hyperswitch icon indicating copy to clipboard operation
hyperswitch copied to clipboard
verified publisher icon juspay

fix(users): add bad request for openidconnect

Open racnan opened this issue 4 months ago • 1 comments

Type of Change

  • [x] Bugfix
  • [ ] New feature
  • [ ] Enhancement
  • [ ] Refactoring
  • [ ] Dependency updates
  • [ ] Documentation
  • [ ] CI/CD

Description

Added a BadRequest response for SSO login when an invalid authorization code is provided.

Additional Changes

  • [X] This PR modifies the API contract
  • [ ] This PR modifies the database schema
  • [ ] This PR modifies application configuration/environment variables

Motivation and Context

Currently, when users provide an invalid or expired code during SSO login, the system returns a 500 response. This is misleading, as the issue is with the client input rather than a server error. This change introduces a proper 400 BadRequest response to better reflect the actual problem and improve error handling.

How did you test it?

curl --location '<BASE URL>/user/oidc' \
--header 'Content-Type: application/json' \
--data '{
    "state": "<correct state>",
    "code": "<wrong code>"
}'

This should give 400 instead of 500.

Checklist

  • [x] I formatted the code cargo +nightly fmt --all
  • [x] I addressed lints thrown by cargo clippy
  • [X] I reviewed the submitted code
  • [ ] I added unit tests for my changes where possible

racnan avatar Sep 02 '25 13:09 racnan

Review changes with  SemanticDiff

Changed Files
File Status
  crates/router/src/services/openidconnect.rs  33% smaller

semanticdiff-com[bot] avatar Sep 02 '25 13:09 semanticdiff-com[bot]