oauth2: Share error details with redirect fallback

Closes #974 Signed-off-by: arekkas <aeneas@ory.am>
ory · Aug 7, 2018 · f4b928a · f4b928a
1 parent ce4e4ef
commit f4b928a
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 1 deletion.
diff --git a/cmd/server/handler_oauth2_factory.go b/cmd/server/handler_oauth2_factory.go
@@ -195,6 +195,7 @@ func newOAuth2Handler(c *config.Config, frontend, backend *httprouter.Router, cm
 		OpenIDJWTStrategy:      openIDJWTStrategy,
 		AccessTokenJWTStrategy: accessTokenJWTStrategy,
 		IDTokenLifespan:        c.GetIDTokenLifespan(),
+		ShareOAuth2Debug:       c.SendOAuth2DebugMessagesToClients,
 	}
 
 	handler.SetRoutes(frontend, backend)

diff --git a/oauth2/handler.go b/oauth2/handler.go
@@ -638,8 +638,13 @@ func (h *Handler) writeAuthorizeError(w http.ResponseWriter, ar fosite.Authorize
 		query := redirectURI.Query()
 		query.Add("error", rfcerr.Name)
 		query.Add("error_description", rfcerr.Description)
-		redirectURI.RawQuery = query.Encode()
+		query.Add("error_hint", rfcerr.Hint)
+
+		if h.ShareOAuth2Debug {
+			query.Add("error_debug", rfcerr.Debug)
+		}
 
+		redirectURI.RawQuery = query.Encode()
 		w.Header().Add("Location", redirectURI.String())
 		w.WriteHeader(http.StatusFound)
 		return

diff --git a/oauth2/handler_struct.go b/oauth2/handler_struct.go
@@ -59,4 +59,6 @@ type Handler struct {
 	ClaimsSupported  string
 	ScopesSupported  string
 	UserinfoEndpoint string
+
+	ShareOAuth2Debug bool
 }