Clean up error flow for sso

error messages can now propagate to the user's browser
This commit is contained in:
Grant Limberg 2022-05-12 17:00:43 -07:00
parent e7fee4c6ce
commit da179d9930
No known key found for this signature in database
GPG Key ID: 8F2F97D3BE8D7735
3 changed files with 68 additions and 48 deletions

View File

@ -1740,7 +1740,6 @@ public:
} else { } else {
scode = 200; scode = 200;
sprintf(resBuf, ssoResponseTemplate, "Authentication Successful. You may now access the network."); sprintf(resBuf, ssoResponseTemplate, "Authentication Successful. You may now access the network.");
responseBody = std::string(resBuf);
} }
} else { } else {
// not an object? We got a problem // not an object? We got a problem
@ -1751,6 +1750,7 @@ public:
zeroidc::free_cstr(code); zeroidc::free_cstr(code);
zeroidc::free_cstr(ret); zeroidc::free_cstr(ret);
responseBody = std::string(resBuf);
responseContentType = "text/html"; responseContentType = "text/html";
return scode; return scode;
} else { } else {

View File

@ -247,11 +247,19 @@ pub extern "C" fn zeroidc_token_exchange(idc: *mut ZeroIDC, code: *const c_char)
let ret = idc.do_token_exchange(code); let ret = idc.do_token_exchange(code);
match ret { match ret {
Ok(ret) => { Ok(ret) => {
#[cfg(debug_assertions)]
{
println!("do_token_exchange ret: {}", ret);
}
let ret = CString::new(ret).unwrap(); let ret = CString::new(ret).unwrap();
ret.into_raw() ret.into_raw()
} }
Err(e) => { Err(e) => {
let errstr = format!("{{\"errorMessage\":\"{}\"\"}}", e); #[cfg(debug_assertions)]
{
println!("do_token_exchange err: {}", e);
}
let errstr = format!("{{\"errorMessage\": \"{}\"}}", e);
let ret = CString::new(errstr).unwrap(); let ret = CString::new(errstr).unwrap();
ret.into_raw() ret.into_raw()
} }

View File

@ -579,57 +579,69 @@ impl ZeroIDC {
match res { match res {
Ok(res) => { Ok(res) => {
#[cfg(debug_assertions)] if res.status() == 200 {
{ #[cfg(debug_assertions)]
println!("hit url: {}", res.url().as_str()); {
println!("Status: {}", res.status()); println!("hit url: {}", res.url().as_str());
} println!("Status: {}", res.status());
}
let idt = &id_token.to_string(); let idt = &id_token.to_string();
let t: Result< let t: Result<
Token<jwt::Header, jwt::Claims, jwt::Unverified<'_>>, Token<jwt::Header, jwt::Claims, jwt::Unverified<'_>>,
jwt::Error, jwt::Error,
> = Token::parse_unverified(idt); > = Token::parse_unverified(idt);
if let Ok(t) = t { if let Ok(t) = t {
let claims = t.claims().registered.clone(); let claims = t.claims().registered.clone();
match claims.expiration { match claims.expiration {
Some(exp) => { Some(exp) => {
i.exp_time = exp; i.exp_time = exp;
println!("Set exp time to: {:?}", i.exp_time); println!("Set exp time to: {:?}", i.exp_time);
} }
None => { None => {
panic!("expiration is None. This shouldn't happen"); panic!("expiration is None. This shouldn't happen");
}
} }
} }
i.access_token = Some(tok.access_token().clone());
if let Some(t) = tok.refresh_token() {
i.refresh_token = Some(t.clone());
should_start = true;
}
#[cfg(debug_assertions)]
{
let access_token = tok.access_token();
println!("Access Token: {}", access_token.secret());
let refresh_token = tok.refresh_token();
println!("Refresh Token: {}", refresh_token.unwrap().secret());
}
let bytes = match res.bytes() {
Ok(bytes) => bytes,
Err(_) => Bytes::from(""),
};
let bytes = match from_utf8(bytes.as_ref()) {
Ok(bytes) => bytes.to_string(),
Err(_) => "".to_string(),
};
Ok(bytes)
} else {
if res.status() == 402 {
Err(SSOExchangeError::new(
"additional license seats required. Please contact your network administrator.".to_string(),
))
} else {
Err(SSOExchangeError::new(
"error from central endpoint".to_string(),
))
}
} }
i.access_token = Some(tok.access_token().clone());
if let Some(t) = tok.refresh_token() {
i.refresh_token = Some(t.clone());
should_start = true;
}
#[cfg(debug_assertions)]
{
let access_token = tok.access_token();
println!("Access Token: {}", access_token.secret());
let refresh_token = tok.refresh_token();
println!("Refresh Token: {}", refresh_token.unwrap().secret());
}
let bytes = match res.bytes() {
Ok(bytes) => bytes,
Err(_) => Bytes::from(""),
};
let bytes = match from_utf8(bytes.as_ref()) {
Ok(bytes) => bytes.to_string(),
Err(_) => "".to_string(),
};
Ok(bytes)
} }
Err(res) => { Err(res) => {
println!("error result: {}", res); println!("error result: {}", res);