From 16fd5470dbd484246e52de7672a8339fdb303f92 Mon Sep 17 00:00:00 2001
From: Cesar Celis Hernandez <celis.hernandez.cesar@gmail.com>
Date: Mon, 1 Aug 2022 19:12:39 -0400
Subject: [PATCH] Correcting response on invalid login attempt (#2216)

Verifying detailed message error from bad login in SSO Test
---
 restapi/errors.go           |  6 ++++++
 sso-integration/sso_test.go | 15 ++++++++++++++-
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/restapi/errors.go b/restapi/errors.go
index 3404e6f2e..5f4a0a50a 100644
--- a/restapi/errors.go
+++ b/restapi/errors.go
@@ -19,6 +19,7 @@ package restapi
 import (
 	"context"
 	"errors"
+	"strings"
 
 	"github.com/go-openapi/swag"
 	"github.com/minio/console/models"
@@ -69,6 +70,7 @@ var (
 	ErrDeletingEncryptionConfig         = errors.New("error disabling tenant encryption")
 	ErrEncryptionConfigNotFound         = errors.New("encryption configuration not found")
 	ErrPolicyNotFound                   = errors.New("policy does not exist")
+	ErrLoginNotAllowed                  = errors.New("login not allowed")
 )
 
 // ErrorWithContext :
@@ -93,6 +95,10 @@ func ErrorWithContext(ctx context.Context, err ...interface{}) *models.Error {
 				errorCode = 401
 				errorMessage = ErrInvalidLogin.Error()
 			}
+			if strings.Contains(err1.Error(), ErrLoginNotAllowed.Error()) {
+				errorCode = 400
+				errorMessage = ErrLoginNotAllowed.Error()
+			}
 			// console invalid erasure coding value
 			if errors.Is(err1, ErrInvalidErasureCodingValue) {
 				errorCode = 400
diff --git a/sso-integration/sso_test.go b/sso-integration/sso_test.go
index b5e0e8766..e87e5b448 100644
--- a/sso-integration/sso_test.go
+++ b/sso-integration/sso_test.go
@@ -21,6 +21,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
+	"io/ioutil"
 	"log"
 	"net/http"
 	"net/url"
@@ -29,6 +30,8 @@ import (
 	"testing"
 	"time"
 
+	"github.com/minio/console/models"
+
 	"github.com/go-openapi/loads"
 	consoleoauth2 "github.com/minio/console/pkg/auth/idp/oauth2"
 	"github.com/minio/console/restapi"
@@ -254,5 +257,15 @@ func TestBadLogin(t *testing.T) {
 	fmt.Println(response)
 	fmt.Println(err)
 	expectedError := response.Status
-	assert.Equal("500 Internal Server Error", expectedError)
+	assert.Equal("400 Bad Request", expectedError)
+	bodyBytes, _ := ioutil.ReadAll(response.Body)
+	result2 := models.Error{}
+	err = json.Unmarshal(bodyBytes, &result2)
+	if err != nil {
+		log.Println(err)
+		assert.Nil(err)
+	}
+	detailedMessage := *result2.DetailedMessage
+	fmt.Println(detailedMessage)
+	assert.Equal("expected 'code' response type - got [], login not allowed", detailedMessage)
 }