fix: remove extra jws_err handler which caused extra write after finish

For bogus or invalid Authorization headers, an extra write could occur after finish. closes #665
mozilla-services · Sep 22, 2016 · 65c7a3a · 65c7a3a
1 parent f47b743
commit 65c7a3a
Showing 1 changed file with 5 additions and 4 deletions.
diff --git a/autopush/endpoint.py b/autopush/endpoint.py
@@ -340,11 +340,12 @@ def _store_auth(self, jwt, crypto_key, token, result):
         return result
 
     def _invalid_auth(self, fail):
-        if isinstance(fail.value, VapidAuthException):
+        if isinstance(fail.value, (JOSEError, VapidAuthException)):
             raise fail.value
         message = fail.value.message or repr(fail.value)
-        if (isinstance(fail.value, AssertionError) or
-                isinstance(fail.value, ValueError)):
+        if isinstance(fail.value,
+                      (AssertionError, ValueError,
+                       InvalidTokenException)):
             message = "A decryption error occurred"
         self.log.debug(format="Invalid bearer token: " + repr(message),
                        **self._client_info)
@@ -373,8 +374,8 @@ def _process_auth(self, result, require_auth=False):
         if auth_type.lower() in AUTH_SCHEMES and '.' in token:
             d = deferToThread(extract_jwt, token, public_key)
             d.addCallback(self._store_auth, public_key, token, result)
-            d.addErrback(self._jws_err)
             d.addErrback(self._invalid_auth)
+            # error handlers already in place from calling function .put()
             return d
         # otherwise, it's not, so ignore the VAPID data if we're supposed to
         if require_auth: