dheerajturaga commented on code in PR #60781:
URL: https://github.com/apache/airflow/pull/60781#discussion_r2705814033
##########
airflow-core/tests/unit/api_fastapi/auth/middlewares/test_refresh_token.py:
##########
@@ -64,8 +64,8 @@ async def test_dispatch_invalid_token(self,
mock_refresh_user, middleware, mock_
call_next = AsyncMock(return_value=Response())
response = await middleware.dispatch(mock_request, call_next)
- assert response.status_code == 403
- assert response.body == b'{"detail":"Invalid JWT token"}'
+ assert response.status_code == 200
Review Comment:
do clients rely on 401/403 codes to trigger re-login logic? I suspect a 200
might cause them to try parsing the body as a success? what do you think?
Could we send the Set-Cookie header with a 403 instead?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
