Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-86061

Insufficient error handling in QOAuth2AuthorizationCodeFlow::refreshAccessToken() and ::requestAccessToken()

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: P2: Important P2: Important
    • None
    • 5.14.2
    • Network: Authentication
    • None

      The function QOAuth2AuthorizationCodeFlow::refreshAccessToken() does not appear to report refresh failures correctly, or if it does I have misunderstood the documentation drastically. When given an invalid refresh token, I simply get the following error message:

      qt.networkauth.replyhandler: Error transferring https://<domain>/oauth/token - server replied: Forbidden

      I would instead expect the signal QOAuth2AuthorizationCodeFlow::error to be emitted, but it is not. In fact from a quick glance over the codebase, it only appears to be emitted during the authorization code request, and at a quick glance there appears to be nothing externally visible for when there are failures during either requestAccessToken() or refreshAccessToken().

      Is there another intended way to be informed of failures, or is this simply an oversight?

      Thanks!

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

            vuokko Juha Vuolle
            ethereal Kestrel W-K
            Vladimir Minenko Vladimir Minenko
            Alex Blasche Alex Blasche
            Votes:
            1 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved:

                There are no open Gerrit changes