Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-86061

Insufficient error handling in QOAuth2AuthorizationCodeFlow::refreshAccessToken() and ::requestAccessToken()

    XMLWordPrintable

Details

    • Bug
    • Resolution: Duplicate
    • P2: Important
    • None
    • 5.14.2
    • Network: Authentication
    • None

    Description

      The function QOAuth2AuthorizationCodeFlow::refreshAccessToken() does not appear to report refresh failures correctly, or if it does I have misunderstood the documentation drastically. When given an invalid refresh token, I simply get the following error message:

      qt.networkauth.replyhandler: Error transferring https://<domain>/oauth/token - server replied: Forbidden

      I would instead expect the signal QOAuth2AuthorizationCodeFlow::error to be emitted, but it is not. In fact from a quick glance over the codebase, it only appears to be emitted during the authorization code request, and at a quick glance there appears to be nothing externally visible for when there are failures during either requestAccessToken() or refreshAccessToken().

      Is there another intended way to be informed of failures, or is this simply an oversight?

      Thanks!

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            vuokko Juha Vuolle
            ethereal Kestrel W-K
            Vladimir Minenko Vladimir Minenko
            Alex Blasche Alex Blasche
            Votes:
            1 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes