providers/oauth2: improve error handling, ensure correct message is shown to user

2020-12-26 17:50:16 +01:00 · 2020-12-26 17:50:16 +01:00 · 319104c39b
parent a9336f069c
commit 319104c39b
2 changed files with 7 additions and 2 deletions
--- a/authentik/providers/oauth2/errors.py
+++ b/authentik/providers/oauth2/errors.py
@ -1,8 +1,10 @@
 """OAuth errors"""
 from urllib.parse import quote

+from authentik.lib.sentry import SentryIgnoredException

-class OAuth2Error(Exception):
+
+class OAuth2Error(SentryIgnoredException):
    """Base class for all OAuth2 Errors"""

    error: str
--- a/authentik/providers/oauth2/views/authorize.py
+++ b/authentik/providers/oauth2/views/authorize.py
@ -5,6 +5,7 @@ from urllib.parse import parse_qs, urlencode, urlsplit, urlunsplit
 from uuid import uuid4

 from django.http import HttpRequest, HttpResponse
+from django.http.response import Http404
 from django.shortcuts import get_object_or_404, redirect
 from django.utils import timezone
 from structlog import get_logger
@ -342,9 +343,11 @@ class AuthorizationFlowInitView(PolicyAccessView):
        # Extract params so we can save them in the plan context
        try:
            params = OAuthAuthorizationParams.from_request(request)
-        except (ClientIdError, RedirectUriError) as error:
+        except OAuth2Error as error:
            # pylint: disable=no-member
            return bad_request_message(request, error.description, title=error.error)
+        except OAuth2Provider.DoesNotExist:
+            raise Http404
        # Regardless, we start the planner and return to it
        planner = FlowPlanner(self.provider.authorization_flow)
        # planner.use_cache = False