Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(errors): improve error messages #38

Merged
merged 10 commits into from Jul 29, 2020
Merged

fix(errors): improve error messages #38

Changes from 1 commit
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
e54ab63
Update authrequest.go
JCustin Jul 28, 2020
9c8698d
Update pkg/op/authrequest.go
JCustin Jul 28, 2020
858a527
Update pkg/op/authrequest.go
JCustin Jul 28, 2020
d653ed7
Update pkg/op/authrequest.go
JCustin Jul 28, 2020
cd1c364
Update pkg/op/authrequest.go
JCustin Jul 28, 2020
f6f8cba
Update pkg/op/authrequest.go
JCustin Jul 28, 2020
f552b1c
Update pkg/op/authrequest.go
JCustin Jul 28, 2020
b2d043a
Update pkg/op/authrequest.go
JCustin Jul 28, 2020
c689756
Update pkg/op/authrequest.go
JCustin Jul 28, 2020
e6356f1
Update pkg/op/authrequest.go
JCustin Jul 28, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
18 changes: 9 additions & 9 deletions pkg/op/authrequest.go
View file
Open in desktop
Expand Up @@ -79,24 +79,24 @@ func ValidateAuthRequest(ctx context.Context, authReq *oidc.AuthRequest, storage

func ValidateAuthReqScopes(scopes []string) error {
if len(scopes) == 0 {
return ErrInvalidRequest("scope missing")
return ErrInvalidRequest("Unforuntately, the scope of your request is missing. Please ensure your scope value is not 0, and try again. If you have any questions, you may contact the administrator of the application at:")
JCustin marked this conversation as resolved.
Show resolved Hide resolved
}
if !utils.Contains(scopes, oidc.ScopeOpenID) {
return ErrInvalidRequest("scope openid missing")
return ErrInvalidRequest)("Unfortunately, the scope openid of your request is missing. Please ensure your scope openid is complete and accurate, and try again. If you have any questions, you may contact the administrator of the application at:")
JCustin marked this conversation as resolved.
Show resolved Hide resolved
}
return nil
}

func ValidateAuthReqRedirectURI(ctx context.Context, uri, client_id string, responseType oidc.ResponseType, storage OPStorage) error {
if uri == "" {
return ErrInvalidRequestRedirectURI("redirect_uri must not be empty")
return ErrInvalidRequestRedirectURI("Unfortunately, the client's redirect_uri is missing. Please ensure your redirect_uri is complete and accurate, and try again. If you have any questions, you may contact the administrator of the application at:")
JCustin marked this conversation as resolved.
Show resolved Hide resolved
}
client, err := storage.GetClientByClientID(ctx, client_id)
if err != nil {
return ErrServerError(err.Error())
}
if !utils.Contains(client.RedirectURIs(), uri) {
return ErrInvalidRequestRedirectURI("redirect_uri not allowed")
return ErrInvalidRequestRedirectURI("Unfortunately, the client's redirect_uri is missing. Please ensure your redirect_uri is complete and accurate, and try again. If you have any questions, you may contact the administrator of the application at:")//(Writer's note: This may not be correct. Please double check its accuracy.)
JCustin marked this conversation as resolved.
Show resolved Hide resolved
}
if strings.HasPrefix(uri, "https://") {
return nil
Expand All @@ -108,21 +108,21 @@ func ValidateAuthReqRedirectURI(ctx context.Context, uri, client_id string, resp
if client.ApplicationType() == ApplicationTypeNative {
return nil
}
return ErrInvalidRequest("redirect_uri not allowed")
return ErrInvalidRequest("Unfortunately, this client's redirect_uri is private and is not allowed. If you have any questions, you may contact the administrator of the application at:")
JCustin marked this conversation as resolved.
Show resolved Hide resolved
} else {
if client.ApplicationType() != ApplicationTypeNative {
return ErrInvalidRequestRedirectURI("redirect_uri not allowed")
return ErrInvalidRequestRedirectURI("Unfortunately, the client's application type does not match the native platform. Please ensure the client's application type is compatible, and try again. If you have any questions, you may contact the administrator of the application at:") //(Writer's note: This may not be correct. Please double check its accuracy.)
JCustin marked this conversation as resolved.
Show resolved Hide resolved
}
if !(strings.HasPrefix(uri, "http://localhost:") || strings.HasPrefix(uri, "http://localhost/")) {
return ErrInvalidRequestRedirectURI("redirect_uri not allowed")
return ErrInvalidRequestRedirectURI("Unfortunately, this redirect_uri lacks a 'http://localhost/' prefix. Please ensure the redirect_uri has the appropiate prefix, and try again. If you have any questions, you may contact the administrator of the application at:")
JCustin marked this conversation as resolved.
Show resolved Hide resolved
}
}
return nil
}

func ValidateAuthReqResponseType(responseType oidc.ResponseType) error {
if responseType == "" {
return ErrInvalidRequest("response_type empty")
return ErrInvalidRequest("Unfortunately, a response type is missing in your request. Please ensure the response type is complete and accurate, and try again. If you have any questions, you may contact the administrator of the application at:")
JCustin marked this conversation as resolved.
Show resolved Hide resolved
}
return nil
}
Expand All @@ -133,7 +133,7 @@ func ValidateAuthReqIDTokenHint(ctx context.Context, idTokenHint string, verifie
}
claims, err := verifier.Verify(ctx, "", idTokenHint)
if err != nil {
return "", ErrInvalidRequest("id_token_hint invalid")
return "", ErrInvalidRequest("Unfortunately, the id_token_hint is invalid. Please ensure the id_token_hint is complete and accurate, and try again. If you have any questions, you may contact the administrator of the application at:")
JCustin marked this conversation as resolved.
Show resolved Hide resolved
}
return claims.Subject, nil
}
Expand Down