Fix OAuth callback to handle missing code and error responses

Fork: 0

root / navi-1

Browse code Fix OAuth callback to handle missing code and error responses FastAPI validated code/state as required query params before the handler body ran, so any OAuth error response (e.g. invalid_scope from offline_access, user denied consent) produced an opaque 422 "Field required" instead of a readable error message. - Make code, state, error, error_description all optional with defaults - Detect OAuth error responses and return a clear 400 with the error - Guard state[:8] slicing when state may be None Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> feature/navi-code master vmkdemo
1 parent c40745a commit b4c2621a9210802204cec3d003c02c1b9ae7b19b Eugene Sukhodolskiy authored 24 days ago

Browse code

FastAPI validated code/state as required query params before the
handler body ran, so any OAuth error response (e.g. invalid_scope
from offline_access, user denied consent) produced an opaque 422
"Field required" instead of a readable error message.

- Make code, state, error, error_description all optional with defaults
- Detect OAuth error responses and return a clear 400 with the error
- Guard state[:8] slicing when state may be None

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

feature/navi-code master vmkdemo

1 parent c40745a commit b4c2621a9210802204cec3d003c02c1b9ae7b19b

Eugene Sukhodolskiy authored 24 days ago

Patch

Unified Split

Showing 1 changed file

Ignore Space Show notes View navi/api/routes/auth.py

Show line notes below