IdentityServer3 icon indicating copy to clipboard operation
IdentityServer3 copied to clipboard
verified publisher icon IdentityServer

Better errors for invalid requests

Open lukos opened this issue 8 years ago • 0 comments

We have many developers who are new to oidc and who are trying to configure a plugin to use our site with idsrv but several errors all return the same thing, making it hard to distinguish real errors from user errors.

For instance, client.Enabled == false, IsRedirectUriValidAsync() == false, request.Flow != Client.Flow and !AreScopesValid() all produce the error, "The client application is not known or is not authorized.", which I believe is both misleading and unhelpful.

Many people will call the IdP with the wrong redirect uri and be told the client is not authorized, which is not strictly true and which doesn't help them fix their problem.

Is it OK for me to submit a PR that distinguishes these errors more specifically so that the ViewService can choose to show different messages or pages to the user to help them fix their problem?

lukos avatar May 22 '17 15:05 lukos