couchdb icon indicating copy to clipboard operation
couchdb copied to clipboard
verified publisher icon apache

When JWT is incorrect, the returned error should be 400 Bad Request and not 500

Open uaru opened this issue 3 years ago • 0 comments

Description

When the server receives the request authorized with JWT with payload

{
   :sub => username,
   :'_couchdb.roles' => roles,
   :exp => ...,
}

and roles is a string, the server returns error 500 Internal Server Error with

{
  "error": "internal_server_error",
  "reason": "No DB shards could be opened.",
  "ref": ...
}

Steps to Reproduce

curl -X GET --location "https://<couchdb_server>:6984/<db>/<document>" \
    -H "Accept: application/json" \
    -H "Content-Type: application/json; charset=utf-8" \
    -H "Authorization: Bearer <JWT Token>"

The server return error 500, with body:

{
  "error": "internal_server_error",
  "reason": "No DB shards could be opened.",
  "ref": ...
}

Expected Behaviour

The server should return 400 Bad Request.

Your Environment

Server: CouchDB/3.2.1 (Erlang OTP/23)

Running in Docker on Ubuntu 18.04

uaru avatar Mar 15 '22 01:03 uaru