diff options
| -rw-r--r-- | module/consumer.cc | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/module/consumer.cc b/module/consumer.cc index 3d1686c..24eea88 100644 --- a/module/consumer.cc +++ b/module/consumer.cc @@ -597,6 +597,18 @@ cancelled_auth (sid_request_t *req, Consumer &consumer, params_t ¶ms, const "<p><a href='", return_to.c_str(), "'>Retry login</a></p>", NULL); } +static void +failed_auth (sid_request_t *req, Consumer &consumer, params_t ¶ms, const string& return_to) +{ + string error; + + if (params.has_param("error")) + error = params.get_param("error"); + + sid_request_respond_headers (req, 500, "OpenID Authenticatior Error", NULL); + sid_request_log_error (req, "error from openid provider", error.c_str()); +} + extern "C" void sid_consumer_authenticate(sid_request_t *req, sid_storage_t *store, const char *trust_root, const char *identity, @@ -634,6 +646,10 @@ sid_consumer_authenticate(sid_request_t *req, sid_storage_t *store, if (openid.has_param("mode") && openid.get_param("mode") == "cancel") { cancelled_auth (req, consumer, openid, url); + /* Returning cancelled authentication */ + } else if (openid.has_param("mode") && openid.get_param("mode") == "error") { + failed_auth (req, consumer, openid, url); + /* Begin a new authentication */ } else { if (!trust_root) |