diff options
| author | Patrick Cloke <clokep@users.noreply.github.com> | 2020-09-14 09:05:36 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-09-14 09:05:36 -0400 |
| commit | 6605470bfb8944d369b8fc73195a380b95b6de9d (patch) | |
| tree | 5c95a32327b9f4d87ccfe003c843cae7ef4b5616 /synapse/res/templates/sso_error.html | |
| parent | Add experimental support for sharding event persister. Again. (#8294) (diff) | |
| download | synapse-6605470bfb8944d369b8fc73195a380b95b6de9d.tar.xz | |
Improve SAML error messages (#8248)
Diffstat (limited to 'synapse/res/templates/sso_error.html')
| -rw-r--r-- | synapse/res/templates/sso_error.html | 43 |
1 files changed, 39 insertions, 4 deletions
diff --git a/synapse/res/templates/sso_error.html b/synapse/res/templates/sso_error.html index 43a211386b..af8459719a 100644 --- a/synapse/res/templates/sso_error.html +++ b/synapse/res/templates/sso_error.html @@ -5,14 +5,49 @@ <title>SSO error</title> </head> <body> - <p>Oops! Something went wrong during authentication.</p> +{# If an error of unauthorised is returned it means we have actively rejected their login #} +{% if error == "unauthorised" %} + <p>You are not allowed to log in here.</p> +{% else %} + <p> + There was an error during authentication: + </p> + <div id="errormsg" style="margin:20px 80px">{{ error_description }}</div> + <p> + If you are seeing this page after clicking a link sent to you via email, make + sure you only click the confirmation link once, and that you open the + validation link in the same client you're logging in from. + </p> <p> Try logging in again from your Matrix client and if the problem persists please contact the server's administrator. </p> <p>Error: <code>{{ error }}</code></p> - {% if error_description %} - <pre><code>{{ error_description }}</code></pre> - {% endif %} + + <script type="text/javascript"> + // Error handling to support Auth0 errors that we might get through a GET request + // to the validation endpoint. If an error is provided, it's either going to be + // located in the query string or in a query string-like URI fragment. + // We try to locate the error from any of these two locations, but if we can't + // we just don't print anything specific. + let searchStr = ""; + if (window.location.search) { + // window.location.searchParams isn't always defined when + // window.location.search is, so it's more reliable to parse the latter. + searchStr = window.location.search; + } else if (window.location.hash) { + // Replace the # with a ? so that URLSearchParams does the right thing and + // doesn't parse the first parameter incorrectly. + searchStr = window.location.hash.replace("#", "?"); + } + + // We might end up with no error in the URL, so we need to check if we have one + // to print one. + let errorDesc = new URLSearchParams(searchStr).get("error_description") + if (errorDesc) { + document.getElementById("errormsg").innerText = errorDesc; + } + </script> +{% endif %} </body> </html> |