lundberg/porchlight
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
porchlight/tests/test_oidc
History
Johan Lundberg b284cf596b
fix(oidc): return 400 instead of 500 on bad token requests 
The token endpoint wrapped parse_request in try/except but
  called process_request and do_response unguarded, so a parseable-but-invalid request (e.g. a refresh_token grant missing client_id, or an
  unknown token) made idpyoidc raise and surfaced as a 500. Wrap both so failures return a clean 400 invalid_request and log the traceback
  server-side. Adds a regression test.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-10 14:37:01 +02:00
..
__init__.py chore: create package structure with src layout 2026-02-12 14:39:07 +01:00
test_app_integration.py feat: integrate idpyoidc server into app lifespan 2026-02-16 13:29:39 +01:00
test_authorization.py fix(security): escape error text in OIDC error pages 2026-06-04 11:06:08 +02:00
test_claims.py update all imports in test files: fastapi_oidc_op → porchlight 2026-02-16 15:34:53 +01:00
test_consent_flow.py fix(security): reject consent scopes outside the original request 2026-06-04 10:26:55 +02:00
test_discovery.py feat: add OIDC discovery, JWKS, and authorization endpoints 2026-02-16 13:33:40 +01:00
test_e2e_flow.py fix(security): don't mint new ID tokens on refresh; confirm offline_access gating 2026-06-10 09:25:49 +02:00
test_login_oidc_redirect.py fix: reorder imports and use ty-compatible type suppression 2026-02-19 14:29:01 +01:00
test_provider.py fix(security): lock down signing-key file permissions 2026-06-08 15:21:27 +02:00
test_token.py fix(oidc): return 400 instead of 500 on bad token requests 2026-06-10 14:37:01 +02:00
test_userinfo.py fix: reorder imports and use ty-compatible type suppression 2026-02-19 14:29:01 +01:00