diff options
author | Richard van der Hoff <richard@matrix.org> | 2016-08-09 16:29:28 +0100 |
---|---|---|
committer | Richard van der Hoff <richard@matrix.org> | 2016-08-09 16:29:28 +0100 |
commit | 79ebfbe7c62400a2b63d67fb65b1abce29d8bf38 (patch) | |
tree | 26e4b83a7d09be3238a5b430f52b41e385ff78af /synapse/handlers/auth.py | |
parent | Merge pull request #995 from matrix-org/rav/clean_up_cas_login (diff) | |
download | synapse-79ebfbe7c62400a2b63d67fb65b1abce29d8bf38.tar.xz |
/login: Respond with a 403 when we get an invalid m.login.token
Diffstat (limited to '')
-rw-r--r-- | synapse/handlers/auth.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index 1d3641b7a7..82998a81ce 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -719,14 +719,14 @@ class AuthHandler(BaseHandler): return macaroon.serialize() def validate_short_term_login_token_and_get_user_id(self, login_token): + auth_api = self.hs.get_auth() try: - auth_api = self.hs.get_auth() macaroon = pymacaroons.Macaroon.deserialize(login_token) user_id = auth_api.get_user_id_from_macaroon(macaroon) auth_api.validate_macaroon(macaroon, "login", True, user_id) return user_id - except (pymacaroons.exceptions.MacaroonException, TypeError, ValueError): - raise AuthError(401, "Invalid token", errcode=Codes.UNKNOWN_TOKEN) + except Exception: + raise AuthError(403, "Invalid token", errcode=Codes.FORBIDDEN) def _generate_base_macaroon(self, user_id): macaroon = pymacaroons.Macaroon( |