fix: Fix invalid user check in oauth2callback_azure

The commit fixes an issue in the `oauth2callback_azure` function where the check for a valid user was incorrect. It now correctly compares the `user_id` from the `sync_user_state` object with the `current_user` value.
srvo · Sep 5, 2024 · f11b98f · f11b98f
1 parent abadc28
commit f11b98f
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/backend/api/quivr_api/modules/sync/controller/azure_sync_routes.py b/backend/api/quivr_api/modules/sync/controller/azure_sync_routes.py
@@ -99,15 +99,18 @@ def oauth2callback_azure(request: Request):
     sync_user_state = sync_user_service.get_sync_user_by_state(state_dict)
     logger.info(f"Retrieved sync user state: {sync_user_state}")
 
-    if state_dict != sync_user_state["state"]:
+    if not sync_user_state or state_dict != sync_user_state.state:
         logger.error("Invalid state parameter")
         raise HTTPException(status_code=400, detail="Invalid state parameter")
-    if sync_user_state.get("user_id") != current_user:
+    if str(sync_user_state.user_id) != current_user:
+        logger.info(f"Sync user state: {sync_user_state}")
+        logger.info(f"Current user: {current_user}")
+        logger.info(f"Sync user state user_id: {sync_user_state.user_id}")
         logger.error("Invalid user")
         raise HTTPException(status_code=400, detail="Invalid user")
 
     result = client.acquire_token_by_auth_code_flow(
-        sync_user_state["additional_data"]["flow"], dict(request.query_params)
+        sync_user_state.additional_data["flow"], dict(request.query_params)
     )
     if "access_token" not in result:
         logger.error(f"Failed to acquire token: {result}")