[feature] More consistent API error handling (#637)

* update templates * start reworking api error handling * update template * return AP status at web endpoint if negotiated * start making api error handling much more consistent * update account endpoints to new error handling * use new api error handling in admin endpoints * go fmt ./... * use api error logic in app * use generic error handling in auth * don't export generic error handler * don't defer clearing session * user nicer error handling on oidc callback handler * tidy up the sign in handler * tidy up the token handler * use nicer error handling in blocksget * auth emojis endpoint * fix up remaining api endpoints * fix whoopsie during login flow * regenerate swagger docs * change http error logging to debug
2025-10-29 02:22:26 -05:00 · 2022-06-08 20:38:03 +02:00 · 2022-06-08 20:38:03 +02:00 · 1ede54ddf6
commit 1ede54ddf6
parent 91c0ed863a
130 changed files with 2154 additions and 1673 deletions
--- a/internal/oidc/handlecallback.go
+++ b/internal/oidc/handlecallback.go
@ -24,24 +24,28 @@ import (
 	"fmt"

 	"github.com/sirupsen/logrus"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
 )

-func (i *idp) HandleCallback(ctx context.Context, code string) (*Claims, error) {
+func (i *idp) HandleCallback(ctx context.Context, code string) (*Claims, gtserror.WithCode) {
 	l := logrus.WithField("func", "HandleCallback")
 	if code == "" {
-		return nil, errors.New("code was empty string")
+		err := errors.New("code was empty string")
+		return nil, gtserror.NewErrorBadRequest(err, err.Error())
 	}

 	l.Debug("exchanging code for oauth2token")
 	oauth2Token, err := i.oauth2Config.Exchange(ctx, code)
 	if err != nil {
-		return nil, fmt.Errorf("error exchanging code for oauth2token: %s", err)
+		err := fmt.Errorf("error exchanging code for oauth2token: %s", err)
+		return nil, gtserror.NewErrorInternalError(err)
 	}

 	l.Debug("extracting id_token")
 	rawIDToken, ok := oauth2Token.Extra("id_token").(string)
 	if !ok {
-		return nil, errors.New("no id_token in oauth2token")
+		err := errors.New("no id_token in oauth2token")
+		return nil, gtserror.NewErrorBadRequest(err, err.Error())
 	}
 	l.Debugf("raw id token: %s", rawIDToken)

@ -50,13 +54,15 @@ func (i *idp) HandleCallback(ctx context.Context, code string) (*Claims, error)
 	idTokenVerifier := i.provider.Verifier(i.oidcConf)
 	idToken, err := idTokenVerifier.Verify(ctx, rawIDToken)
 	if err != nil {
-		return nil, fmt.Errorf("could not verify id token: %s", err)
+		err = fmt.Errorf("could not verify id token: %s", err)
+		return nil, gtserror.NewErrorUnauthorized(err, err.Error())
 	}

 	l.Debug("extracting claims from id_token")
 	claims := &Claims{}
 	if err := idToken.Claims(claims); err != nil {
-		return nil, fmt.Errorf("could not parse claims from idToken: %s", err)
+		err := fmt.Errorf("could not parse claims from idToken: %s", err)
+		return nil, gtserror.NewErrorInternalError(err, err.Error())
 	}

 	return claims, nil
--- a/internal/oidc/idp.go
+++ b/internal/oidc/idp.go
@ -24,6 +24,7 @@ import (

 	"github.com/coreos/go-oidc/v3/oidc"
 	"github.com/superseriousbusiness/gotosocial/internal/config"
+	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
 	"golang.org/x/oauth2"
 )

@ -39,7 +40,7 @@ type IDP interface {
 	// with a set of claims.
 	//
 	// Note that this function *does not* verify state. That should be handled by the caller *before* this function is called.
-	HandleCallback(ctx context.Context, code string) (*Claims, error)
+	HandleCallback(ctx context.Context, code string) (*Claims, gtserror.WithCode)
 	// AuthCodeURL returns the proper redirect URL for this IDP, for redirecting requesters to the correct OIDC endpoint.
 	AuthCodeURL(state string) string
 }