Clean up error flow for sso

error messages can now propagate to the user's browser

service/OneService.cpp

@@ -1740,7 +1740,6 @@ public:
 						} else {
 							scode = 200;
 							sprintf(resBuf, ssoResponseTemplate, "Authentication Successful. You may now access the network.");
-							responseBody = std::string(resBuf);
 						}
 					} else {
 						// not an object? We got a problem
@@ -1751,6 +1750,7 @@ public:
 					zeroidc::free_cstr(code);
 					zeroidc::free_cstr(ret);
 
+					responseBody = std::string(resBuf);
 					responseContentType = "text/html";
 					return scode;
 				} else {

zeroidc/src/ext.rs

@@ -247,11 +247,19 @@ pub extern "C" fn zeroidc_token_exchange(idc: *mut ZeroIDC, code: *const c_char)
     let ret = idc.do_token_exchange(code);
     match ret {
         Ok(ret) => {
+            #[cfg(debug_assertions)]
+            {
+                println!("do_token_exchange ret: {}", ret);
+            }
             let ret = CString::new(ret).unwrap();
             ret.into_raw()
         }
         Err(e) => {
-            let errstr = format!("{{\"errorMessage\":\"{}\"\"}}", e);
+            #[cfg(debug_assertions)]
+            {
+                println!("do_token_exchange err: {}", e);
+            }
+            let errstr = format!("{{\"errorMessage\": \"{}\"}}", e);
             let ret = CString::new(errstr).unwrap();
             ret.into_raw()
         }

zeroidc/src/lib.rs

@@ -579,6 +579,7 @@ impl ZeroIDC {
 
                         match res {
                             Ok(res) => {
+                                if res.status() == 200 {
                                     #[cfg(debug_assertions)]
                                     {
                                         println!("hit url: {}", res.url().as_str());
@@ -630,6 +631,17 @@ impl ZeroIDC {
                                     };
 
                                     Ok(bytes)
+                                } else {
+                                    if res.status() == 402 {
+                                        Err(SSOExchangeError::new(
+                                            "additional license seats required. Please contact your network administrator.".to_string(),
+                                        ))
+                                    } else {
+                                        Err(SSOExchangeError::new(
+                                            "error from central endpoint".to_string(),
+                                        ))
+                                    }
+                                }
                             }
                             Err(res) => {
                                 println!("error result: {}", res);