This change raises an InvalidGrantError from the OAuth2Validator.invalidate_authorization_code method if the Grant object intended to be deleted does not exist.
Currently, when invalidating an authorization code after it has been used, if for whatever reason the associated grant object no longer exists, an uncaught Grant.DoesNotExist exception is raised. This leads to 500 responses being returned to clients. This could, for example, be caused by concurrent requests being made using the same authorization code.
The change in this PR handles this scenario gracefully by catching Grant.DoesNotExist and raising an InvalidGrantError which will return a 400 'invalid_grant' response to the client.
Checklist
[x] PR only contains one change (considered splitting up PR)
[x] unit-test added
[ ] documentation updated (No existing documentation for this validator class)
[x] CHANGELOG.md updated (only for user relevant changes)
Description of the Change
This change raises an
InvalidGrantErrorfrom theOAuth2Validator.invalidate_authorization_codemethod if the Grant object intended to be deleted does not exist.Currently, when invalidating an authorization code after it has been used, if for whatever reason the associated grant object no longer exists, an uncaught
Grant.DoesNotExistexception is raised. This leads to 500 responses being returned to clients. This could, for example, be caused by concurrent requests being made using the same authorization code.The change in this PR handles this scenario gracefully by catching
Grant.DoesNotExistand raising anInvalidGrantErrorwhich will return a 400 'invalid_grant' response to the client.Checklist
CHANGELOG.mdupdated (only for user relevant changes)AUTHORS