sources/oauth: improve error messages

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-10-10 13:28:25 +03:00
parent 239092b872
commit 00a6c2a40b
3 changed files with 62 additions and 38 deletions

View File

@ -4,6 +4,7 @@ from typing import Any, Optional
from urllib.parse import parse_qsl from urllib.parse import parse_qsl
from django.utils.crypto import constant_time_compare, get_random_string from django.utils.crypto import constant_time_compare, get_random_string
from django.utils.translation import gettext as _
from requests.exceptions import RequestException from requests.exceptions import RequestException
from requests.models import Response from requests.models import Response
from structlog.stdlib import get_logger from structlog.stdlib import get_logger
@ -58,11 +59,13 @@ class OAuth2Client(BaseOAuthClient):
callback = self.request.build_absolute_uri(self.callback or self.request.path) callback = self.request.build_absolute_uri(self.callback or self.request.path)
if not self.check_application_state(): if not self.check_application_state():
LOGGER.warning("Application state check failed.") LOGGER.warning("Application state check failed.")
return None return {"error": "State check failed."}
code = self.get_request_arg("code", None) code = self.get_request_arg("code", None)
if not code: if not code:
LOGGER.warning("No code returned by the source") LOGGER.warning("No code returned by the source")
return None error = self.get_request_arg("error", None)
error_desc = self.get_request_arg("error_description", None)
return {"error": error_desc or error or _("No token received.")}
args = { args = {
"client_id": self.get_client_id(), "client_id": self.get_client_id(),
"client_secret": self.get_client_secret(), "client_secret": self.get_client_secret(),

View File

@ -97,7 +97,15 @@ class OAuthCallback(OAuthClientMixin, View):
def handle_login_failure(self, reason: str) -> HttpResponse: def handle_login_failure(self, reason: str) -> HttpResponse:
"Message user and redirect on error." "Message user and redirect on error."
LOGGER.warning("Authentication Failure", reason=reason) LOGGER.warning("Authentication Failure", reason=reason)
messages.error(self.request, _("Authentication Failed.")) messages.error(
self.request,
_(
"Authentication failed: %(reason)s"
% {
"reason": reason,
}
),
)
return redirect(self.get_error_redirect(self.source, reason)) return redirect(self.get_error_redirect(self.source, reason))

