Right now OmniAuth is a bit too much of a rabbit hole when it comes to error handling. I propose that the default error strategy be updated to be a little more robust:
There exists an option called on_failure that gets called when a strategy calls fail!. By default, it computes some values and then returns the array that Rack expects middleware to return.
In an app at work, re-assigned OmniAuth.config.on_failure to be a block that logs, notified Airbrake and then does what the default does. It would be really nice to be able to somehow easily call super if you were wanting to prepend functionality like that, rather than having to copy the code out (which I did).
It would also be nice if OmniAuth did some logging and let you pass in an object to log to. Or maybe in some other way allow better introspection. If a strategy encounters an exception that it doesn't handle (with rescue and fail!), it can be really hard to figure out what the state of the strategy was that caused the failure. How would folks feel about an OmniAuth.log method that would log if provided with a logging object, but no-op if it hadn't?
Agreed. In OmniAuth 1.1 I will probably introduce something like OmniAuth::FailureEndpoint or something similar that will be a simple Rack endpoint that is the default fail strategy.
Am I correct in understanding that this would mean that other failure strategies could do whatever they were doing and then call off to OmniAuth::FailureEndpoint? If so, that sounds pretty awesome.
Extract default on_failure into class. References #578.
Improves error handling behavior. Closes #578.
* OmniAuth::FailureEndpoint will raise any encountered
errors out if RACK_ENV is development.
* It will redirect compatibly with current OmniAuth if
not in development.
* Now uses Rack::Response to include a content length
in the failure response.
Added raise_exception option
Mentioned [here](d02f9d5#L3R2) and in [ticket #578](#578) but was obviously never introduced along with the other changes made.