[feature] More consistent API error handling (#637)

* update templates

* start reworking api error handling

* update template

* return AP status at web endpoint if negotiated

* start making api error handling much more consistent

* update account endpoints to new error handling

* use new api error handling in admin endpoints

* go fmt ./...

* use api error logic in app

* use generic error handling in auth

* don't export generic error handler

* don't defer clearing session

* user nicer error handling on oidc callback handler

* tidy up the sign in handler

* tidy up the token handler

* use nicer error handling in blocksget

* auth emojis endpoint

* fix up remaining api endpoints

* fix whoopsie during login flow

* regenerate swagger docs

* change http error logging to debug

2 files changed, 14 insertions, 7 deletions

diff --git a/internal/oidc/handlecallback.go b/internal/oidc/handlecallback.go
index c0c1ed453..588fb227b 100644
--- a/internal/oidc/handlecallback.go
+++ b/internal/oidc/handlecallback.go
@@ -24,24 +24,28 @@ import (
 	"fmt"
 
 	"github.com/sirupsen/logrus"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
 )
 
-func (i *idp) HandleCallback(ctx context.Context, code string) (*Claims, error) {
+func (i *idp) HandleCallback(ctx context.Context, code string) (*Claims, gtserror.WithCode) {
 	l := logrus.WithField("func", "HandleCallback")
 	if code == "" {
-		return nil, errors.New("code was empty string")
+		err := errors.New("code was empty string")
+		return nil, gtserror.NewErrorBadRequest(err, err.Error())
 	}
 
 	l.Debug("exchanging code for oauth2token")
 	oauth2Token, err := i.oauth2Config.Exchange(ctx, code)
 	if err != nil {
-		return nil, fmt.Errorf("error exchanging code for oauth2token: %s", err)
+		err := fmt.Errorf("error exchanging code for oauth2token: %s", err)
+		return nil, gtserror.NewErrorInternalError(err)
 	}
 
 	l.Debug("extracting id_token")
 	rawIDToken, ok := oauth2Token.Extra("id_token").(string)
 	if !ok {
-		return nil, errors.New("no id_token in oauth2token")
+		err := errors.New("no id_token in oauth2token")
+		return nil, gtserror.NewErrorBadRequest(err, err.Error())
 	}
 	l.Debugf("raw id token: %s", rawIDToken)
 
@@ -50,13 +54,15 @@ func (i *idp) HandleCallback(ctx context.Context, code string) (*Claims, error)
 	idTokenVerifier := i.provider.Verifier(i.oidcConf)
 	idToken, err := idTokenVerifier.Verify(ctx, rawIDToken)
 	if err != nil {
-		return nil, fmt.Errorf("could not verify id token: %s", err)
+		err = fmt.Errorf("could not verify id token: %s", err)
+		return nil, gtserror.NewErrorUnauthorized(err, err.Error())
 	}
 
 	l.Debug("extracting claims from id_token")
 	claims := &Claims{}
 	if err := idToken.Claims(claims); err != nil {
-		return nil, fmt.Errorf("could not parse claims from idToken: %s", err)
+		err := fmt.Errorf("could not parse claims from idToken: %s", err)
+		return nil, gtserror.NewErrorInternalError(err, err.Error())
 	}
 
 	return claims, nil
diff --git a/internal/oidc/idp.go b/internal/oidc/idp.go
index 7ce535644..90aee81f4 100644
--- a/internal/oidc/idp.go
+++ b/internal/oidc/idp.go
@@ -24,6 +24,7 @@ import (
 
 	"github.com/coreos/go-oidc/v3/oidc"
 	"github.com/superseriousbusiness/gotosocial/internal/config"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
 	"golang.org/x/oauth2"
 )
 
@@ -39,7 +40,7 @@ type IDP interface {
 	// with a set of claims.
 	//
 	// Note that this function *does not* verify state. That should be handled by the caller *before* this function is called.
-	HandleCallback(ctx context.Context, code string) (*Claims, error)
+	HandleCallback(ctx context.Context, code string) (*Claims, gtserror.WithCode)
 	// AuthCodeURL returns the proper redirect URL for this IDP, for redirecting requesters to the correct OIDC endpoint.
 	AuthCodeURL(state string) string
 }