Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Improve SAML error messages #8248

Merged
merged 12 commits into from
Sep 14, 2020
Merged

Improve SAML error messages #8248

Changes from 1 commit
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
c34eca9
Separate the SAML2 mapping code from the response parsing code.
clokep Sep 3, 2020
5171d1f
Render errors for issues handling the SAML response.
clokep Sep 3, 2020
a11c959
Render errors for issues mapping to an MXID.
clokep Sep 3, 2020
0b3f8aa
Use the SAML error page for all SSO errors.
clokep Sep 3, 2020
f6fb379
Stop using the SAML error page.
clokep Sep 3, 2020
01978a2
Add changelog file.
clokep Sep 3, 2020
0b51a20
Review feedback.
clokep Sep 9, 2020
15dfc46
Merge branch 'develop' into clokep/better-saml-errs
clokep Sep 9, 2020
eb6be88
Add upgrade notes.
clokep Sep 10, 2020
ba9c7db
Merge remote-tracking branch 'origin/develop' into clokep/better-saml…
clokep Sep 11, 2020
3a9e289
Move upgrade notes.
clokep Sep 11, 2020
d097dba
Review feedback.
clokep Sep 14, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 39 additions & 4 deletions synapse/res/templates/sso_error.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,49 @@
<title>SSO error</title>
</head>
<body>
<p>Oops! Something went wrong during authentication.</p>
{# If an error of unauthorised is returned it means we have actively rejected their login #}
{% if error == "unauthorised" %}
<p>You are not allowed to log in here.</p>
{% else %}
<p>
There was an error during authentication:
</p>
<div id="errormsg" style="margin:20px 80px">{{ error_description }}</div>
<p>
If you are seeing this page after clicking a link sent to you via email, make
sure you only click the confirmation link once, and that you open the
validation link in the same client you're logging in from.
</p>
<p>
Try logging in again from your Matrix client and if the problem persists
please contact the server's administrator.
</p>
<p>Error: <code>{{ error }}</code></p>
{% if error_description %}
<pre><code>{{ error_description }}</code></pre>
{% endif %}

<script type="text/javascript">
// Error handling to support Auth0 errors that we might get through a GET request
// to the validation endpoint. If an error is provided, it's either going to be
// located in the query string or in a query string-like URI fragment.
// We try to locate the error from any of these two locations, but if we can't
// we just don't print anything specific.
let searchStr = "";
if (window.location.search) {
// window.location.searchParams isn't always defined when
// window.location.search is, so it's more reliable to parse the latter.
searchStr = window.location.search;
} else if (window.location.hash) {
// Replace the # with a ? so that URLSearchParams does the right thing and
// doesn't parse the first parameter incorrectly.
searchStr = window.location.hash.replace("#", "?");
}

// We might end up with no error in the URL, so we need to check if we have one
// to print one.
let errorDesc = new URLSearchParams(searchStr).get("error_description")
if (errorDesc) {
document.getElementById("errormsg").innerText = errorDesc;
anoadragon453 marked this conversation as resolved.
Show resolved Hide resolved
}
</script>
{% endif %}
</body>
</html>