SG-786 - Fix 400 error code log outs without invalid_grant (#2156)

* SG-786 - Added validation to check if the 400 error is invalid grant

* SG 786 - Improved code quality
This commit is contained in:
Carlos Gonçalves 2022-10-31 17:40:26 +00:00 committed by GitHub
parent 9baa79e10b
commit ee09c0abda
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 2 deletions

View File

@ -795,8 +795,6 @@ namespace Bit.Core.Services
if (authed if (authed
&& &&
( (
(tokenError && response.StatusCode == HttpStatusCode.BadRequest)
||
(logoutOnUnauthorized && response.StatusCode == HttpStatusCode.Unauthorized) (logoutOnUnauthorized && response.StatusCode == HttpStatusCode.Unauthorized)
|| ||
response.StatusCode == HttpStatusCode.Forbidden response.StatusCode == HttpStatusCode.Forbidden
@ -813,6 +811,17 @@ namespace Bit.Core.Services
var responseJsonString = await response.Content.ReadAsStringAsync(); var responseJsonString = await response.Content.ReadAsStringAsync();
responseJObject = JObject.Parse(responseJsonString); responseJObject = JObject.Parse(responseJsonString);
} }
if (authed && tokenError
&&
response.StatusCode == HttpStatusCode.BadRequest
&&
responseJObject?["error"]?.ToString() == "invalid_grant")
{
await _logoutCallbackAsync(new Tuple<string, bool, bool>(null, false, true));
return null;
}
return new ErrorResponse(responseJObject, response.StatusCode, tokenError); return new ErrorResponse(responseJObject, response.StatusCode, tokenError);
} }
catch catch