summary refs log tree commit diff
path: root/changelog.d/5656.misc (follow)
Commit message (Collapse)AuthorAgeFilesLines
* 1.2.0rc1Andrew Morgan2019-07-221-1/+0
|
* Clean up exception handling for access_tokens (#5656)Richard van der Hoff2019-07-111-0/+1
First of all, let's get rid of `TOKEN_NOT_FOUND_HTTP_STATUS`. It was a hack we did at one point when it was possible to return either a 403 or a 401 if the creds were missing. We always return a 401 in these cases now (thankfully), so it's not needed. Let's also stop abusing `AuthError` for these cases. Honestly they have nothing that relates them to the other places that `AuthError` is used, other than the fact that they are loosely under the 'Auth' banner. It makes no sense for them to share exception classes. Instead, let's add a couple of new exception classes: `InvalidClientTokenError` and `MissingClientTokenError`, for the `M_UNKNOWN_TOKEN` and `M_MISSING_TOKEN` cases respectively - and an `InvalidClientCredentialsError` base class for the two of them.