From f3acd34128a3553e3a8f7e2da85be470c73e326b Mon Sep 17 00:00:00 2001
From: Joram Wilander <jwawilander@gmail.com>
Date: Mon, 10 Jul 2017 14:52:59 -0400
Subject: Redirect OAuth SSO errors to error page (#6898)

---
 api4/oauth.go | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

(limited to 'api4')

diff --git a/api4/oauth.go b/api4/oauth.go
index d00b4a666..05a38d206 100644
--- a/api4/oauth.go
+++ b/api4/oauth.go
@@ -392,7 +392,9 @@ func completeOAuth(c *Context, w http.ResponseWriter, r *http.Request) {
 
 	code := r.URL.Query().Get("code")
 	if len(code) == 0 {
-		c.Err = model.NewAppError("completeOAuth", "api.oauth.complete_oauth.missing_code.app_error", map[string]interface{}{"service": strings.Title(service)}, "URL: "+r.URL.String(), http.StatusBadRequest)
+		err := model.NewAppError("completeOAuth", "api.oauth.complete_oauth.missing_code.app_error", map[string]interface{}{"service": strings.Title(service)}, "URL: "+r.URL.String(), http.StatusBadRequest)
+		err.Translate(c.T)
+		http.Redirect(w, r, c.GetSiteURLHeader()+"/error?message="+err.Message, http.StatusTemporaryRedirect)
 		return
 	}
 
@@ -402,13 +404,17 @@ func completeOAuth(c *Context, w http.ResponseWriter, r *http.Request) {
 
 	body, teamId, props, err := app.AuthorizeOAuthUser(w, r, service, code, state, uri)
 	if err != nil {
-		c.Err = err
+		err.Translate(c.T)
+		l4g.Error(err.Error())
+		http.Redirect(w, r, c.GetSiteURLHeader()+"/error?message="+err.Message, http.StatusTemporaryRedirect)
 		return
 	}
 
 	user, err := app.CompleteOAuth(service, body, teamId, props)
 	if err != nil {
-		c.Err = err
+		err.Translate(c.T)
+		l4g.Error(err.Error())
+		http.Redirect(w, r, c.GetSiteURLHeader()+"/error?message="+err.Message, http.StatusTemporaryRedirect)
 		return
 	}
 
-- 
cgit v1.2.3-1-g7c22