How can I get an external OAuth2 authentication service's error messages?

Question

User2103511619 posted

I am currently learning to use OAuth2 and so I have created a Google account and trying to fiddle around with it.

When the authentication fails, all I seem to get is

GetExternalLogin(provider = "Google", error = "access_denied");

... which is not very verbose.

In Fiddler's session log I found a response explaining in detail what the error was:

HTTP/1.1 403 Forbidden
Vary: X-Origin
Content-Type: application/json; charset=UTF-8
Date: Mon, 09 Nov 2015 12:22:00 GMT
Expires: Mon, 09 Nov 2015 12:22:00 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alternate-Protocol: 443:quic,p=1
Alt-Svc: quic=":443"; p="1"; ma=604800
Accept-Ranges: none
Vary: Origin,Accept-Encoding
Content-Length: 520

{
 "error": {
  "errors": [
   {
    "domain": "usageLimits",
    "reason": "accessNotConfigured",
    "message": "Access Not Configured. The API (Google+ API) is not enabled for your project. Please use the Google Developers Console to update your configuration.",
    "extendedHelp": "https://console.developers.google.com"
   }
  ],
  "code": 403,
  "message": "Access Not Configured. The API (Google+ API) is not enabled for your project. Please use the Google Developers Console to update your configuration."
 }
}

This error was sent to the Katana middleware.

Is there a callback I can set to be able to evaluate such error message?

Answer 1

User-986267747 posted

Hi AxeID,

In Fiddler's session log I found a response explaining in detail what the error was:

Is there a callback I can set to be able to evaluate such error message?

GetExternalLogin(provider = "Google", error = "access_denied");

According to your description, you use the GetExternalLogin Method to define the error message when the authentication fails, maybe you could try to debug your code and catch the exception then you could use the exception error message directly instead of the GetExternalLogin Method.

HTTP/1.1 403 Forbidden

Besides, for the error message, Google+ API was not activated. You could enable Google+ API for your project.

http://stackoverflow.com/questions/22870082/getting-error-403-access-not-configured-please-use-google-developers-console-t

I hope it's helpful to you.

Best Regards,

Klein zhang

Answer 2

User2103511619 posted

Er, Exception?? I didn't get any exception.

You are absolutely right, I'm working with the Web API 2.1 template to learn how things work with external providers.

But which exception would there be which allowed me to catch the detailed error message of an external provider? As far as I can see, Katana is the only one to receive the above message. And Katana doesn't propagate it to the application. AFAIK, the application gets called with

GetExternalLogin(provider = "Google", error = "access_denied");

... and that's it.

Isn't there some delegate I could add to the OAuthAuthorizationServerOptions class that'd provide me with the error details when I need them?

I would very much want to log the exact error returned by the external provider when things like the above case happen. Of course I can easily solve the above error, but what if Google returns other errors. Then I want to know about these.

Answer 3

User614698185 posted

Hi AxelD,

But which exception would there be which allowed me to catch the detailed error message of an external provider?

I think you should custom OAuthAuthorizationServerOptions class catch the detailed error message of an external provider according to your own requriement.

You could refer to this link: http://stackoverflow.com/questions/25032513/how-to-get-error-message-returned-by-dotnetopenauth-oauth2-on-client-side

Best Regards,

Candice Zhou