feat(oidc): ✨ Improved callback error handling

itpropro · Jan 12, 2024 · cc9c012 · cc9c012
1 parent c109915
commit cc9c012
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 11 deletions.
diff --git a/.github/workflows/azure-static-web-apps-icy-glacier-0865d4503.yml b/.github/workflows/azure-static-web-apps-icy-glacier-0865d4503.yml
@@ -1,13 +1,14 @@
 name: Azure Static Web Apps CI/CD
 
 on:
-  push:
-    branches:
-      - main
-  pull_request:
-    types: [opened, synchronize, reopened, closed]
-    branches:
-      - main
+  workflow_dispatch:
+  #push:
+  #  branches:
+  #    - main
+  #pull_request:
+  #  types: [opened, synchronize, reopened, closed]
+  #  branches:
+  #    - main
 
 jobs:
   build_and_deploy_job:
@@ -33,7 +34,6 @@ jobs:
           PRE_BUILD_COMMAND: npm install -g pnpm
           CUSTOM_BUILD_COMMAND: pnpm install && pnpm -w run dev:prepare && pnpm -w run dev:build
           NODE_VERSION: 18.17.1
-          POST_BUILD_COMMAND: cp /github/workspace/playground/staticwebapp.config.json ./.output/public/staticwebapp.config.json
 
   close_pull_request_job:
     if: github.event_name == 'pull_request' && github.event.action == 'closed'
@@ -46,3 +46,4 @@ jobs:
         with:
           azure_static_web_apps_api_token: ${{ secrets.AZURE_STATIC_WEB_APPS_API_TOKEN_ICY_GLACIER_0865D4503 }}
           action: "close"
+          app_location: "/playground"
diff --git a/src/runtime/server/lib/oidc.ts b/src/runtime/server/lib/oidc.ts
@@ -93,7 +93,7 @@ export function callbackEventHandler({ onSuccess, onError }: OAuthConfig<UserSes
     const session = await useAuthSession(event)
     // console.log('Callback Session: ', session.data, 'Session ID: ', session.id)
 
-    const { code, state, id_token, admin_consent }: { code: string, state: string, id_token: string, admin_consent: string } = event.method === 'POST' ? await readBody(event) : getQuery(event)
+    const { code, state, id_token, admin_consent, error, error_description }: { code: string, state: string, id_token: string, admin_consent: string, error: string, error_description: string } = event.method === 'POST' ? await readBody(event) : getQuery(event)
 
     // Check for admin consent callback
     if (admin_consent) {
@@ -110,8 +110,14 @@ export function callbackEventHandler({ onSuccess, onError }: OAuthConfig<UserSes
     }
 
     // Check for valid callback
-    if (code && (config.state && !state)) {
-      oidcErrorHandler(event, 'Callback failed, missing fields', onError)
+    if (!code || (config.state && !state) || error) {
+      if (error) {
+        logger.error(error, error_description && `: ${error_description}`)
+      }
+      if (!code) {
+        oidcErrorHandler(event, 'Callback failed, missing code', onError)
+      }
+      oidcErrorHandler(event, 'Callback failed', onError)
     }
 
     // Check for valid state