View File

@ -8,7 +8,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: PACKAGE VERSION\n" "Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2022-09-22 18:53+0000\n" "POT-Creation-Date: 2022-10-10 10:27+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n" "Language-Team: LANGUAGE <LL@li.org>\n"
@ -184,12 +184,12 @@ msgstr ""
msgid "Successfully linked %(source)s!" msgid "Successfully linked %(source)s!"
msgstr "" msgstr ""
#: authentik/core/templates/if/admin.html:26 #: authentik/core/templates/if/admin.html:21
#: authentik/core/templates/if/admin.html:32 #: authentik/core/templates/if/admin.html:27
#: authentik/core/templates/if/flow.html:40 #: authentik/core/templates/if/flow.html:37
#: authentik/core/templates/if/flow.html:46 #: authentik/core/templates/if/flow.html:43
#: authentik/core/templates/if/user.html:26 #: authentik/core/templates/if/user.html:21
#: authentik/core/templates/if/user.html:32 #: authentik/core/templates/if/user.html:27
msgid "Loading..." msgid "Loading..."
msgstr "" msgstr ""
@ -235,7 +235,7 @@ msgstr ""
msgid "Go home" msgid "Go home"
msgstr "" msgstr ""
#: authentik/core/templates/login/base_full.html:89 #: authentik/core/templates/login/base_full.html:90
msgid "Powered by authentik" msgid "Powered by authentik"
msgstr "" msgstr ""
@ -246,7 +246,7 @@ msgstr ""
msgid "You're about to sign into %(application)s." msgid "You're about to sign into %(application)s."
msgstr "" msgstr ""
#: authentik/crypto/api.py:144 #: authentik/crypto/api.py:177
msgid "Subject-alt name" msgid "Subject-alt name"
msgstr "" msgstr ""
@ -858,23 +858,23 @@ msgstr ""
msgid "Authorization Codes" msgid "Authorization Codes"
msgstr "" msgstr ""
#: authentik/providers/oauth2/models.py:411 #: authentik/providers/oauth2/models.py:418
msgid "Access Token" msgid "Access Token"
msgstr "" msgstr ""
#: authentik/providers/oauth2/models.py:412 #: authentik/providers/oauth2/models.py:419
msgid "Refresh Token" msgid "Refresh Token"
msgstr "" msgstr ""
#: authentik/providers/oauth2/models.py:413 #: authentik/providers/oauth2/models.py:420
msgid "ID Token" msgid "ID Token"
msgstr "" msgstr ""
#: authentik/providers/oauth2/models.py:422 #: authentik/providers/oauth2/models.py:429
msgid "OAuth2 Token" msgid "OAuth2 Token"
msgstr "" msgstr ""
#: authentik/providers/oauth2/models.py:423 #: authentik/providers/oauth2/models.py:430
msgid "OAuth2 Tokens" msgid "OAuth2 Tokens"
msgstr "" msgstr ""
@ -1119,6 +1119,10 @@ msgstr ""
msgid "Password does not match Active Directory Complexity." msgid "Password does not match Active Directory Complexity."
msgstr "" msgstr ""
#: authentik/sources/oauth/clients/oauth2.py:68
msgid "No token received."
msgstr ""
#: authentik/sources/oauth/models.py:24 #: authentik/sources/oauth/models.py:24
msgid "Request Token URL" msgid "Request Token URL"
msgstr "" msgstr ""
@ -1173,87 +1177,96 @@ msgid "GitHub OAuth Sources"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:124 #: authentik/sources/oauth/models.py:124
msgid "Mailcow OAuth Source" msgid "Twitch OAuth Source"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:125 #: authentik/sources/oauth/models.py:125
msgid "Mailcow OAuth Sources" msgid "Twitch OAuth Sources"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:134 #: authentik/sources/oauth/models.py:134
msgid "Twitter OAuth Source" msgid "Mailcow OAuth Source"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:135 #: authentik/sources/oauth/models.py:135
msgid "Twitter OAuth Sources" msgid "Mailcow OAuth Sources"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:144 #: authentik/sources/oauth/models.py:144
msgid "Facebook OAuth Source" msgid "Twitter OAuth Source"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:145 #: authentik/sources/oauth/models.py:145
msgid "Facebook OAuth Sources" msgid "Twitter OAuth Sources"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:154 #: authentik/sources/oauth/models.py:154
msgid "Discord OAuth Source" msgid "Facebook OAuth Source"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:155 #: authentik/sources/oauth/models.py:155
msgid "Discord OAuth Sources" msgid "Facebook OAuth Sources"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:164 #: authentik/sources/oauth/models.py:164
msgid "Google OAuth Source" msgid "Discord OAuth Source"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:165 #: authentik/sources/oauth/models.py:165
msgid "Google OAuth Sources" msgid "Discord OAuth Sources"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:174 #: authentik/sources/oauth/models.py:174
msgid "Azure AD OAuth Source" msgid "Google OAuth Source"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:175 #: authentik/sources/oauth/models.py:175
msgid "Azure AD OAuth Sources" msgid "Google OAuth Sources"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:184 #: authentik/sources/oauth/models.py:184
msgid "OpenID OAuth Source" msgid "Azure AD OAuth Source"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:185 #: authentik/sources/oauth/models.py:185
msgid "OpenID OAuth Sources" msgid "Azure AD OAuth Sources"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:194 #: authentik/sources/oauth/models.py:194
msgid "Apple OAuth Source" msgid "OpenID OAuth Source"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:195 #: authentik/sources/oauth/models.py:195
msgid "Apple OAuth Sources" msgid "OpenID OAuth Sources"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:204 #: authentik/sources/oauth/models.py:204
msgid "Okta OAuth Source" msgid "Apple OAuth Source"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:205 #: authentik/sources/oauth/models.py:205
msgid "Apple OAuth Sources"
msgstr ""
#: authentik/sources/oauth/models.py:214
msgid "Okta OAuth Source"
msgstr ""
#: authentik/sources/oauth/models.py:215
msgid "Okta OAuth Sources" msgid "Okta OAuth Sources"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:228 #: authentik/sources/oauth/models.py:238
msgid "User OAuth Source Connection" msgid "User OAuth Source Connection"
msgstr "" msgstr ""
#: authentik/sources/oauth/models.py:229 #: authentik/sources/oauth/models.py:239
msgid "User OAuth Source Connections" msgid "User OAuth Source Connections"
msgstr "" msgstr ""
#: authentik/sources/oauth/views/callback.py:100 #: authentik/sources/oauth/views/callback.py:103
msgid "Authentication Failed." #, python-format
msgid "Authentication failed: %(reason)s"
msgstr "" msgstr ""
#: authentik/sources/plex/models.py:37 #: authentik/sources/plex/models.py:37