fix(oidc): return bad request for an invalid refresh token (#7419)

2025-08-12 07:07:32 +00:00 · 2024-02-20 17:54:52 +02:00
parent 1791f46424
commit 1d6dfadad8
2 changed files with 2 additions and 2 deletions
--- a/internal/command/user_human_refresh_token.go
+++ b/internal/command/user_human_refresh_token.go
@@ -147,7 +147,7 @@ func (c *Commands) renewRefreshToken(ctx context.Context, userID, orgID, refresh
 	tokenUserID, tokenID, token, err := domain.FromRefreshToken(refreshToken, c.keyAlgorithm)
 	if err != nil {
-		return nil, "", "", zerrors.ThrowInvalidArgument(err, "COMMAND-Dbfe4", "Errors.User.RefreshToken.Invalid")
+		return nil, "", "", err
 	}
 	if tokenUserID != userID {
 		return nil, "", "", zerrors.ThrowInvalidArgument(nil, "COMMAND-Ht2g2", "Errors.User.RefreshToken.Invalid")
--- a/internal/domain/refresh_token.go
+++ b/internal/domain/refresh_token.go
@@ -31,7 +31,7 @@ func FromRefreshToken(refreshToken string, algorithm crypto.EncryptionAlgorithm)
 	}
 	split := strings.Split(string(decrypted), ":")
 	if len(split) != 3 {
-		return "", "", "", zerrors.ThrowInternal(nil, "DOMAIN-BGDhn", "Errors.User.RefreshToken.Invalid")
+		return "", "", "", zerrors.ThrowInvalidArgument(nil, "DOMAIN-BGDhn", "Errors.User.RefreshToken.Invalid")
 	}
 	return split[0], split[1], split[2], nil
 }