Display detailed errors when login fails (#1069)

Signed-off-by: Lenin Alevski <alevsk.8772@gmail.com> Co-authored-by: Alex <33497058+bexsoft@users.noreply.github.com> Co-authored-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com>
2021-09-21 20:48:24 -07:00
parent e7665fae85
commit 137ff41be2
6 changed files with 35 additions and 45 deletions
--- a/restapi/error.go
+++ b/restapi/error.go
@@ -11,7 +11,7 @@ import (
 )

 var (
-	// ErrorGeneric is a heneric error message
+	// ErrorGeneric is a generic error message
 	ErrorGeneric               = errors.New("an error occurred, please try again")
 	errInvalidCredentials      = errors.New("invalid Login")
 	errorGenericInvalidSession = errors.New("invalid session")
@@ -33,6 +33,7 @@ var (
 	errLicenseNotFound              = errors.New("license not found")
 	errAvoidSelfAccountDelete       = errors.New("logged in user cannot be deleted by itself")
 	errAccessDenied                 = errors.New("access denied")
+	errOauth2Provider               = errors.New("error contacting the external identity provider")
 )

 // Tiering errors
@@ -134,7 +135,7 @@ func prepareError(err ...error) *models.Error {
 			errorCode = 401
 			errorMessage = errorGenericInvalidSession.Error()
 		}
-		// if we received a second error take that as friendly message but dont override the code
+		// if we received a second error take that as friendly message but don't override the code
 		if len(err) > 1 && err[1] != nil {
 			LogError("friendly error: %v", err[1].Error())
 			errorMessage = err[1].Error()
--- a/restapi/user_login.go
+++ b/restapi/user_login.go
@@ -163,11 +163,11 @@ func getLoginResponse(lr *models.LoginRequest) (*models.LoginResponse, *models.E
 	// prepare console credentials
 	consolCreds, err := getConsoleCredentials(ctx, *lr.AccessKey, *lr.SecretKey)
 	if err != nil {
-		return nil, prepareError(errInvalidCredentials, nil, err)
+		return nil, prepareError(err, errInvalidCredentials, err)
 	}
 	sessionID, err := login(consolCreds)
 	if err != nil {
-		return nil, prepareError(errInvalidCredentials, nil, err)
+		return nil, prepareError(err, errInvalidCredentials, err)
 	}
 	// serialize output
 	loginResponse := &models.LoginResponse{
@@ -186,7 +186,7 @@ func getLoginDetailsResponse() (*models.LoginDetails, *models.Error) {
 		// initialize new oauth2 client
 		oauth2Client, err := oauth2.NewOauth2ProviderClient(nil, GetConsoleHTTPClient())
 		if err != nil {
-			return nil, prepareError(err)
+			return nil, prepareError(err, errOauth2Provider)
 		}
 		// Validate user against IDP
 		identityProvider := &auth.IdentityProvider{Client: oauth2Client}