Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

server returns status code 500 when deleting auth-app token of a different user #10921

Open
nirajacharya2 opened this issue Jan 23, 2025 · 0 comments
Open

server returns status code 500 when deleting auth-app token of a different user #10921

nirajacharya2 opened this issue Jan 23, 2025 · 0 comments
Labels
Type:Bug

Comments

@nirajacharya2
Copy link
Contributor

nirajacharya2 commented Jan 23, 2025
edited
Loading

Describe the bug

deleting auth-app token of a user by another user both normal user and admin gives 500 status code.
https://owncloud.dev/services/auth-app/#via-api

Steps to reproduce

  1. moss creates an auth-app token
curl -kv -XPOST 'https://localhost:9200/auth-app/tokens?expiry=72h' -umoss:vista
  1. marie and admin tries to delete token
curl -kv -XDELETE "https://localhost:9200/auth-app/tokens?token=$2a$11$mkKiEkxurCe4/W8CTfXcrOS0I5nWFNmT.U6PEey8KsO5k2E2b8iAG" -umarie:radioactivity|jq

or

curl -kv -XDELETE "https://localhost:9200/auth-app/tokens?token=$2a$11$mkKiEkxurCe4/W8CTfXcrOS0I5nWFNmT.U6PEey8KsO5k2E2b8iAG" -uadmin:admin|jq

Expected behavior

The server should return something like 403.
but in case of admin user i'm not clear about the expected behavior.

Actual behavior

the server return 500 status code

 TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
< HTTP/1.1 500 Internal Server Error
< Content-Length: 0

Setup

env

OCIS_ADD_RUN_SERVICES=auth-app
AUTH_APP_ENABLE_IMPERSONATION=true

ownCloud Web UI 11.1.0
 Infinite Scale 7.1.0-rc.2+4dc5d13631 Community
@nirajacharya2 nirajacharya2 mentioned this issue Jan 23, 2025
Open
9 tasks
@S-Panta S-Panta changed the title server returns status code 500 when deleting auth-app token of a diffrent user server returns status code 500 when deleting auth-app token of a different user Jan 23, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type:Bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@nirajacharya2