-
Notifications
You must be signed in to change notification settings - Fork 8.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Oauth authorization fail produce a generic error message #4048
Comments
Hi @wayglem!
You're correct: |
This change aims to display the oauth error to the user when the autnetication process fails. Close swagger-api#4048
This change aims to display the oauth error to the user when the autnetication process fails. Close #4048
This is unfortunately still not working correctly for the client_credentials flow; fn.fetch throws an error and because of this the user just gets a generic "Error: Unauthorized" or "Error: Bad Request" if e.g. the Authorization Server answers with a 401 or 400 (which is according to the spec). I will create a PR on this. |
…ation call - Inspect the error and error_description properties of the response, if available
* Additional fix of #4048, more error messages from authorization call Inspect the error and error_description properties of the response, if available * Fixed linter errors
Expected Behavior
When using oauth access_code but it's probably the same for authorization code.
User clicks on Authrorize button and an oauth error occurs (for exmaple unknown client_id).
The authorization server shall informs the client by redirecting to the redirect URI and adding an
error
query parameter (optionallyerror_description
anderror_uri
too). c.f RFCUser should see those information when back to swagger-ui in the error message.
Current Behavior
User only gets a harcoded error message
Possible Solution
It's possible to get the error, error_description and error_uri in the query params of oauth-redirect page. I can make a PR if someone can confirm that the oauth-redirect.html file is not generated (never worked on react)
The text was updated successfully, but these errors were encountered: