Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-86061

Insufficient error handling in QOAuth2AuthorizationCodeFlow::refreshAccessToken() and ::requestAccessToken()

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Reported
    • Priority: P2: Important
    • Resolution: Unresolved
    • Affects Version/s: 5.14.2
    • Fix Version/s: None
    • Labels:
      None
    • Platform/s:
      All

      Description

      The function QOAuth2AuthorizationCodeFlow::refreshAccessToken() does not appear to report refresh failures correctly, or if it does I have misunderstood the documentation drastically. When given an invalid refresh token, I simply get the following error message:

      qt.networkauth.replyhandler: Error transferring https://<domain>/oauth/token - server replied: Forbidden

      I would instead expect the signal QOAuth2AuthorizationCodeFlow::error to be emitted, but it is not. In fact from a quick glance over the codebase, it only appears to be emitted during the authorization code request, and at a quick glance there appears to be nothing externally visible for when there are failures during either requestAccessToken() or refreshAccessToken().

      Is there another intended way to be informed of failures, or is this simply an oversight?

      Thanks!

        Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

            Assignee:
            jefernan Jesus Fernandez
            Reporter:
            ethereal Kestrel W-K
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:

                Gerrit Reviews

                There are no open Gerrit changes