @@ impl TokenError { } } + fn mismatch_client_id() -> Self { + Self { + status_code: StatusCode::UNAUTHORIZED, + error: TokenErrorType::InvalidClient, + error_description: Box::from("The client ID in the Authorization header is not the same as the client ID in the request body"), + } + } + fn incorrect_client_secret() -> Self { Self { status_code: StatusCode::UNAUTHORIZED, @@ -570,7 +578,7 @@ async fn token( }; if authorization.username() != client_alias.deref() { - todo!("bad username") + return TokenError::mismatch_client_id().error_response(); } if !hash.check_password(authorization.password()).unwrap() { return TokenError::incorrect_client_secret().error_response(); |