diff options
| author |  Daenney <daenney@users.noreply.github.com> | 2023-02-28 11:38:34 +0100 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2023-02-28 11:38:34 +0100 |
| commit | e4c5f9adfdad3f1ccd5ecf2b79c0ecf0d96b9af7 (patch) | |
| tree | e066d9504aac409d9fb3e51648f7590a681c5948 /internal/oauth/server.go | |
| parent | [chore] Bump oauth2/v4 -> v4.6.6.6-SSB (#1571) (diff) | |
| download | gotosocial-e4c5f9adfdad3f1ccd5ecf2b79c0ecf0d96b9af7.tar.xz | |
[chore] Improve unsupported_grant_type error (#1572)
This attempts to provide a slightly more comprehensive error message for
the end user when an incorrect grant type is used. This is not something
the user can typically resolve but should hopefully be informative for
the (client) developer.
Diffstat (limited to 'internal/oauth/server.go')
| -rw-r--r-- | internal/oauth/server.go | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/internal/oauth/server.go b/internal/oauth/server.go index 082a2c8fa..2edf8678d 100644 --- a/internal/oauth/server.go +++ b/internal/oauth/server.go @@ -20,6 +20,7 @@ package oauth import ( "context" + "errors" "fmt" "net/http" "strings" @@ -28,7 +29,7 @@ import ( "github.com/superseriousbusiness/gotosocial/internal/gtserror" "github.com/superseriousbusiness/gotosocial/internal/log" "github.com/superseriousbusiness/oauth2/v4" - "github.com/superseriousbusiness/oauth2/v4/errors" + oautherr "github.com/superseriousbusiness/oauth2/v4/errors" "github.com/superseriousbusiness/oauth2/v4/manage" "github.com/superseriousbusiness/oauth2/v4/server" ) @@ -56,7 +57,8 @@ const ( OOBTokenPath = "/oauth/oob" // #nosec G101 else we get a hardcoded credentials warning // HelpfulAdvice is a handy hint to users; // particularly important during the login flow - HelpfulAdvice = "If you arrived at this error during a login/oauth flow, please try clearing your session cookies and logging in again; if problems persist, make sure you're using the correct credentials" + HelpfulAdvice = "If you arrived at this error during a login/oauth flow, please try clearing your session cookies and logging in again; if problems persist, make sure you're using the correct credentials" + HelpfulAdviceGrant = "If you arrived at this error during a login/oauth flow, your client is trying to use an unsupported OAuth grant type. Supported grant types are: authorization_code, client_credentials; please reach out to developer of your client" ) // Server wraps some oauth2 server functions in an interface, exposing only what is needed @@ -102,12 +104,12 @@ func New(ctx context.Context, database db.Basic) Server { } srv := server.NewServer(sc, manager) - srv.SetInternalErrorHandler(func(err error) *errors.Response { + srv.SetInternalErrorHandler(func(err error) *oautherr.Response { log.Errorf(nil, "internal oauth error: %s", err) return nil }) - srv.SetResponseErrorHandler(func(re *errors.Response) { + srv.SetResponseErrorHandler(func(re *oautherr.Response) { log.Errorf(nil, "internal response error: %s", re.Error) }) @@ -131,7 +133,11 @@ func (s *s) HandleTokenRequest(r *http.Request) (map[string]interface{}, gtserro gt, tgr, err := s.server.ValidationTokenRequest(r) if err != nil { help := fmt.Sprintf("could not validate token request: %s", err) - return nil, gtserror.NewErrorBadRequest(err, help, HelpfulAdvice) + adv := HelpfulAdvice + if errors.Is(err, oautherr.ErrUnsupportedGrantType) { + adv = HelpfulAdviceGrant + } + return nil, gtserror.NewErrorBadRequest(err, help, adv) } ti, err := s.server.GetAccessToken(ctx, gt, tgr) |