-
Notifications
You must be signed in to change notification settings - Fork 713
Handle invalid token when adding redirection headers #1945
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
2fd002d
to
b79036c
Compare
b4a06b4
to
a31fe87
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM with my limited context on the gem
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe this looks good!
I am just going to flag this with the App Access team for a quick once over.
Could you please add a note in the CHANGELOG.md
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks! The changes makes sense to me, I just had a few questions about the test setup.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Approving so you can merge, once Zoey's questions are answered.
b670160
to
d81cc9b
Compare
Add changelog Simplify test
d81cc9b
to
8c3e282
Compare
What this PR does
Currently, while decoding a token while redirecting to login, it's possible for errors to occur. Example error:
Signature has expired
.This PR rescues token decoding errors and handles them gracefully. The login url will not include the shop param in this scenario.
Exception:
Reviewer's guide to testing
The test covers this scenario by simulating an error decoding the session token, in this case the error is
Not enough or too many segments
but it covers any error while decoding tokens.Things to focus on
I'm unfamiliar with this repo so please ensure the way that the exception is handled won't cause issues in the redirect.
Checklist
Before submitting the PR, please consider if any of the following are needed:
CHANGELOG.md
if the changes would impact usersREADME.md
, if appropriate./docs
, if necessary