not enough error checking when curl returns not authorized #6
Description
we have a curl command to fetch raw user data, around line 228 in the current revision
if [ "$?" -ne 0 ]; then
echo "Error: Failed to download data from ${API_ENDPOINT}/v1alpha1/multiplex" 1>&2
rmdir "$LOCK_DIR"
exit 1
fi
we check that curl has exited with some status code other than 0,but we don't check the HTTP status codes for the curl output.
in this particular case we were getting an error 403 because of some other issue with our token:
{"/v1alpha1/users/cnweaver?token=BLAHBLAHBLAH":{"status":403,"body":"{\"kind\":\"Error\",\"message\":\"Not authorized\"}"},"/v1alpha1/users/lincolnb?token=rGozleeI8z0UBLw2NUEPGY":{"status":403,"body":"{\"kind\":\"Error\",\"message\":\"Not authorized\"}"}}