diff options
author | Alexander Larsson <alexl@redhat.com> | 2020-06-09 14:28:23 +0200 |
---|---|---|
committer | Alexander Larsson <alexander.larsson@gmail.com> | 2020-06-09 14:52:00 +0200 |
commit | bfa3b1543535b3ae48195c34ed4f730d9b4536e0 (patch) | |
tree | ab7494b435b178b62504b344a8850ab77e0c1a13 | |
parent | 4c9ff0fb7de791ea4401acce8ce118b8e8ec6709 (diff) | |
download | flatpak-bfa3b1543535b3ae48195c34ed4f730d9b4536e0.tar.gz |
Transaction: Add "previous-error" option to basic auth error
Also, send this for the oci authenticator.
-rw-r--r-- | app/flatpak-cli-transaction.c | 5 | ||||
-rw-r--r-- | common/flatpak-oci-registry.c | 24 | ||||
-rw-r--r-- | oci-authenticator/flatpak-oci-authenticator.c | 15 |
3 files changed, 37 insertions, 7 deletions
diff --git a/app/flatpak-cli-transaction.c b/app/flatpak-cli-transaction.c index 3a735ac2..13d7365b 100644 --- a/app/flatpak-cli-transaction.c +++ b/app/flatpak-cli-transaction.c @@ -564,11 +564,14 @@ basic_auth_start (FlatpakTransaction *transaction, guint id) { FlatpakCliTransaction *self = FLATPAK_CLI_TRANSACTION (transaction); - char *user, *password; + char *user, *password, *previous_error = NULL; if (self->disable_interaction) return FALSE; + if (g_variant_lookup (options, "previous-error", "&s", &previous_error)) + g_print ("%s\n", previous_error); + g_print (_("Login required remote %s (realm %s)\n"), remote, realm); user = flatpak_prompt (FALSE, _("User")); if (user == NULL) diff --git a/common/flatpak-oci-registry.c b/common/flatpak-oci-registry.c index 48c8dd04..cf501a5e 100644 --- a/common/flatpak-oci-registry.c +++ b/common/flatpak-oci-registry.c @@ -980,7 +980,7 @@ get_token_for_www_auth (FlatpakOciRegistry *self, g_autoptr(SoupMessage) auth_msg = NULL; g_autoptr(GHashTable) params = NULL; g_autoptr(GHashTable) args = NULL; - const char *realm, *service, *scope, *token; + const char *realm, *service, *scope, *token, *body_data; g_autofree char *default_scope = NULL; g_autoptr(SoupURI) auth_uri = NULL; g_autoptr(GBytes) body = NULL; @@ -1036,11 +1036,29 @@ get_token_for_www_auth (FlatpakOciRegistry *self, if (body == NULL) return NULL; + body_data = (char *)g_bytes_get_data (body, NULL); + if (!SOUP_STATUS_IS_SUCCESSFUL (auth_msg->status_code)) { + const char *error_detail = NULL; + json = json_from_string (body_data, NULL); + if (json) + { + error_detail = object_get_string_member_with_default (json, "details", NULL); + if (error_detail == NULL) + error_detail = object_get_string_member_with_default (json, "message", NULL); + if (error_detail == NULL) + error_detail = object_get_string_member_with_default (json, "error", NULL); + } + if (error_detail == NULL) + g_debug ("Unhandled error body format: %s", body_data); + if (auth_msg->status_code == SOUP_STATUS_UNAUTHORIZED) { - flatpak_fail_error (error, FLATPAK_ERROR_NOT_AUTHORIZED, _("Authorization failed: %s"), (char *)g_bytes_get_data (body, NULL)); + if (error_detail) + flatpak_fail_error (error, FLATPAK_ERROR_NOT_AUTHORIZED, _("Authorization failed: %s"), error_detail); + else + flatpak_fail_error (error, FLATPAK_ERROR_NOT_AUTHORIZED, _("Authorization failed")); return NULL; } @@ -1048,7 +1066,7 @@ get_token_for_www_auth (FlatpakOciRegistry *self, return NULL; } - json = json_from_string ((char *)g_bytes_get_data (body, NULL), error); + json = json_from_string (body_data, error); if (json == NULL) return NULL; diff --git a/oci-authenticator/flatpak-oci-authenticator.c b/oci-authenticator/flatpak-oci-authenticator.c index a8413eb5..f970f983 100644 --- a/oci-authenticator/flatpak-oci-authenticator.c +++ b/oci-authenticator/flatpak-oci-authenticator.c @@ -221,12 +221,21 @@ handle_request_ref_tokens_basic_auth_reply (FlatpakAuthenticatorRequest *object, static char * run_basic_auth (FlatpakAuthenticatorRequest *request, const char *sender, - const char *realm) + const char *realm, + const char *previous_error) { BasicAuthData auth = { FALSE }; int id1, id2; g_autofree char *combined = NULL; - g_autoptr(GVariant) options = g_variant_ref_sink (g_variant_new_array (G_VARIANT_TYPE ("{sv}"), NULL, 0)); + g_autoptr(GVariant) options = NULL; + GVariantBuilder options_builder; + + g_variant_builder_init (&options_builder, G_VARIANT_TYPE ("a{sv}")); + + if (previous_error) + g_variant_builder_add (&options_builder, "{sv}", "previous-error", g_variant_new_string (previous_error)); + + options = g_variant_ref_sink (g_variant_builder_end (&options_builder)); g_cond_init (&auth.cond); g_mutex_init (&auth.mutex); @@ -534,7 +543,7 @@ handle_request_ref_tokens (FlatpakAuthenticator *f_authenticator, { g_autofree char *test_auth = NULL; - test_auth = run_basic_auth (request, sender, oci_registry_uri); + test_auth = run_basic_auth (request, sender, oci_registry_uri, error ? error->message : NULL); if (test_auth == NULL) return cancel_request (request, sender); |