Commit bc53de8d authored by ale's avatar ale
Browse files

Catch OAuth errors during the consent process and display them

parent ad5cf81d
......@@ -26,6 +26,19 @@ type Service struct {
provider *Provider
}
func (s *Service) errorCatcher(h http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if errMsg := r.FormValue("error"); errMsg != "" {
s.RenderTemplate(w, r, "oauth_error.html", map[string]interface{}{
"Error": errMsg,
"ErrorDescription": r.FormValue("error_description"),
})
return
}
h.ServeHTTP(w, r)
})
}
// NewService returns a new Service.
func NewService(base *web.Service, store sessions.Store, hc *hydra.Client, insecureCookies bool) (*Service, error) {
s := &Service{
......@@ -47,7 +60,7 @@ func NewService(base *web.Service, store sessions.Store, hc *hydra.Client, insec
m.HandleFunc("/auth/idp/challenge", s.handleChallengeGET).Methods("GET")
m.HandleFunc("/auth/idp/consent", s.handleConsentGET).Methods("GET")
m.Handle("/auth/idp/consent", http.HandlerFunc(s.handleConsentPOST)).Methods("POST")
s.Router.PathPrefix("/auth/idp/").Handler(s.CSRF(s.InstrumentHandler("consent", s.LoggedIn(m))))
s.Router.PathPrefix("/auth/idp/").Handler(s.CSRF(s.InstrumentHandler("consent", s.errorCatcher(s.LoggedIn(m)))))
return s, nil
}
......@@ -67,7 +80,8 @@ func (s *Service) handleChallengeGET(w http.ResponseWriter, r *http.Request) {
// Return on error
if err != nil {
log.WithFields(log.Fields{
"user": as.Username,
"user": as.Username,
"error": err,
}).Error("idp NewChallenge error")
http.Error(w, err.Error(), http.StatusInternalServerError)
return
......@@ -78,7 +92,8 @@ func (s *Service) handleChallengeGET(w http.ResponseWriter, r *http.Request) {
// Return on error
if err != nil {
log.WithFields(log.Fields{
"user": as.Username,
"user": as.Username,
"error": err,
}).Error("idp challenge.Save error")
http.Error(w, err.Error(), http.StatusInternalServerError)
return
......@@ -100,7 +115,8 @@ func (s *Service) handleConsentGET(w http.ResponseWriter, r *http.Request) {
// Return on error
if err != nil {
log.WithFields(log.Fields{
"user": as.Username,
"user": as.Username,
"error": err,
}).Error("idp consent GetChallenge error")
http.Error(w, err.Error(), http.StatusBadRequest)
return
......@@ -129,7 +145,8 @@ func (s *Service) handleConsentPOST(w http.ResponseWriter, r *http.Request) {
// Return on error
if err != nil {
log.WithFields(log.Fields{
"user": as.Username,
"user": as.Username,
"error": err,
}).Error("idp consent POST GetChallenge error")
http.Error(w, err.Error(), http.StatusInternalServerError)
return
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment