From 0ae8cb49791a9e7370d0c420d87e715170ddd940 Mon Sep 17 00:00:00 2001
From: Andrey Antukh <niwi@niwi.nz>
Date: Tue, 9 Jul 2024 13:57:48 +0200
Subject: [PATCH] :bug: Do not report explicit user reject as error on oidc
 auth process

---
 backend/src/app/auth/oidc.clj | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/backend/src/app/auth/oidc.clj b/backend/src/app/auth/oidc.clj
index 69f7eb7d00..5b34ca10ac 100644
--- a/backend/src/app/auth/oidc.clj
+++ b/backend/src/app/auth/oidc.clj
@@ -420,12 +420,6 @@
 
 (defn- get-info
   [{:keys [::provider ::setup/props] :as cfg} {:keys [params] :as request}]
-  (when-let [error (get params :error)]
-    (ex/raise :type :internal
-              :code :error-on-retrieving-code
-              :error-id error
-              :error-desc (get params :error_description)))
-
   (let [state  (get params :state)
         code   (get params :code)
         state  (tokens/verify props {:token state :iss :oauth})
@@ -609,9 +603,11 @@
 (defn- callback-handler
   [cfg request]
   (try
-    (let [info    (get-info cfg request)
-          profile (get-profile cfg info)]
-      (process-callback cfg request info profile))
+    (if-let [error (dm/get-in request [:params :error])]
+      (redirect-with-error "unable-to-auth" error)
+      (let [info    (get-info cfg request)
+            profile (get-profile cfg info)]
+        (process-callback cfg request info profile)))
     (catch Throwable cause
       (l/err :hint "error on oauth process" :cause cause)
       (redirect-with-error "unable-to-auth" (ex-message cause)))))