Client doesn't catch/handle error messages #7
Comments
|
I just checked to make sure that Exceptions were being thrown at each step where there's an error received or incomplete configuration values. Is there a particular step that you noticed this behavior? |
|
If you look at the URLs from the user in the other issue's report, he's getting back an OAuth error (ie, there's "error=" in the parameters list) and it appears that the client code isn't short circuiting there. I should note that I'm flying a little blind here but I just wanted you to make sure that you were catching that error class. You know, one way to test this would be to use it against a MITREid Connect test server and click the "Deny" button on the approval page. That should send back an error similar to (but not the same as) the one the user was getting that you can test against and see what the code does. If the base library does the right thing there, then #6 is potentially due to the user misusing the client library (maybe not catching errors correctly?). |
|
I updated the codebase with additional error checking. See commit 297afd2 |
According to the dialogue from a user in #6 , it looks like the client filter isn't catching the error codes that come back from the server on an error condition and is instead trying to attempt the authentication event again immediately. This leads to an infinite redirect loop.
The text was updated successfully, but these errors were encountered: