From 4bc540b6a0e0182b988f4a5da6ce7392d9007c3b Mon Sep 17 00:00:00 2001
From: Magnus Hagander <magnus@hagander.net>
Date: Thu, 12 Jun 2025 10:21:50 +0200
Subject: [PATCH] Make oauthexceptions be http status 400 on signup as well

This was already done for the majority on signin, but for new accounts
we should do the same.
---
 pgweb/account/views.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/pgweb/account/views.py b/pgweb/account/views.py
index 4f40c11e..809d4bea 100644
--- a/pgweb/account/views.py
+++ b/pgweb/account/views.py
@@ -45,6 +45,7 @@ from .forms import SignupForm, SignupOauthForm
 from .forms import UserForm, UserProfileForm, ContributorForm
 from .forms import AddEmailForm, PgwebPasswordResetForm
 from .oauthclient import get_encrypted_oauth_cookie, delete_encrypted_oauth_cookie_on
+from .oauthclient import OAuthException
 
 import logging
 
@@ -542,7 +543,10 @@ def signup_complete(request):
 @transaction.atomic
 @queryparams('do_abort')
 def signup_oauth(request):
-    cookiedata = get_encrypted_oauth_cookie(request)
+    try:
+        cookiedata = get_encrypted_oauth_cookie(request)
+    except OAuthException as e:
+        return HttpResponse(e, status=400)
 
     if 'oauth_email' not in cookiedata \
        or 'oauth_firstname' not in cookiedata \
-- 
2.39.5