Project

General

Profile

Actions

Bug #17597

open

[keep-web] Improve error response when AnonymousUserToken not configured and no token provided by client

Added by Tom Clegg almost 3 years ago. Updated 27 days ago.

Status:
New
Priority:
Normal
Assigned To:
-
Category:
Keep
Target version:
Story points:
-
Release:
Release relationship:
Auto

Description

Currently, if an incoming request does not provide a token, keep-web sends the configured AnonymousUserToken, even if it's blank -- "Authorization: OAuth2 ". This will never work, so in such cases it should skip the API request and return a more helpful error like "anonymous requests are not enabled" with 404 or 401.

Actions

Also available in: Atom PDF