• Stan Hu's avatar
    Fix 500 API errors with invalid access tokens · 866e1518
    Stan Hu authored
    When the API is called with a revoked or invalid token, the error
    handler did not properly return a `Rack::Response`, causing Grape to
    throw an error in the middleware. Instead of a 4xx error code, the
    client would receive a 500 error.
    
    We fix this by recreating the Rack::Response after the
    `Rack::OAuth2::Server::Abstract::Error#finish` call. The `yield` is
    intercepted by the superclass, so the API handler never got it.
    
    Relates to https://gitlab.com/gitlab-com/gl-infra/production/-/issues/2363
    866e1518
api_spec.rb 2.29 KB