sources/oauth: improve error messages
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
239092b872
commit
00a6c2a40b
|
@ -4,6 +4,7 @@ from typing import Any, Optional
|
||||||
from urllib.parse import parse_qsl
|
from urllib.parse import parse_qsl
|
||||||
|
|
||||||
from django.utils.crypto import constant_time_compare, get_random_string
|
from django.utils.crypto import constant_time_compare, get_random_string
|
||||||
|
from django.utils.translation import gettext as _
|
||||||
from requests.exceptions import RequestException
|
from requests.exceptions import RequestException
|
||||||
from requests.models import Response
|
from requests.models import Response
|
||||||
from structlog.stdlib import get_logger
|
from structlog.stdlib import get_logger
|
||||||
|
@ -58,11 +59,13 @@ class OAuth2Client(BaseOAuthClient):
|
||||||
callback = self.request.build_absolute_uri(self.callback or self.request.path)
|
callback = self.request.build_absolute_uri(self.callback or self.request.path)
|
||||||
if not self.check_application_state():
|
if not self.check_application_state():
|
||||||
LOGGER.warning("Application state check failed.")
|
LOGGER.warning("Application state check failed.")
|
||||||
return None
|
return {"error": "State check failed."}
|
||||||
code = self.get_request_arg("code", None)
|
code = self.get_request_arg("code", None)
|
||||||
if not code:
|
if not code:
|
||||||
LOGGER.warning("No code returned by the source")
|
LOGGER.warning("No code returned by the source")
|
||||||
return None
|
error = self.get_request_arg("error", None)
|
||||||
|
error_desc = self.get_request_arg("error_description", None)
|
||||||
|
return {"error": error_desc or error or _("No token received.")}
|
||||||
args = {
|
args = {
|
||||||
"client_id": self.get_client_id(),
|
"client_id": self.get_client_id(),
|
||||||
"client_secret": self.get_client_secret(),
|
"client_secret": self.get_client_secret(),
|
||||||
|
|
|
@ -97,7 +97,15 @@ class OAuthCallback(OAuthClientMixin, View):
|
||||||
def handle_login_failure(self, reason: str) -> HttpResponse:
|
def handle_login_failure(self, reason: str) -> HttpResponse:
|
||||||
"Message user and redirect on error."
|
"Message user and redirect on error."
|
||||||
LOGGER.warning("Authentication Failure", reason=reason)
|
LOGGER.warning("Authentication Failure", reason=reason)
|
||||||
messages.error(self.request, _("Authentication Failed."))
|
messages.error(
|
||||||
|
self.request,
|
||||||
|
_(
|
||||||
|
"Authentication failed: %(reason)s"
|
||||||
|
% {
|
||||||
|
"reason": reason,
|
||||||
|
}
|
||||||
|
),
|
||||||
|
)
|
||||||
return redirect(self.get_error_redirect(self.source, reason))
|
return redirect(self.get_error_redirect(self.source, reason))
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -8,7 +8,7 @@ msgid ""
|
||||||
msgstr ""
|
msgstr ""
|
||||||
"Project-Id-Version: PACKAGE VERSION\n"
|
"Project-Id-Version: PACKAGE VERSION\n"
|
||||||
"Report-Msgid-Bugs-To: \n"
|
"Report-Msgid-Bugs-To: \n"
|
||||||
"POT-Creation-Date: 2022-09-22 18:53+0000\n"
|
"POT-Creation-Date: 2022-10-10 10:27+0000\n"
|
||||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||||
|
@ -184,12 +184,12 @@ msgstr ""
|
||||||
msgid "Successfully linked %(source)s!"
|
msgid "Successfully linked %(source)s!"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/core/templates/if/admin.html:26
|
#: authentik/core/templates/if/admin.html:21
|
||||||
#: authentik/core/templates/if/admin.html:32
|
#: authentik/core/templates/if/admin.html:27
|
||||||
#: authentik/core/templates/if/flow.html:40
|
#: authentik/core/templates/if/flow.html:37
|
||||||
#: authentik/core/templates/if/flow.html:46
|
#: authentik/core/templates/if/flow.html:43
|
||||||
#: authentik/core/templates/if/user.html:26
|
#: authentik/core/templates/if/user.html:21
|
||||||
#: authentik/core/templates/if/user.html:32
|
#: authentik/core/templates/if/user.html:27
|
||||||
msgid "Loading..."
|
msgid "Loading..."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -235,7 +235,7 @@ msgstr ""
|
||||||
msgid "Go home"
|
msgid "Go home"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/core/templates/login/base_full.html:89
|
#: authentik/core/templates/login/base_full.html:90
|
||||||
msgid "Powered by authentik"
|
msgid "Powered by authentik"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -246,7 +246,7 @@ msgstr ""
|
||||||
msgid "You're about to sign into %(application)s."
