OIDC: Incorrect error handling in frontend when login using OIDC failed

Question

OIDC: Incorrect error handling in frontend when login using OIDC failed

Opened this issue 2 months ago · 0 comments

Environment information

MWDB version (from /about): v2.13.0
Installation method:
- mwdb.cert.pl service
- From PyPi (pip install mwdb-core)
- From docker-compose
- Other (please explain)
Plugins installed:

Behaviour the bug (what happened?)

When user tries to log in using OIDC and doesn't have account yet, they're asked to register a new one, but "Unknown identity" error appears in the same time.

It's a bit worse when we decline the consent for a requested scope. Sometimes OpenID providers are redirecting us back to the application with error= set in URI. In that case, user is incorrectly asked to register an account once again.

Expected behaviour

Error should not appear in case of non-existent identity
Error should appear in other cases, but prompt for registration should not appear.