Clean error messages.

This commit is contained in:
juanifioren 2015-05-13 18:36:04 -03:00
parent 43997632dd
commit 6a696453fc

View file

@ -4,7 +4,8 @@ import urllib
class RedirectUriError(Exception): class RedirectUriError(Exception):
error = 'Redirect URI Error' error = 'Redirect URI Error'
description = 'The request fails due to a missing, invalid, or mismatching redirection URI (redirect_uri).' description = 'The request fails due to a missing, invalid, or mismatching '
'redirection URI (redirect_uri).'
class ClientIdError(Exception): class ClientIdError(Exception):
@ -20,39 +21,54 @@ class AuthorizeError(Exception):
# https://tools.ietf.org/html/rfc6749#section-4.1.2.1 # https://tools.ietf.org/html/rfc6749#section-4.1.2.1
'invalid_request': 'The request is otherwise malformed', 'invalid_request': 'The request is otherwise malformed',
'unauthorized_client': 'The client is not authorized to request an authorization code using this method', 'unauthorized_client': 'The client is not authorized to request an '
'authorization code using this method',
'access_denied': 'The resource owner or authorization server denied the request', 'access_denied': 'The resource owner or authorization server denied '
'the request',
'unsupported_response_type': 'The authorization server does not support obtaining an authorization code using ' 'unsupported_response_type': 'The authorization server does not '
'this method', 'support obtaining an authorization code '
'using this method',
'invalid_scope': 'The requested scope is invalid, unknown, or malformed', 'invalid_scope': 'The requested scope is invalid, unknown, or '
'malformed',
'server_error': 'The authorization server encountered an error', 'server_error': 'The authorization server encountered an error',
'temporarily_unavailable': 'The authorization server is currently unable to handle the request due to a ' 'temporarily_unavailable': 'The authorization server is currently '
'temporary overloading or maintenance of the server', 'unable to handle the request due to a '
'temporary overloading or maintenance of '
'the server',
# OpenID errors. # OpenID errors.
# http://openid.net/specs/openid-connect-core-1_0.html#AuthError # http://openid.net/specs/openid-connect-core-1_0.html#AuthError
'interaction_required': 'The Authorization Server requires End-User interaction of some form to proceed', 'interaction_required': 'The Authorization Server requires End-User '
'interaction of some form to proceed',
'login_required': 'The Authorization Server requires End-User authentication', 'login_required': 'The Authorization Server requires End-User '
'authentication',
'account_selection_required': 'The End-User is required to select a session at the Authorization Server', 'account_selection_required': 'The End-User is required to select a '
'session at the Authorization Server',
'consent_required': 'The Authorization Server requires End-User consent', 'consent_required': 'The Authorization Server requires End-User'
'consent',
'invalid_request_uri': 'The request_uri in the Authorization Request returns an error or contains invalid data', 'invalid_request_uri': 'The request_uri in the Authorization Request '
'returns an error or contains invalid data',
'invalid_request_object': 'The request parameter contains an invalid Request Object', 'invalid_request_object': 'The request parameter contains an invalid '
'Request Object',
'request_not_supported': 'The provider does not support use of the request parameter', 'request_not_supported': 'The provider does not support use of the '
'request parameter',
'request_uri_not_supported': 'The provider does not support use of the request_uri parameter', 'request_uri_not_supported': 'The provider does not support use of the '
'request_uri parameter',
'registration_not_supported': 'The provider does not support use of the registration parameter', 'registration_not_supported': 'The provider does not support use of '
'the registration parameter',
} }
def __init__(self, redirect_uri, error, grant_type): def __init__(self, redirect_uri, error, grant_type):
@ -66,7 +82,8 @@ class AuthorizeError(Exception):
description = urllib.quote(self.description) description = urllib.quote(self.description)
# See: http://openid.net/specs/openid-connect-core-1_0.html#ImplicitAuthError # See:
# http://openid.net/specs/openid-connect-core-1_0.html#ImplicitAuthError
hash_or_question = '#' if self.grant_type == 'implicit' else '?' hash_or_question = '#' if self.grant_type == 'implicit' else '?'
uri = '{0}{1}error={2}&error_description={3}'.format( uri = '{0}{1}error={2}&error_description={3}'.format(
@ -92,18 +109,23 @@ class TokenError(Exception):
# https://tools.ietf.org/html/rfc6749#section-5.2 # https://tools.ietf.org/html/rfc6749#section-5.2
'invalid_request': 'The request is otherwise malformed', 'invalid_request': 'The request is otherwise malformed',
'invalid_client': 'Client authentication failed (e.g., unknown client, no client authentication included, ' 'invalid_client': 'Client authentication failed (e.g., unknown client, '
'or unsupported authentication method)', 'no client authentication included, or unsupported '
'authentication method)',
'invalid_grant': 'The provided authorization grant or refresh token is invalid, expired, revoked, does not ' 'invalid_grant': 'The provided authorization grant or refresh token is '
'match the redirection URI used in the authorization request, or was issued to another client', 'invalid, expired, revoked, does not match the '
'redirection URI used in the authorization request, '
'or was issued to another client',
'unauthorized_client': 'The authenticated client is not authorized to use this authorization grant type', 'unauthorized_client': 'The authenticated client is not authorized to '
'use this authorization grant type',
'unsupported_grant_type': 'The authorization grant type is not supported by the authorization server', 'unsupported_grant_type': 'The authorization grant type is not '
'supported by the authorization server',
'invalid_scope': 'The requested scope is invalid, unknown, malformed, or exceeds the scope granted by the ' 'invalid_scope': 'The requested scope is invalid, unknown, malformed, '
'resource owner', 'or exceeds the scope granted by the resource owner',
} }
def __init__(self, error): def __init__(self, error):
@ -129,10 +151,12 @@ class UserInfoError(Exception):
'The request is otherwise malformed', 400 'The request is otherwise malformed', 400
), ),
'invalid_token': ( 'invalid_token': (
'The access token provided is expired, revoked, malformed, or invalid for other reasons', 401 'The access token provided is expired, revoked, malformed, '
'or invalid for other reasons', 401
), ),
'insufficient_scope': ( 'insufficient_scope': (
'The request requires higher privileges than provided by the access token', 403 'The request requires higher privileges than provided by '
'the access token', 403
), ),
} }