Merge pull request #28 from malach-it/revert-22-pr-auth_error_msg

Revert "return one of 3 more specific errors"
malach-it · Dec 13, 2024 · 4bf7d0f · 4bf7d0f
2 parents d47488e + 7d4c60c
commit 4bf7d0f
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 12 deletions.
diff --git a/lib/boruta/oauth/authorization/access_token.ex b/lib/boruta/oauth/authorization/access_token.ex
@@ -32,19 +32,12 @@ defmodule Boruta.Oauth.Authorization.AccessToken do
          :ok <- Token.ensure_valid(token) do
       {:ok, token}
     else
-      {:error, msg} ->
-        {:error,
-         %Error{
-           status: :bad_request,
-           error: :invalid_access_token,
-           error_description: msg
-         }}
       _ ->
         {:error,
          %Error{
            status: :bad_request,
            error: :invalid_access_token,
-           error_description: "Given access token is invalid."
+           error_description: "Given access token is invalid, revoked, or expired."
          }}
     end
   end

diff --git a/lib/boruta/oauth/schemas/token.ex b/lib/boruta/oauth/schemas/token.ex
@@ -134,8 +134,8 @@ defmodule Boruta.Oauth.Token do
           :ok | {:error, String.t()}
   def ensure_valid(token, type \\ :access_token) do
     case {revoked?(token, type), expired?(token, type)} do
-      {true, _} -> {:error, "Given access token is revoked."}
-      {_, true} -> {:error, "Given access token is expired."}
+      {true, _} -> {:error, "Token revoked."}
+      {_, true} -> {:error, "Token expired."}
       _ -> :ok
     end
   end

diff --git a/test/boruta/openid/integration/userinfo_test.exs b/test/boruta/openid/integration/userinfo_test.exs
@@ -47,7 +47,7 @@ defmodule Boruta.OpenidTest.UserinfoTest do
       assert {:unauthorized,
               %Boruta.Oauth.Error{
                 error: :invalid_access_token,
-                error_description: "Given access token is invalid.",
+                error_description: "Given access token is invalid, revoked, or expired.",
                 status: :bad_request
               }} = Openid.userinfo(conn, ApplicationMock)
     end
@@ -130,7 +130,7 @@ defmodule Boruta.OpenidTest.UserinfoTest do
       assert {:unauthorized,
               %Boruta.Oauth.Error{
                 error: :invalid_access_token,
-                error_description: "Given access token is invalid.",
+                error_description: "Given access token is invalid, revoked, or expired.",
                 status: :bad_request
               }} = Openid.userinfo(conn, ApplicationMock)
     end