From 8ea2803fbe5704ac9c2387f5e5de1554e17048bf Mon Sep 17 00:00:00 2001
From: Revant Nandgaonkar <revant.one@gmail.com>
Date: Fri, 17 Nov 2023 09:52:07 +0000
Subject: [PATCH] fix: remove raised exceptions and fail in validate_auth

---
 frappe/app.py  | 4 +---
 frappe/auth.py | 7 +++----
 2 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/frappe/app.py b/frappe/app.py
index 6b8ba0110b..c036b65e9c 100644
--- a/frappe/app.py
+++ b/frappe/app.py
@@ -22,7 +22,7 @@ import frappe.rate_limiter
 import frappe.recorder
 import frappe.utils.response
 from frappe import _
-from frappe.auth import SAFE_HTTP_METHODS, UNSAFE_HTTP_METHODS, HTTPRequest, validate_auth, validate_auth_via_hooks
+from frappe.auth import SAFE_HTTP_METHODS, UNSAFE_HTTP_METHODS, HTTPRequest, validate_auth
 from frappe.middlewares import StaticDataMiddleware
 from frappe.utils import CallbackManager, cint, get_site_name
 from frappe.utils.data import escape_html
@@ -94,8 +94,6 @@ def application(request: Request):
 
 		init_request(request)
 
-		validate_auth_via_hooks()
-
 		validate_auth()
 
 		if request.method == "OPTIONS":
diff --git a/frappe/auth.py b/frappe/auth.py
index 25621951e0..294154a167 100644
--- a/frappe/auth.py
+++ b/frappe/auth.py
@@ -573,6 +573,7 @@ def validate_auth():
 	if len(authorization_header) == 2:
 		validate_oauth(authorization_header)
 		validate_auth_via_api_keys(authorization_header)
+		validate_auth_via_hooks()
 
 		# If login via bearer, basic or keypair didn't work then authentication failed and we
 		# should terminate here.
@@ -645,7 +646,7 @@ def validate_auth_via_api_keys(authorization_header):
 			frappe.InvalidAuthorizationToken,
 		)
 	except (AttributeError, TypeError, ValueError):
-		raise frappe.AuthenticationError
+		pass
 
 
 def validate_api_key_secret(api_key, api_secret, frappe_authorization_source=None):
@@ -653,7 +654,7 @@ def validate_api_key_secret(api_key, api_secret, frappe_authorization_source=Non
 	doctype = frappe_authorization_source or "User"
 	doc = frappe.db.get_value(doctype=doctype, filters={"api_key": api_key}, fieldname=["name"])
 	if not doc:
-		raise frappe.AuthenticationError
+		return
 	form_dict = frappe.local.form_dict
 	doc_secret = get_decrypted_password(doctype, doc, fieldname="api_secret")
 	if api_secret == doc_secret:
@@ -664,8 +665,6 @@ def validate_api_key_secret(api_key, api_secret, frappe_authorization_source=Non
 		if frappe.local.login_manager.user in ("", "Guest"):
 			frappe.set_user(user)
 		frappe.local.form_dict = form_dict
-	else:
-		raise frappe.AuthenticationError
 
 
 def validate_auth_via_hooks():