From 15626fcae02602a7157e0aff3be6354016d3d941 Mon Sep 17 00:00:00 2001
From: Daniel Jiang <jiangd@vmware.com>
Date: Sun, 28 Apr 2019 13:37:12 +0800
Subject: [PATCH] Return more details for error in exchange token

This commit update the response off OIDC callback when there's error in exchange token.
Additionally add comments to clarify that by default 500 error will not
contain any details.

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
---
 src/common/api/base.go       | 7 +++++--
 src/core/controllers/oidc.go | 4 +++-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/common/api/base.go b/src/common/api/base.go
index a45db6a55..fba8c3621 100644
--- a/src/common/api/base.go
+++ b/src/common/api/base.go
@@ -222,6 +222,9 @@ func (b *BaseAPI) SendBadRequestError(err error) {
 }
 
 // SendInternalServerError sends internal server error to the client.
+// Note the detail info of err will not include in the response body.
+// When you send an internal server error  to the client, you expect user to check the log
+// to find out the root cause.
 func (b *BaseAPI) SendInternalServerError(err error) {
 	log.Error(err.Error())
 	b.RenderFormattedError(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError))
@@ -232,12 +235,12 @@ func (b *BaseAPI) SendForbiddenError(err error) {
 	b.RenderFormattedError(http.StatusForbidden, err.Error())
 }
 
-// SendPreconditionFailedError sends forbidden error to the client.
+// SendPreconditionFailedError sends conflict error to the client.
 func (b *BaseAPI) SendPreconditionFailedError(err error) {
 	b.RenderFormattedError(http.StatusPreconditionFailed, err.Error())
 }
 
-// SendStatusServiceUnavailableError sends forbidden error to the client.
+// SendStatusServiceUnavailableError sends service unavailable error to the client.
 func (b *BaseAPI) SendStatusServiceUnavailableError(err error) {
 	b.RenderFormattedError(http.StatusServiceUnavailable, err.Error())
 }
diff --git a/src/core/controllers/oidc.go b/src/core/controllers/oidc.go
index c27501278..a0ab7afbf 100644
--- a/src/core/controllers/oidc.go
+++ b/src/core/controllers/oidc.go
@@ -82,7 +82,9 @@ func (oc *OIDCController) Callback() {
 	ctx := oc.Ctx.Request.Context()
 	token, err := oidc.ExchangeToken(ctx, code)
 	if err != nil {
-		oc.SendInternalServerError(err)
+		log.Errorf("Failed to exchange token, error: %v", err)
+		// Return a 4xx error so user can see the details in case it's due to misconfiguration.
+		oc.SendBadRequestError(err)
 		return
 	}
 	idToken, err := oidc.VerifyToken(ctx, token.IDToken)