WebDAV: handle 403 during Google OAuth authentication

When sending an access token with insufficient scope (for example, because the Ubuntu Online Accounts service definition was incomplete, as documented in FDO #86824), Google responds with a 403 "service denied" error. Neon (arguably correctly) treats this as a permanent error and not as a transient authentication error. Google should better send a 401 error. To activate the 401 error handling in SyncEvolution, detect this special case and turn the general SE_ERROR error into SE_AUTH.
2015-02-13 07:52:37 -08:00 · 2015-02-13 07:52:37 -08:00 · 84a30285a9
parent d84f323398
commit 84a30285a9
1 changed files with 6 additions and 0 deletions
--- a/src/backends/webdav/NeonCXX.cpp
+++ b/src/backends/webdav/NeonCXX.cpp
@ -603,6 +603,12 @@ bool Session::checkError(int error, int code, const ne_status *status,
        }
    }

+    // Detect 403 returned by Google for a bad access token and treat that like
+    // 401 = NE_AUTH. Neon itself doesn't do that.
+    if (m_authProvider && error == NE_ERROR && code == 403) {
+        error = NE_AUTH;
+    }
+
    switch (error) {
    case NE_OK:
        // request itself completed, but might still have resulted in bad status