improve error handling

2024-06-02 15:06:32 +02:00 · 2024-06-02 15:06:32 +02:00 · 94c3358f4f
commit 94c3358f4f
parent 987748159a
1 changed files with 9 additions and 22 deletions
--- a/src/main.rs
+++ b/src/main.rs
@ -132,26 +132,8 @@ async fn login_page_endpoint(req: Request<AppState>) -> tide::Result {
        .config
        .clients
        .get(&query.client_id)
-        .ok_or(OAuthError::new("invalid_client", "Unknown client"))?;
-
-    // check redirect uri validity
-    if client
-        .redirect_uris
-        .iter()
-        .all(|r| r.as_str() != query.redirect_uri)
-    {
-        return Err(OAuthError::new("invalid_redirect", "").into());
-    }
-
-    if query.response_type != "code" {
-        return redirect_with_query(
-            query.redirect_uri.as_str(),
-            &[
-                ("state", query.state.as_deref()),
-                ("error", Some("unsupported_response_type")),
-            ],
-        );
-    }
+        // only devs should see this error
+        .ok_or(OAuthError::new("invalid_client", "Unrecognized client"))?;

    Ok(render_login_page(
        &client.name,
@ -186,8 +168,13 @@ async fn authorize_endpoint(mut req: Request<AppState>) -> tide::Result {
        .iter()
        .all(|r| r.as_str() != query.redirect_uri)
    {
-        // only devs should see this error
-        return Err(OAuthError::new("invalid_redirect", "").into());
+        let mut login_page = render_login_page(
+            &client.name,
+            &req.state().config.issuer_name,
+            "Invalid redirect (contact developer)",
+        );
+        login_page.set_status(400);
+        return Ok(login_page);
    }

    if query.response_type != "code" {