Private
Public Access
1
0

Return clear error when SimpleFIN setup token is already claimed

A 403 from the claim URL means the token was already used or is
invalid. Throw InvalidOperationException so the middleware returns
a 400 with a helpful message instead of a generic 500.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Catherine Renelle
2026-02-08 21:10:07 -05:00
parent 1db0101b5a
commit fae15ad66b
@@ -30,6 +30,8 @@ public class SimpleFinSyncProvider : IAccountSyncProvider
var claimUrl = Encoding.UTF8.GetString(Convert.FromBase64String(setupToken));
var response = await _httpClient.PostAsync(claimUrl, new StringContent(string.Empty));
if (response.StatusCode == System.Net.HttpStatusCode.Forbidden)
throw new InvalidOperationException("Setup token has already been claimed or is invalid. Please generate a new token from SimpleFIN Bridge.");
response.EnsureSuccessStatusCode();
var accessUrl = await response.Content.ReadAsStringAsync();