instead of ctx.error use ctx.json so that clients

Nils Hillmann · Nils Hillmann · commit d25562814d4a · 2021-05-05T19:27:06.000+02:00
parse error and error_description correctly
diff --git a/routers/user/oauth.go b/routers/user/oauth.go
@@ -108,8 +108,8 @@ const (
 
 // BearerTokenError represents an error response specified in RFC 6750
 type BearerTokenError struct {
-	ErrorCode        BearerTokenErrorCode
-	ErrorDescription string
+	ErrorCode        BearerTokenErrorCode `json:"error" form:"error"`
+	ErrorDescription string               `json:"error_description"`
 }
 
 // TokenType specifies the kind of token
@@ -635,12 +635,12 @@ func handleAuthorizeError(ctx *context.Context, authErr AuthorizeError, redirect
 func handleBearerTokenError(ctx *context.Context, beErr BearerTokenError) {
 	ctx.Resp.Header().Set("WWW-Authenticate", fmt.Sprintf("Bearer realm=\"\", error=\"%s\", error_description=\"%s\"", beErr.ErrorCode, beErr.ErrorDescription))
 	if beErr.ErrorCode == BearerTokenErrorCodeInvalidRequest {
-		ctx.Error(http.StatusBadRequest)
+		ctx.JSON(http.StatusBadRequest, beErr)
 	}
 	if beErr.ErrorCode == BearerTokenErrorCodeInvalidToken {
-		ctx.Error(http.StatusUnauthorized)
+		ctx.JSON(http.StatusUnauthorized, beErr)
 	}
 	if beErr.ErrorCode == BearerTokenErrorCodeInsufficientScope {
-		ctx.Error(http.StatusForbidden)
+		ctx.JSON(http.StatusForbidden, beErr)
 	}
 }

Original file line number	Diff line number	Diff line change
`@@ -108,8 +108,8 @@ const (`
`108`	`108`
`109`	`109`	`// BearerTokenError represents an error response specified in RFC 6750`
`110`	`110`	`type BearerTokenError struct {`
`111`		`- ErrorCode BearerTokenErrorCode`
`112`		`- ErrorDescription string`
	`111`	+ ErrorCode BearerTokenErrorCode `json:"error" form:"error"`
	`112`	+ ErrorDescription string `json:"error_description"`
`113`	`113`	`}`
`114`	`114`
`115`	`115`	`// TokenType specifies the kind of token`
`@@ -635,12 +635,12 @@ func handleAuthorizeError(ctx *context.Context, authErr AuthorizeError, redirect`
`635`	`635`	`func handleBearerTokenError(ctx *context.Context, beErr BearerTokenError) {`
`636`	`636`	`ctx.Resp.Header().Set("WWW-Authenticate", fmt.Sprintf("Bearer realm=\"\", error=\"%s\", error_description=\"%s\"", beErr.ErrorCode, beErr.ErrorDescription))`
`637`	`637`	`if beErr.ErrorCode == BearerTokenErrorCodeInvalidRequest {`
`638`		`- ctx.Error(http.StatusBadRequest)`
	`638`	`+ ctx.JSON(http.StatusBadRequest, beErr)`
`639`	`639`	`}`
`640`	`640`	`if beErr.ErrorCode == BearerTokenErrorCodeInvalidToken {`
`641`		`- ctx.Error(http.StatusUnauthorized)`
	`641`	`+ ctx.JSON(http.StatusUnauthorized, beErr)`
`642`	`642`	`}`
`643`	`643`	`if beErr.ErrorCode == BearerTokenErrorCodeInsufficientScope {`
`644`		`- ctx.Error(http.StatusForbidden)`
	`644`	`+ ctx.JSON(http.StatusForbidden, beErr)`
`645`	`645`	`}`
`646`	`646`	`}`