handle malformed invite tokens

app/accept_invite/rest.py

@@ -4,7 +4,7 @@ from flask import (
     current_app
 )
 
-from itsdangerous import SignatureExpired
+from itsdangerous import SignatureExpired, BadData
 
 from notifications_utils.url_safe_token import check_token
 
@@ -38,6 +38,9 @@ def validate_invitation_token(invitation_type, token):
                   ['Your invitation to GOV.UK Notify has expired. '
                    'Please ask the person that invited you to send you another one']}
         raise InvalidRequest(errors, status_code=400)
+    except BadData:
+        errors = {'invitation': 'Something’s wrong with this link. Make sure you’ve copied the whole thing.'}
+        raise InvalidRequest(errors, status_code=400)
 
     if invitation_type == 'service':
         invited_user = get_invited_user_by_id(invited_user_id)