fix: handle server error when refresh token requests come same time (#…

…3207) Signed-off-by: sawadashota <shota@sslife.tech>
ory · Jul 29, 2022 · e66ba3c · e66ba3c
1 parent f0cb539
commit e66ba3c
Showing 1 changed file with 12 additions and 2 deletions.
diff --git a/persistence/sql/persister_oauth2.go b/persistence/sql/persister_oauth2.go
@@ -20,9 +20,10 @@ import (
 	"github.com/tidwall/gjson"
 
 	"github.com/ory/fosite"
-	"github.com/ory/hydra/oauth2"
 	"github.com/ory/x/sqlcon"
 	"github.com/ory/x/stringsx"
+
+	"github.com/ory/hydra/oauth2"
 )
 
 var _ oauth2.AssertionJWTReader = &Persister{}
@@ -252,10 +253,19 @@ func (p *Persister) deleteSessionBySignature(ctx context.Context, signature stri
 	signature = p.hashSignature(signature, table)
 
 	/* #nosec G201 table is static */
-	return sqlcon.HandleError(
+	err := sqlcon.HandleError(
 		p.Connection(ctx).
 			RawQuery(fmt.Sprintf("DELETE FROM %s WHERE signature=?", OAuth2RequestSQL{Table: table}.TableName()), signature).
 			Exec())
+	if errors.Is(err, sqlcon.ErrNoRows) {
+		return errorsx.WithStack(fosite.ErrNotFound)
+	} else if errors.Is(err, sqlcon.ErrConcurrentUpdate) {
+		return errors.Wrap(fosite.ErrSerializationFailure, err.Error())
+	} else if err != nil {
+		return err
+	}
+	return nil
+
 }
 
 func (p *Persister) deleteSessionByRequestID(ctx context.Context, id string, table tableName) error {