Ubuntu One Servers

RESTful API is sending 400 for invalid tokens (should send 401)

Bug #751895 reported by Natalia Bidart on 2011-04-05

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Ubuntu One Servers	Fix Released	High	Vincenzo Di Somma

Bug Description

When sending a request with bad tokens, we're getting:

(400L, 'Invalid access token: hGTbRxOcMCaQqRHkzCyfJYQxGqMDNakhtRVrlTtVLolPvplzgq')

As per the spec, we should send 401.

Revision history for this message

Natalia Bidart (nataliabidart) wrote on 2011-04-05:

As per http://tools.ietf.org/html/rfc5849:

   The server SHOULD return a 400 (Bad Request) status code when
   receiving a request with unsupported parameters, an unsupported
   signature method, missing parameters, or duplicated protocol
   parameters. The server SHOULD return a 401 (Unauthorized) status
   code when receiving a request with invalid client credentials, an
   invalid or expired token, an invalid signature, or an invalid or used
   nonce.

Changed in ubuntuone-servers:
status:	New → Triaged
importance:	Undecided → High
assignee:	nobody → Ubuntu One web team (ubuntuone-web)

Natalia Bidart (nataliabidart) on 2011-04-05

visibility:

private → public

Revision history for this message

Martin Albisetti (beuno) wrote on 2011-04-05:

Hi vds, can you sneak this in at some point?

Changed in ubuntuone-servers:
assignee:	Ubuntu One web team (ubuntuone-web) → Vincenzo Di Somma (vds)

Vincenzo Di Somma (vds) on 2011-04-07

Changed in ubuntuone-servers:
status:	Triaged → In Progress

Vincenzo Di Somma (vds) on 2011-04-08

Changed in ubuntuone-servers:
status:	In Progress → Fix Committed

John O'Brien (jdobrien) on 2011-06-03

Changed in ubuntuone-servers:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.