WrongTokenClass bug

I stumbled onto the followin bug.
I try to run a regular code flow. When I try to exchange the authorization code with an access_token the following error is raised:
```
  File "/srv/venv/lib/python3.7/site-packages/oidcop/oauth2/token.py", line 407, in process_request
    _access_token, grant=True
  File "/srv/venv/lib/python3.7/site-packages/oidcop/session/manager.py", line 459, in get_session_info_by_token
    _token_info = self.token_handler.info(token_value)
  File "/srv/venv/lib/python3.7/site-packages/oidcop/token/handler.py", line 55, in info
    _handler, item_info = self.get_handler(item, order)
  File "/srv/venv/lib/python3.7/site-packages/oidcop/token/handler.py", line 75, in get_handler
    res = self.handler[typ].info(token)
  File "/srv/venv/lib/python3.7/site-packages/oidcop/token/__init__.py", line 117, in info
    raise WrongTokenClass(_res["token_class"])
oidcop.token.exception.WrongTokenClass: access_token
```

The bug happens because the authorization code and the access_token are created using the same class (`DefaultToken`).
So https://github.com/IdentityPython/oidc-op/blob/0f92cfbf8079224c4c11e861a6c93d0efcf96d61/src/oidcop/token/__init__.py#L108 is called first to check if it is an authorization_code and then if it is an access_token. Both classes can decrypt the token, so https://github.com/IdentityPython/oidc-op/blob/0f92cfbf8079224c4c11e861a6c93d0efcf96d61/src/oidcop/token/__init__.py#L117 is raised.

To reproduce it you must use DefaultToken for both access token and authorization code (which is the default)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

WrongTokenClass bug #97

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

WrongTokenClass bug #97

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions