providers/oauth2: pass application to configuration error event

authentik/providers/oauth2/errors.py

@@ -23,11 +23,12 @@ class OAuth2Error(SentryIgnoredException):
     def __repr__(self) -> str:
         return self.error
 
-    def to_event(self, message: Optional[str] = None) -> Event:
+    def to_event(self, message: Optional[str] = None, **kwargs) -> Event:
         """Create configuration_error Event and save it."""
         return Event.new(
             EventAction.CONFIGURATION_ERROR,
             message=message or self.description,
+            **kwargs,
         )
 
 
@@ -49,10 +50,11 @@ class RedirectUriError(OAuth2Error):
         self.provided_uri = provided_uri
         self.allowed_uris = allowed_uris
 
-    def to_event(self) -> Event:
+    def to_event(self, **kwargs) -> Event:
         return super().to_event(
             f"Invalid redirect URI was used. Client used '{self.provided_uri}'. "
-            f"Allowed redirect URIs are {','.join(self.allowed_uris)}"
+            f"Allowed redirect URIs are {','.join(self.allowed_uris)}",
+            **kwargs,
         )
 
 
@@ -68,8 +70,10 @@ class ClientIdError(OAuth2Error):
         super().__init__()
         self.client_id = client_id
 
-    def to_event(self) -> Event:
+    def to_event(self, **kwargs) -> Event:
-        return super().to_event(f"Invalid client identifier: {self.client_id}.")
+        return super().to_event(
+            f"Invalid client identifier: {self.client_id}.", **kwargs
+        )
 
 
 class UserAuthError(OAuth2Error):

authentik/providers/oauth2/views/authorize.py

@@ -256,12 +256,12 @@ class OAuthFulfillmentStage(StageView):
             ).from_http(self.request)
             return redirect(self.create_response_uri())
         except (ClientIdError, RedirectUriError) as error:
-            error.to_event().from_http(request)
+            error.to_event(application=application).from_http(request)
             self.executor.stage_invalid()
             # pylint: disable=no-member
             return bad_request_message(request, error.description, title=error.error)
         except AuthorizeError as error:
-            error.to_event().from_http(request)
+            error.to_event(application=application).from_http(request)
             self.executor.stage_invalid()
             return redirect(error.create_uri())
 
@@ -379,7 +379,7 @@ class AuthorizationFlowInitView(PolicyAccessView):
         try:
             self.params = OAuthAuthorizationParams.from_request(self.request)
         except AuthorizeError as error:
-            error.to_event().from_http(self.request)
+            error.to_event(redirect_uri=error.redirect_uri).from_http(self.request)
             raise RequestValidationError(redirect(error.create_uri()))
         except OAuth2Error as error:
             error.to_event().from_http(self.request)
@@ -396,7 +396,7 @@ class AuthorizationFlowInitView(PolicyAccessView):
                 self.params.grant_type,
                 self.params.state,
             )
-            error.to_event().from_http(self.request)
+            error.to_event(redirect_uri=error.redirect_uri).from_http(self.request)
             raise RequestValidationError(redirect(error.create_uri()))
 
     def resolve_provider_application(self):