mirror/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-11-14 22:16:14 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

fix: Add server logging for OAuth server errors

Browse source 
Although an error was presented to the user about that there's an
internal server error, the error itself is never logged.

Relevant: https://codeberg.org/Codeberg/Community/issues/1675
(cherry picked from commit a857007d65)
This commit is contained in:
Gusted 2024-10-17 09:13:48 +02:00 committed by forgejo-backport-action
parent 0f7020cbef
commit fb21899097
1 changed files with 11 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
routers/web/auth/oauth.go
View file

@ -527,7 +527,7 @@ func AuthorizeOAuth(ctx *context.Context) {
grant, err := app.GetGrantByUserID(ctx, ctx.Doer.ID)
if err != nil {
handleServerError(ctx, form.State, form.RedirectURI)
handleServerError(ctx, form.State, form.RedirectURI, err)
return
}
@ -536,12 +536,12 @@ func AuthorizeOAuth(ctx *context.Context) {
if app.ConfidentialClient && grant != nil {
code, err := grant.GenerateNewAuthorizationCode(ctx, form.RedirectURI, form.CodeChallenge, form.CodeChallengeMethod)
if err != nil {
handleServerError(ctx, form.State, form.RedirectURI)
handleServerError(ctx, form.State, form.RedirectURI, err)
return
}
redirect, err := code.GenerateRedirectURI(form.State)
if err != nil {
handleServerError(ctx, form.State, form.RedirectURI)
handleServerError(ctx, form.State, form.RedirectURI, err)
return
}
// Update nonce to reflect the new session
@ -570,19 +570,19 @@ func AuthorizeOAuth(ctx *context.Context) {
// TODO document SESSION <=> FORM
err = ctx.Session.Set("client_id", app.ClientID)
if err != nil {
handleServerError(ctx, form.State, form.RedirectURI)
handleServerError(ctx, form.State, form.RedirectURI, err)
log.Error(err.Error())
return
}
err = ctx.Session.Set("redirect_uri", form.RedirectURI)
if err != nil {
handleServerError(ctx, form.State, form.RedirectURI)
handleServerError(ctx, form.State, form.RedirectURI, err)
log.Error(err.Error())
return
}
err = ctx.Session.Set("state", form.State)
if err != nil {
handleServerError(ctx, form.State, form.RedirectURI)
handleServerError(ctx, form.State, form.RedirectURI, err)
log.Error(err.Error())
return
}
@ -619,7 +619,7 @@ func GrantApplicationOAuth(ctx *context.Context) {
}
grant, err := app.GetGrantByUserID(ctx, ctx.Doer.ID)
if err != nil {
handleServerError(ctx, form.State, form.RedirectURI)
handleServerError(ctx, form.State, form.RedirectURI, err)
return
}
if grant == nil {
@ -654,12 +654,12 @@ func GrantApplicationOAuth(ctx *context.Context) {
code, err := grant.GenerateNewAuthorizationCode(ctx, form.RedirectURI, codeChallenge, codeChallengeMethod)
if err != nil {
handleServerError(ctx, form.State, form.RedirectURI)
handleServerError(ctx, form.State, form.RedirectURI, err)
return
}
redirect, err := code.GenerateRedirectURI(form.State)
if err != nil {
handleServerError(ctx, form.State, form.RedirectURI)
handleServerError(ctx, form.State, form.RedirectURI, err)
return
}
ctx.Redirect(redirect.String(), http.StatusSeeOther)
@ -888,7 +888,8 @@ func handleAccessTokenError(ctx *context.Context, acErr AccessTokenError) {
ctx.JSON(http.StatusBadRequest, acErr)
}
func handleServerError(ctx *context.Context, state, redirectURI string) {
func handleServerError(ctx *context.Context, state, redirectURI string, err error) {
log.Error("OAuth server error: %v", err)
handleAuthorizeError(ctx, AuthorizeError{
ErrorCode: ErrorCodeServerError,
ErrorDescription: "A server error occurred",