diff options
author | Patrick Cloke <clokep@users.noreply.github.com> | 2020-07-15 07:10:21 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-07-15 07:10:21 -0400 |
commit | 111e70d75c2e1e82f844e4a18a34ae579166dd9a (patch) | |
tree | 53c8cab739a6ad320898a9bf586898d7eb0a7a64 /synapse/rest/client/v1/login.py | |
parent | remove `retry_on_integrity_error` wrapper for persist_events (#7848) (diff) | |
download | synapse-111e70d75c2e1e82f844e4a18a34ae579166dd9a.tar.xz |
Return the proper 403 Forbidden error during errors with JWT logins. (#7844)
Diffstat (limited to 'synapse/rest/client/v1/login.py')
-rw-r--r-- | synapse/rest/client/v1/login.py | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/synapse/rest/client/v1/login.py b/synapse/rest/client/v1/login.py index 326ffa0056..379f668d6f 100644 --- a/synapse/rest/client/v1/login.py +++ b/synapse/rest/client/v1/login.py @@ -371,7 +371,7 @@ class LoginRestServlet(RestServlet): token = login_submission.get("token", None) if token is None: raise LoginError( - 401, "Token field for JWT is missing", errcode=Codes.UNAUTHORIZED + 403, "Token field for JWT is missing", errcode=Codes.FORBIDDEN ) import jwt @@ -387,14 +387,12 @@ class LoginRestServlet(RestServlet): except jwt.PyJWTError as e: # A JWT error occurred, return some info back to the client. raise LoginError( - 401, - "JWT validation failed: %s" % (str(e),), - errcode=Codes.UNAUTHORIZED, + 403, "JWT validation failed: %s" % (str(e),), errcode=Codes.FORBIDDEN, ) user = payload.get("sub", None) if user is None: - raise LoginError(401, "Invalid JWT", errcode=Codes.UNAUTHORIZED) + raise LoginError(403, "Invalid JWT", errcode=Codes.FORBIDDEN) user_id = UserID(user, self.hs.hostname).to_string() result = await self._complete_login( |