Ratings and Reviews server

Oauth authorization errors not reported in in 401 response

Bug #1522298 reported by Robert Ancell on 2015-12-03

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Ratings and Reviews server	Won't Fix	Undecided	Unassigned

Bug Description

If OAuth authorization fails, the server always returns 401 'Authorization Required'. This makes it very hard to debug why the authorization has failed (In my case I was missing an OAuth parameter - bug 1522297). It would be nice if the text was changed to indicate why authorization failed (piston seems to have helpful text in the OAuthError exception).

It may be possible this information is not provided for security purposes?

Revision history for this message

Natalia Bidart (nataliabidart) wrote on 2015-12-03:

Hello Robert!

As you guessed, this information is not provided for security reasons. To debug your signatures, I would suggest using this site:

http://nouncer.com/oauth/authentication.html

Where you can customize all the parameters and ensure the signature you built is correct. I hope that helps. Closing as Wont fix.

Changed in rnr-server:
status:	New → Won't Fix

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.