KEYCLOAK-5984 Fix error message in client initiated
This commit is contained in:
stianst
Stian Thorgersen
parent
ecfabe4ebe
commit
cccddebfd0
2 changed files with 20 additions and 10 deletions
|
|
@ -317,12 +317,12 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
|
|||
return response;
|
||||
}
|
||||
} catch (IdentityBrokerException e) {
|
||||
return redirectToErrorPage(authSession, Messages.COULD_NOT_SEND_AUTHENTICATION_REQUEST, e, providerId);
|
||||
return redirectToErrorPage(authSession, Response.Status.INTERNAL_SERVER_ERROR, Messages.COULD_NOT_SEND_AUTHENTICATION_REQUEST, e, providerId);
|
||||
} catch (Exception e) {
|
||||
return redirectToErrorPage(authSession, Messages.UNEXPECTED_ERROR_HANDLING_REQUEST, e, providerId);
|
||||
return redirectToErrorPage(authSession, Response.Status.INTERNAL_SERVER_ERROR, Messages.UNEXPECTED_ERROR_HANDLING_REQUEST, e, providerId);
|
||||
}
|
||||
|
||||
return redirectToErrorPage(authSession, Messages.COULD_NOT_PROCEED_WITH_AUTHENTICATION_REQUEST);
|
||||
return redirectToErrorPage(authSession, Response.Status.INTERNAL_SERVER_ERROR, Messages.COULD_NOT_PROCEED_WITH_AUTHENTICATION_REQUEST);
|
||||
|
||||
}
|
||||
|
||||
|
|
@ -670,7 +670,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
|
|||
return finishOrRedirectToPostBrokerLogin(authSession, context, true, clientSessionCode);
|
||||
|
||||
} catch (Exception e) {
|
||||
return redirectToErrorPage(authSession,Messages.IDENTITY_PROVIDER_UNEXPECTED_ERROR, e);
|
||||
return redirectToErrorPage(authSession, Response.Status.INTERNAL_SERVER_ERROR, Messages.IDENTITY_PROVIDER_UNEXPECTED_ERROR, e);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -734,7 +734,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
|
|||
|
||||
return afterPostBrokerLoginFlowSuccess(authenticationSession, context, wasFirstBrokerLogin, parsedCode.clientSessionCode);
|
||||
} catch (IdentityBrokerException e) {
|
||||
return redirectToErrorPage(authenticationSession, Messages.IDENTITY_PROVIDER_UNEXPECTED_ERROR, e);
|
||||
return redirectToErrorPage(authenticationSession, Response.Status.INTERNAL_SERVER_ERROR, Messages.IDENTITY_PROVIDER_UNEXPECTED_ERROR, e);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -752,7 +752,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
|
|||
|
||||
UserModel linkingUser = AbstractIdpAuthenticator.getExistingUser(session, realmModel, authSession);
|
||||
if (!linkingUser.getId().equals(federatedUser.getId())) {
|
||||
return redirectToErrorPage(authSession, Messages.IDENTITY_PROVIDER_DIFFERENT_USER_MESSAGE, federatedUser.getUsername(), linkingUser.getUsername());
|
||||
return redirectToErrorPage(authSession, Response.Status.BAD_REQUEST, Messages.IDENTITY_PROVIDER_DIFFERENT_USER_MESSAGE, federatedUser.getUsername(), linkingUser.getUsername());
|
||||
}
|
||||
|
||||
SerializedBrokeredIdentityContext serializedCtx = SerializedBrokeredIdentityContext.readFromAuthenticationSession(authSession, AbstractIdpAuthenticator.BROKERED_CONTEXT_NOTE);
|
||||
|
|
@ -866,7 +866,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
|
|||
}
|
||||
|
||||
if (!authenticatedUser.hasRole(this.realmModel.getClientByClientId(Constants.ACCOUNT_MANAGEMENT_CLIENT_ID).getRole(AccountRoles.MANAGE_ACCOUNT))) {
|
||||
return redirectToErrorPage(authSession, Messages.INSUFFICIENT_PERMISSION);
|
||||
return redirectToErrorPage(authSession, Response.Status.FORBIDDEN, Messages.INSUFFICIENT_PERMISSION);
|
||||
}
|
||||
|
||||
if (!authenticatedUser.isEnabled()) {
|
||||
|
|
@ -919,7 +919,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
|
|||
if (authSession.getClient() != null && authSession.getClient().getClientId().equals(Constants.ACCOUNT_MANAGEMENT_CLIENT_ID)) {
|
||||
return redirectToAccountErrorPage(authSession, message, parameters);
|
||||
} else {
|
||||
return redirectToErrorPage(authSession, message, parameters); // Should rather redirect to app instead and display error here?
|
||||
return redirectToErrorPage(authSession, Response.Status.BAD_REQUEST, message, parameters); // Should rather redirect to app instead and display error here?
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -1057,8 +1057,8 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
|
|||
return Urls.identityProviderAuthnResponse(this.uriInfo.getBaseUri(), providerId, this.realmModel.getName()).toString();
|
||||
}
|
||||
|
||||
private Response redirectToErrorPage(AuthenticationSessionModel authSession,String message, Object ... parameters) {
|
||||
return redirectToErrorPage(authSession, Response.Status.INTERNAL_SERVER_ERROR, message, null, parameters);
|
||||
private Response redirectToErrorPage(AuthenticationSessionModel authSession, Response.Status status, String message, Object ... parameters) {
|
||||
return redirectToErrorPage(authSession, status, message, null, parameters);
|
||||
}
|
||||
|
||||
private Response redirectToErrorPage(Response.Status status, String message, Object ... parameters) {
|
||||
|
|
|
|||
|
|
@ -55,6 +55,16 @@ public class UncaughtErrorPageTest extends AbstractKeycloakTest {
|
|||
assertEquals("An internal server error has occurred", errorPage.getError());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void errorPageException() {
|
||||
oauth.realm("master");
|
||||
oauth.clientId("nosuch");
|
||||
oauth.openLoginForm();
|
||||
|
||||
assertTrue(errorPage.isCurrent());
|
||||
assertEquals("Client not found.", errorPage.getError());
|
||||
}
|
||||
|
||||
private void checkPageNotFound(String path) throws MalformedURLException {
|
||||
URI uri = suiteContext.getAuthServerInfo().getUriBuilder().path(path).build();
|
||||
driver.navigate().to(uri.toURL());
|
||||
|
|
|
|||
Loading…
Reference in a new issue