summary refs log tree commit diff
path: root/synapse/handlers
diff options
context:
space:
mode:
authorRichard van der Hoff <richard@matrix.org>2016-08-09 16:29:28 +0100
committerRichard van der Hoff <richard@matrix.org>2016-08-09 16:29:28 +0100
commit79ebfbe7c62400a2b63d67fb65b1abce29d8bf38 (patch)
tree26e4b83a7d09be3238a5b430f52b41e385ff78af /synapse/handlers
parentMerge pull request #995 from matrix-org/rav/clean_up_cas_login (diff)
downloadsynapse-79ebfbe7c62400a2b63d67fb65b1abce29d8bf38.tar.xz
/login: Respond with a 403 when we get an invalid m.login.token
Diffstat (limited to 'synapse/handlers')
-rw-r--r--synapse/handlers/auth.py6
1 files changed, 3 insertions, 3 deletions
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py
index 1d3641b7a7..82998a81ce 100644
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@@ -719,14 +719,14 @@ class AuthHandler(BaseHandler):
         return macaroon.serialize()
 
     def validate_short_term_login_token_and_get_user_id(self, login_token):
+        auth_api = self.hs.get_auth()
         try:
-            auth_api = self.hs.get_auth()
             macaroon = pymacaroons.Macaroon.deserialize(login_token)
             user_id = auth_api.get_user_id_from_macaroon(macaroon)
             auth_api.validate_macaroon(macaroon, "login", True, user_id)
             return user_id
-        except (pymacaroons.exceptions.MacaroonException, TypeError, ValueError):
-            raise AuthError(401, "Invalid token", errcode=Codes.UNKNOWN_TOKEN)
+        except Exception:
+            raise AuthError(403, "Invalid token", errcode=Codes.FORBIDDEN)
 
     def _generate_base_macaroon(self, user_id):
         macaroon = pymacaroons.Macaroon(