cloud-gov / pages-core

cloud.gov Pages is a publishing platform for modern 21st Century IDEA websites.
https://cloud.gov/pages
Other
275 stars 68 forks source link

send 401 response for bad auth callback #4523

Closed drewbo closed 2 months ago

drewbo commented 3 months ago

Changes proposed in this pull request:

security considerations

Change to our OAuth callback flow. In theory it implements the same pattern as before but with additional error handling

drewbo commented 3 months ago

One other thing I'd like to confirm on dev before merging, does anyone have a UAA login not connected to pages? I'd like to confirm the "you aren't authorized" path also

drewbo commented 3 months ago

Confirmed the non-authorized path on dev