From 6a696453fcba721e8667ce40aa3263a86fdda3a5 Mon Sep 17 00:00:00 2001
From: juanifioren <juanifioren@gmail.com>
Date: Wed, 13 May 2015 18:36:04 -0300
Subject: [PATCH] Clean error messages.

---
 oidc_provider/lib/errors.py | 80 ++++++++++++++++++++++++-------------
 1 file changed, 52 insertions(+), 28 deletions(-)

diff --git a/oidc_provider/lib/errors.py b/oidc_provider/lib/errors.py
index 51ba9f3..88f0cc0 100644
--- a/oidc_provider/lib/errors.py
+++ b/oidc_provider/lib/errors.py
@@ -4,7 +4,8 @@ import urllib
 class RedirectUriError(Exception):
 
     error = 'Redirect URI Error'
-    description = 'The request fails due to a missing, invalid, or mismatching redirection URI (redirect_uri).'
+    description = 'The request fails due to a missing, invalid, or mismatching '
+                  'redirection URI (redirect_uri).'
 
 
 class ClientIdError(Exception):
@@ -20,39 +21,54 @@ class AuthorizeError(Exception):
         # https://tools.ietf.org/html/rfc6749#section-4.1.2.1
         'invalid_request': 'The request is otherwise malformed',
 
-        'unauthorized_client': 'The client is not authorized to request an authorization code using this method',
+        'unauthorized_client': 'The client is not authorized to request an '
+                               'authorization code using this method',
 
-        'access_denied': 'The resource owner or authorization server denied the request',
+        'access_denied': 'The resource owner or authorization server denied '
+                         'the request',
 
-        'unsupported_response_type': 'The authorization server does not support obtaining an authorization code using '
-                                     'this method',
+        'unsupported_response_type': 'The authorization server does not '
+                                     'support obtaining an authorization code '
+                                     'using this method',
 
-        'invalid_scope': 'The requested scope is invalid, unknown, or malformed',
+        'invalid_scope': 'The requested scope is invalid, unknown, or '
+                         'malformed',
 
         'server_error': 'The authorization server encountered an error',
 
-        'temporarily_unavailable': 'The authorization server is currently unable to handle the request due to a '
-                                   'temporary overloading or maintenance of the server',
+        'temporarily_unavailable': 'The authorization server is currently '
+                                   'unable to handle the request due to a '
+                                   'temporary overloading or maintenance of '
+                                   'the server',
 
         # OpenID errors.
         # http://openid.net/specs/openid-connect-core-1_0.html#AuthError
-        'interaction_required': 'The Authorization Server requires End-User interaction of some form to proceed',
+        'interaction_required': 'The Authorization Server requires End-User '
+                                'interaction of some form to proceed',
 
-        'login_required': 'The Authorization Server requires End-User authentication',
+        'login_required': 'The Authorization Server requires End-User '
+                          'authentication',
 
-        'account_selection_required': 'The End-User is required to select a session at the Authorization Server',
+        'account_selection_required': 'The End-User is required to select a '
+                                      'session at the Authorization Server',
 
-        'consent_required': 'The Authorization Server requires End-User consent',
+        'consent_required': 'The Authorization Server requires End-User'
+                            'consent',
 
-        'invalid_request_uri': 'The request_uri in the Authorization Request returns an error or contains invalid data',
+        'invalid_request_uri': 'The request_uri in the Authorization Request '
+                               'returns an error or contains invalid data',
 
-        'invalid_request_object': 'The request parameter contains an invalid Request Object',
+        'invalid_request_object': 'The request parameter contains an invalid '
+                                  'Request Object',
 
-        'request_not_supported': 'The provider does not support use of the request parameter',
+        'request_not_supported': 'The provider does not support use of the '
+                                 'request parameter',
 
-        'request_uri_not_supported': 'The provider does not support use of the request_uri parameter',
+        'request_uri_not_supported': 'The provider does not support use of the '
+                                     'request_uri parameter',
 
-        'registration_not_supported': 'The provider does not support use of the registration parameter',
+        'registration_not_supported': 'The provider does not support use of '
+                                      'the registration parameter',
     }
 
     def __init__(self, redirect_uri, error, grant_type):
@@ -66,7 +82,8 @@ class AuthorizeError(Exception):
 
         description = urllib.quote(self.description)
 
-        # See: http://openid.net/specs/openid-connect-core-1_0.html#ImplicitAuthError
+        # See:
+        # http://openid.net/specs/openid-connect-core-1_0.html#ImplicitAuthError
         hash_or_question = '#' if self.grant_type == 'implicit' else '?'
 
         uri = '{0}{1}error={2}&error_description={3}'.format(
@@ -92,18 +109,23 @@ class TokenError(Exception):
         # https://tools.ietf.org/html/rfc6749#section-5.2
         'invalid_request': 'The request is otherwise malformed',
 
-        'invalid_client': 'Client authentication failed (e.g., unknown client, no client authentication included, '
-                          'or unsupported authentication method)',
+        'invalid_client': 'Client authentication failed (e.g., unknown client, '
+                          'no client authentication included, or unsupported '
+                          'authentication method)',
 
-        'invalid_grant': 'The provided authorization grant or refresh token is invalid, expired, revoked, does not '
-                         'match the redirection URI used in the authorization request, or was issued to another client',
+        'invalid_grant': 'The provided authorization grant or refresh token is '
+                         'invalid, expired, revoked, does not match the '
+                         'redirection URI used in the authorization request, '
+                         'or was issued to another client',
 
-        'unauthorized_client': 'The authenticated client is not authorized to use this authorization grant type',
+        'unauthorized_client': 'The authenticated client is not authorized to '
+                               'use this authorization grant type',
 
-        'unsupported_grant_type': 'The authorization grant type is not supported by the authorization server',
+        'unsupported_grant_type': 'The authorization grant type is not '
+                                  'supported by the authorization server',
 
-        'invalid_scope': 'The requested scope is invalid, unknown, malformed, or exceeds the scope granted by the '
-                         'resource owner',
+        'invalid_scope': 'The requested scope is invalid, unknown, malformed, '
+                         'or exceeds the scope granted by the resource owner',
     }
 
     def __init__(self, error):
@@ -129,10 +151,12 @@ class UserInfoError(Exception):
             'The request is otherwise malformed', 400
         ),
         'invalid_token': (
-            'The access token provided is expired, revoked, malformed, or invalid for other reasons', 401
+            'The access token provided is expired, revoked, malformed, '
+            'or invalid for other reasons', 401
         ),
         'insufficient_scope': (
-            'The request requires higher privileges than provided by the access token', 403
+            'The request requires higher privileges than provided by '
+            'the access token', 403
         ),
     }