Closed
Bug 843423
Opened 12 years ago
Closed 12 years ago
An invalid JWT issuer causes a 500 error in webpay
Categories
(Marketplace Graveyard :: Payments/Refunds, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
2013-03-14
People
(Reporter: kumar, Assigned: andy+bugzilla)
References
Details
If you submit a JWT with a bogus issuer you can trigger a 500. This should be caught and handled gracefully.
I think this is just fallout from upgrading to curling because we no longer get a ValueError, we get a real ObjectDoesNotExist exception
Internal Server Error: /mozpay/
Stacktrace (most recent call last):
File "django/core/handlers/base.py", line 111, in get_response
response = callback(request, *callback_args, **callback_kwargs)
File "django/views/decorators/http.py", line 41, in inner
return func(request, *args, **kwargs)
File "webpay/pay/views.py", line 102, in lobby
res = process_pay_req(request)
File "webpay/pay/views.py", line 45, in process_pay_req
if not form.is_valid():
File "django/forms/forms.py", line 124, in is_valid
return self.is_bound and not bool(self.errors)
File "django/forms/forms.py", line 115, in _get_errors
self.full_clean()
File "django/forms/forms.py", line 270, in full_clean
self._clean_fields()
File "django/forms/forms.py", line 290, in _clean_fields
value = getattr(self, 'clean_%s' % name)()
File "webpay/pay/forms.py", line 59, in clean_req
secret = client.get_secret(app_id)
File "lib/solitude/api.py", line 129, in get_secret
seller__active=True, public_id=public_id)['secret']
File "curling/lib.py", line 121, in get_object
raise ObjectDoesNotExist
Reporter | ||
Updated•12 years ago
|
Blocks: marketplace-payments
Priority: -- → P2
Assignee | ||
Updated•12 years ago
|
Assignee: nobody → amckay
Target Milestone: --- → 2013-03-14
Assignee | ||
Comment 1•12 years ago
|
||
You go this in https://github.com/mozilla/webpay/commit/a9d2c27c.
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Assignee | ||
Comment 2•12 years ago
|
||
s/go/got/
You need to log in
before you can comment on or make changes to this bug.
Description
•