Skip to content

Commit

Permalink
fix: Error handling in OAuth
Browse files Browse the repository at this point in the history
  • Loading branch information
@jonas-martinez
jonas-martinez committed Oct 13, 2023
1 parent 9413176 commit 3e42b6c
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 4 deletions.
5 changes: 4 additions & 1 deletion apps/identity_web/lib/identity_web/controllers/user_auth_controller.ex
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,7 +145,10 @@ defmodule IdentityWeb.UserAuthController do
# Can do logic stuff here like update the session.
# The user is already logged in, skip login and redirect.

redirect_next_step(conn, Accounts.get_user(response.body["subject"]), login_challenge, true)
case Accounts.get_user(response.body["subject"]) do
nil -> {:error, "Bad access token"}
res -> redirect_next_step(conn, res, login_challenge, true)
end
else
# client = response.body["client"]
conn
Expand Down
10 changes: 7 additions & 3 deletions apps/lenra_web/lib/lenra_web/plug/verify_scope.ex
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,9 +21,8 @@ defmodule LenraWeb.Plug.VerifyScope do
"""
def call(conn, required_scopes) do
with {:ok, token} <- extract_token(conn),
{:ok, subject, response_body} <- HydraApi.check_token_and_get_subject(token, required_scopes) do
user = Accounts.get_user(subject)

{:ok, subject, response_body} <- HydraApi.check_token_and_get_subject(token, required_scopes),
%Lenra.Accounts.User{} = user <- Accounts.get_user(subject) do
conn
|> Auth.put_token_introspect(response_body)
|> Auth.put_resource(user)
Expand All @@ -38,6 +37,11 @@ defmodule LenraWeb.Plug.VerifyScope do
|> reply_error(err)
|> halt()

nil ->
conn
|> reply_error(BusinessError.invalid_token())
|> halt()

err ->
# Should never raise
raise err
Expand Down

0 comments on commit 3e42b6c

Please sign in to comment.