|
msgid "You're about to sign into %(application)s."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/crypto/api.py:144
|
#: authentik/crypto/api.py:177
|
||||||
msgid "Subject-alt name"
|
msgid "Subject-alt name"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -858,23 +858,23 @@ msgstr ""
|
||||||
msgid "Authorization Codes"
|
msgid "Authorization Codes"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/providers/oauth2/models.py:411
|
#: authentik/providers/oauth2/models.py:418
|
||||||
msgid "Access Token"
|
msgid "Access Token"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/providers/oauth2/models.py:412
|
#: authentik/providers/oauth2/models.py:419
|
||||||
msgid "Refresh Token"
|
msgid "Refresh Token"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/providers/oauth2/models.py:413
|
#: authentik/providers/oauth2/models.py:420
|
||||||
msgid "ID Token"
|
msgid "ID Token"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/providers/oauth2/models.py:422
|
#: authentik/providers/oauth2/models.py:429
|
||||||
msgid "OAuth2 Token"
|
msgid "OAuth2 Token"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/providers/oauth2/models.py:423
|
#: authentik/providers/oauth2/models.py:430
|
||||||
msgid "OAuth2 Tokens"
|
msgid "OAuth2 Tokens"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
@ -1119,6 +1119,10 @@ msgstr ""
|
||||||
msgid "Password does not match Active Directory Complexity."
|
msgid "Password does not match Active Directory Complexity."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
#: authentik/sources/oauth/clients/oauth2.py:68
|
||||||
|
msgid "No token received."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:24
|
#: authentik/sources/oauth/models.py:24
|
||||||
msgid "Request Token URL"
|
msgid "Request Token URL"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
@ -1173,87 +1177,96 @@ msgid "GitHub OAuth Sources"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:124
|
#: authentik/sources/oauth/models.py:124
|
||||||
msgid "Mailcow OAuth Source"
|
msgid "Twitch OAuth Source"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:125
|
#: authentik/sources/oauth/models.py:125
|
||||||
msgid "Mailcow OAuth Sources"
|
msgid "Twitch OAuth Sources"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:134
|
#: authentik/sources/oauth/models.py:134
|
||||||
msgid "Twitter OAuth Source"
|
msgid "Mailcow OAuth Source"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:135
|
#: authentik/sources/oauth/models.py:135
|
||||||
msgid "Twitter OAuth Sources"
|
msgid "Mailcow OAuth Sources"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:144
|
#: authentik/sources/oauth/models.py:144
|
||||||
msgid "Facebook OAuth Source"
|
msgid "Twitter OAuth Source"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:145
|
#: authentik/sources/oauth/models.py:145
|
||||||
msgid "Facebook OAuth Sources"
|
msgid "Twitter OAuth Sources"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:154
|
#: authentik/sources/oauth/models.py:154
|
||||||
msgid "Discord OAuth Source"
|
msgid "Facebook OAuth Source"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:155
|
#: authentik/sources/oauth/models.py:155
|
||||||
msgid "Discord OAuth Sources"
|
msgid "Facebook OAuth Sources"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:164
|
#: authentik/sources/oauth/models.py:164
|
||||||
msgid "Google OAuth Source"
|
msgid "Discord OAuth Source"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:165
|
#: authentik/sources/oauth/models.py:165
|
||||||
msgid "Google OAuth Sources"
|
msgid "Discord OAuth Sources"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:174
|
#: authentik/sources/oauth/models.py:174
|
||||||
msgid "Azure AD OAuth Source"
|
msgid "Google OAuth Source"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:175
|
#: authentik/sources/oauth/models.py:175
|
||||||
msgid "Azure AD OAuth Sources"
|
msgid "Google OAuth Sources"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:184
|
#: authentik/sources/oauth/models.py:184
|
||||||
msgid "OpenID OAuth Source"
|
msgid "Azure AD OAuth Source"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:185
|
#: authentik/sources/oauth/models.py:185
|
||||||
msgid "OpenID OAuth Sources"
|
msgid "Azure AD OAuth Sources"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:194
|
#: authentik/sources/oauth/models.py:194
|
||||||
msgid "Apple OAuth Source"
|
msgid "OpenID OAuth Source"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:195
|
#: authentik/sources/oauth/models.py:195
|
||||||
msgid "Apple OAuth Sources"
|
msgid "OpenID OAuth Sources"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:204
|
#: authentik/sources/oauth/models.py:204
|
||||||
msgid "Okta OAuth Source"
|
msgid "Apple OAuth Source"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:205
|
#: authentik/sources/oauth/models.py:205
|
||||||
|
msgid "Apple OAuth Sources"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: authentik/sources/oauth/models.py:214
|
||||||
|
msgid "Okta OAuth Source"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
#: authentik/sources/oauth/models.py:215
|
||||||
msgid "Okta OAuth Sources"
|
msgid "Okta OAuth Sources"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:228
|
#: authentik/sources/oauth/models.py:238
|
||||||
msgid "User OAuth Source Connection"
|
msgid "User OAuth Source Connection"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/models.py:229
|
#: authentik/sources/oauth/models.py:239
|
||||||
msgid "User OAuth Source Connections"
|
msgid "User OAuth Source Connections"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/oauth/views/callback.py:100
|
#: authentik/sources/oauth/views/callback.py:103
|
||||||
msgid "Authentication Failed."
|
#, python-format
|
||||||
|
msgid "Authentication failed: %(reason)s"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: authentik/sources/plex/models.py:37
|
#: authentik/sources/plex/models.py:37
|
||||||
|
|
Reference in New Issue