summaryrefslogtreecommitdiff
path: root/internal/oidc/handlecallback.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/oidc/handlecallback.go')
-rw-r--r--internal/oidc/handlecallback.go18
1 files changed, 12 insertions, 6 deletions
diff --git a/internal/oidc/handlecallback.go b/internal/oidc/handlecallback.go
index c0c1ed453..588fb227b 100644
--- a/internal/oidc/handlecallback.go
+++ b/internal/oidc/handlecallback.go
@@ -24,24 +24,28 @@ import (
"fmt"
"github.com/sirupsen/logrus"
+ "github.com/superseriousbusiness/gotosocial/internal/gtserror"
)
-func (i *idp) HandleCallback(ctx context.Context, code string) (*Claims, error) {
+func (i *idp) HandleCallback(ctx context.Context, code string) (*Claims, gtserror.WithCode) {
l := logrus.WithField("func", "HandleCallback")
if code == "" {
- return nil, errors.New("code was empty string")
+ err := errors.New("code was empty string")
+ return nil, gtserror.NewErrorBadRequest(err, err.Error())
}
l.Debug("exchanging code for oauth2token")
oauth2Token, err := i.oauth2Config.Exchange(ctx, code)
if err != nil {
- return nil, fmt.Errorf("error exchanging code for oauth2token: %s", err)
+ err := fmt.Errorf("error exchanging code for oauth2token: %s", err)
+ return nil, gtserror.NewErrorInternalError(err)
}
l.Debug("extracting id_token")
rawIDToken, ok := oauth2Token.Extra("id_token").(string)
if !ok {
- return nil, errors.New("no id_token in oauth2token")
+ err := errors.New("no id_token in oauth2token")
+ return nil, gtserror.NewErrorBadRequest(err, err.Error())
}
l.Debugf("raw id token: %s", rawIDToken)
@@ -50,13 +54,15 @@ func (i *idp) HandleCallback(ctx context.Context, code string) (*Claims, error)
idTokenVerifier := i.provider.Verifier(i.oidcConf)
idToken, err := idTokenVerifier.Verify(ctx, rawIDToken)
if err != nil {
- return nil, fmt.Errorf("could not verify id token: %s", err)
+ err = fmt.Errorf("could not verify id token: %s", err)
+ return nil, gtserror.NewErrorUnauthorized(err, err.Error())
}
l.Debug("extracting claims from id_token")
claims := &Claims{}
if err := idToken.Claims(claims); err != nil {
- return nil, fmt.Errorf("could not parse claims from idToken: %s", err)
+ err := fmt.Errorf("could not parse claims from idToken: %s", err)
+ return nil, gtserror.NewErrorInternalError(err, err.Error())
}
return claims, nil
generated by cgit v1.2.3 (git 2.46.0) at 2025-07-12 23:29:51 +0000