providers/oauth2: improve error handling, ensure correct message is shown to user
This commit is contained in:
parent
a9336f069c
commit
319104c39b
|
@ -1,8 +1,10 @@
|
||||||
"""OAuth errors"""
|
"""OAuth errors"""
|
||||||
from urllib.parse import quote
|
from urllib.parse import quote
|
||||||
|
|
||||||
|
from authentik.lib.sentry import SentryIgnoredException
|
||||||
|
|
||||||
class OAuth2Error(Exception):
|
|
||||||
|
class OAuth2Error(SentryIgnoredException):
|
||||||
"""Base class for all OAuth2 Errors"""
|
"""Base class for all OAuth2 Errors"""
|
||||||
|
|
||||||
error: str
|
error: str
|
||||||
|
|
|
@ -5,6 +5,7 @@ from urllib.parse import parse_qs, urlencode, urlsplit, urlunsplit
|
||||||
from uuid import uuid4
|
from uuid import uuid4
|
||||||
|
|
||||||
from django.http import HttpRequest, HttpResponse
|
from django.http import HttpRequest, HttpResponse
|
||||||
|
from django.http.response import Http404
|
||||||
from django.shortcuts import get_object_or_404, redirect
|
from django.shortcuts import get_object_or_404, redirect
|
||||||
from django.utils import timezone
|
from django.utils import timezone
|
||||||
from structlog import get_logger
|
from structlog import get_logger
|
||||||
|
@ -342,9 +343,11 @@ class AuthorizationFlowInitView(PolicyAccessView):
|
||||||
# Extract params so we can save them in the plan context
|
# Extract params so we can save them in the plan context
|
||||||
try:
|
try:
|
||||||
params = OAuthAuthorizationParams.from_request(request)
|
params = OAuthAuthorizationParams.from_request(request)
|
||||||
except (ClientIdError, RedirectUriError) as error:
|
except OAuth2Error as error:
|
||||||
# pylint: disable=no-member
|
# pylint: disable=no-member
|
||||||
return bad_request_message(request, error.description, title=error.error)
|
return bad_request_message(request, error.description, title=error.error)
|
||||||
|
except OAuth2Provider.DoesNotExist:
|
||||||
|
raise Http404
|
||||||
# Regardless, we start the planner and return to it
|
# Regardless, we start the planner and return to it
|
||||||
planner = FlowPlanner(self.provider.authorization_flow)
|
planner = FlowPlanner(self.provider.authorization_flow)
|
||||||
# planner.use_cache = False
|
# planner.use_cache = False
|
||||||
|
|
Reference in a new issue