MM-10573 Add error page if user doesn't authorize Mattermost for OAuth (#9402)

author: Harrison Healey <harrisonmhealey@gmail.com> 2018-09-14 06:32:25 -0400
committer: George Goldberg <george@gberg.me> 2018-09-14 11:32:25 +0100
commit: 8afc52975318e6bd15b8335060476d9871acea15 (patch)
tree: 0f1c674b04b920f5114c3850a073d3cda18e3060 /api4/oauth.go
parent: f2ddef9117712508234b85583c240cc856141980 (diff)
download: chat-8afc52975318e6bd15b8335060476d9871acea15.tar.gz
chat-8afc52975318e6bd15b8335060476d9871acea15.tar.bz2
chat-8afc52975318e6bd15b8335060476d9871acea15.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/api4/oauth.go b/api4/oauth.go
index 961b0fecd..990f292e9 100644
--- a/api4/oauth.go
+++ b/api4/oauth.go
@@ -452,6 +452,15 @@ func completeOAuth(c *Context, w http.ResponseWriter, r *http.Request) {
 
 	service := c.Params.Service
 
+	oauthError := r.URL.Query().Get("error")
+	if oauthError == "access_denied" {
+		utils.RenderWebError(c.App.Config(), w, r, http.StatusTemporaryRedirect, url.Values{
+			"type":    []string{"oauth_access_denied"},
+			"service": []string{strings.Title(service)},
+		}, c.App.AsymmetricSigningKey())
+		return
+	}
+
 	code := r.URL.Query().Get("code")
 	if len(code) == 0 {
 		utils.RenderWebError(c.App.Config(), w, r, http.StatusTemporaryRedirect, url.Values{
author	Harrison Healey <harrisonmhealey@gmail.com>	2018-09-14 06:32:25 -0400
committer	George Goldberg <george@gberg.me>	2018-09-14 11:32:25 +0100
commit	8afc52975318e6bd15b8335060476d9871acea15 (patch)
tree	0f1c674b04b920f5114c3850a073d3cda18e3060 /api4/oauth.go
parent	f2ddef9117712508234b85583c240cc856141980 (diff)
download	chat-8afc52975318e6bd15b8335060476d9871acea15.tar.gz chat-8afc52975318e6bd15b8335060476d9871acea15.tar.bz2 chat-8afc52975318e6bd15b8335060476d9871acea15.zip