mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-11-21 08:31:27 -05:00
Merge pull request '[v9.0/forgejo] fix: Add server logging for OAuth server errors' (#5596) from bp-v9.0/forgejo-a857007 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5596 Reviewed-by: Gusted <gusted@noreply.codeberg.org>
This commit is contained in:
commit
e740aa05a4
1 changed files with 11 additions and 10 deletions
|
@ -527,7 +527,7 @@ func AuthorizeOAuth(ctx *context.Context) {
|
||||||
|
|
||||||
grant, err := app.GetGrantByUserID(ctx, ctx.Doer.ID)
|
grant, err := app.GetGrantByUserID(ctx, ctx.Doer.ID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
handleServerError(ctx, form.State, form.RedirectURI)
|
handleServerError(ctx, form.State, form.RedirectURI, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -536,12 +536,12 @@ func AuthorizeOAuth(ctx *context.Context) {
|
||||||
if app.ConfidentialClient && grant != nil {
|
if app.ConfidentialClient && grant != nil {
|
||||||
code, err := grant.GenerateNewAuthorizationCode(ctx, form.RedirectURI, form.CodeChallenge, form.CodeChallengeMethod)
|
code, err := grant.GenerateNewAuthorizationCode(ctx, form.RedirectURI, form.CodeChallenge, form.CodeChallengeMethod)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
handleServerError(ctx, form.State, form.RedirectURI)
|
handleServerError(ctx, form.State, form.RedirectURI, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
redirect, err := code.GenerateRedirectURI(form.State)
|
redirect, err := code.GenerateRedirectURI(form.State)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
handleServerError(ctx, form.State, form.RedirectURI)
|
handleServerError(ctx, form.State, form.RedirectURI, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
// Update nonce to reflect the new session
|
// Update nonce to reflect the new session
|
||||||
|
@ -570,19 +570,19 @@ func AuthorizeOAuth(ctx *context.Context) {
|
||||||
// TODO document SESSION <=> FORM
|
// TODO document SESSION <=> FORM
|
||||||
err = ctx.Session.Set("client_id", app.ClientID)
|
err = ctx.Session.Set("client_id", app.ClientID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
handleServerError(ctx, form.State, form.RedirectURI)
|
handleServerError(ctx, form.State, form.RedirectURI, err)
|
||||||
log.Error(err.Error())
|
log.Error(err.Error())
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
err = ctx.Session.Set("redirect_uri", form.RedirectURI)
|
err = ctx.Session.Set("redirect_uri", form.RedirectURI)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
handleServerError(ctx, form.State, form.RedirectURI)
|
handleServerError(ctx, form.State, form.RedirectURI, err)
|
||||||
log.Error(err.Error())
|
log.Error(err.Error())
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
err = ctx.Session.Set("state", form.State)
|
err = ctx.Session.Set("state", form.State)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
handleServerError(ctx, form.State, form.RedirectURI)
|
handleServerError(ctx, form.State, form.RedirectURI, err)
|
||||||
log.Error(err.Error())
|
log.Error(err.Error())
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -619,7 +619,7 @@ func GrantApplicationOAuth(ctx *context.Context) {
|
||||||
}
|
}
|
||||||
grant, err := app.GetGrantByUserID(ctx, ctx.Doer.ID)
|
grant, err := app.GetGrantByUserID(ctx, ctx.Doer.ID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
handleServerError(ctx, form.State, form.RedirectURI)
|
handleServerError(ctx, form.State, form.RedirectURI, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if grant == nil {
|
if grant == nil {
|
||||||
|
@ -654,12 +654,12 @@ func GrantApplicationOAuth(ctx *context.Context) {
|
||||||
|
|
||||||
code, err := grant.GenerateNewAuthorizationCode(ctx, form.RedirectURI, codeChallenge, codeChallengeMethod)
|
code, err := grant.GenerateNewAuthorizationCode(ctx, form.RedirectURI, codeChallenge, codeChallengeMethod)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
handleServerError(ctx, form.State, form.RedirectURI)
|
handleServerError(ctx, form.State, form.RedirectURI, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
redirect, err := code.GenerateRedirectURI(form.State)
|
redirect, err := code.GenerateRedirectURI(form.State)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
handleServerError(ctx, form.State, form.RedirectURI)
|
handleServerError(ctx, form.State, form.RedirectURI, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
ctx.Redirect(redirect.String(), http.StatusSeeOther)
|
ctx.Redirect(redirect.String(), http.StatusSeeOther)
|
||||||
|
@ -888,7 +888,8 @@ func handleAccessTokenError(ctx *context.Context, acErr AccessTokenError) {
|
||||||
ctx.JSON(http.StatusBadRequest, acErr)
|
ctx.JSON(http.StatusBadRequest, acErr)
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleServerError(ctx *context.Context, state, redirectURI string) {
|
func handleServerError(ctx *context.Context, state, redirectURI string, err error) {
|
||||||
|
log.Error("OAuth server error: %v", err)
|
||||||
handleAuthorizeError(ctx, AuthorizeError{
|
handleAuthorizeError(ctx, AuthorizeError{
|
||||||
ErrorCode: ErrorCodeServerError,
|
ErrorCode: ErrorCodeServerError,
|
||||||
ErrorDescription: "A server error occurred",
|
ErrorDescription: "A server error occurred",
|
||||||
|
|
Loading…
Reference in a new issue