Bessere Fehlermeldung für OAuth2-Probleme

src/main/java/at/ac/uibk/gitsearch/config/SecurityConfiguration.java

@@ -2,18 +2,6 @@ package at.ac.uibk.gitsearch.config;
 
 import static org.springframework.http.MediaType.APPLICATION_FORM_URLENCODED_VALUE;
 
-import at.ac.uibk.gitsearch.security.AuthoritiesConstants;
-import at.ac.uibk.gitsearch.security.jwt.JWTConfigurer;
-import at.ac.uibk.gitsearch.security.jwt.TokenProvider;
-import at.ac.uibk.gitsearch.security.oauth2.GitSearchOAuth2AuthenticationToken;
-import at.ac.uibk.gitsearch.security.oauth2.GitSearchOAuth2AuthorizationRequestRepository;
-import at.ac.uibk.gitsearch.security.oauth2.SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport;
-import at.ac.uibk.gitsearch.security.oauth2.UserDetailsFetcher;
-import at.ac.uibk.gitsearch.service.UserService;
-import at.ac.uibk.gitsearch.service.dto.AdminUserDTO;
-import at.ac.uibk.gitsearch.service.mapper.UserMapper;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
 import java.net.URI;
 import java.util.Collections;
 import java.util.HashSet;
@@ -21,7 +9,9 @@ import java.util.Map;
 import java.util.Optional;
 import java.util.Set;
 import java.util.concurrent.ConcurrentHashMap;
+
 import javax.servlet.DispatcherType;
+
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.springframework.beans.factory.annotation.Value;
@@ -42,15 +32,12 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.config.annotation.web.configurers.AbstractAuthenticationFilterConfigurer;
-import org.springframework.security.config.annotation.web.configurers.oauth2.client.OAuth2LoginConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
 import org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken;
 import org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient;
 import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient;
@@ -89,6 +76,17 @@ import org.springframework.web.filter.ForwardedHeaderFilter;
 import org.springframework.web.util.UriComponentsBuilder;
 import org.zalando.problem.spring.web.advice.security.SecurityProblemSupport;
 
+import at.ac.uibk.gitsearch.security.AuthoritiesConstants;
+import at.ac.uibk.gitsearch.security.jwt.JWTConfigurer;
+import at.ac.uibk.gitsearch.security.jwt.TokenProvider;
+import at.ac.uibk.gitsearch.security.oauth2.GitSearchOAuth2AuthenticationToken;
+import at.ac.uibk.gitsearch.security.oauth2.GitSearchOAuth2AuthorizationRequestRepository;
+import at.ac.uibk.gitsearch.security.oauth2.SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport;
+import at.ac.uibk.gitsearch.security.oauth2.UserDetailsFetcher;
+import at.ac.uibk.gitsearch.service.UserService;
+import at.ac.uibk.gitsearch.service.dto.AdminUserDTO;
+import at.ac.uibk.gitsearch.service.mapper.UserMapper;
+
 @EnableWebSecurity
 @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
 @Import(SecurityProblemSupport.class)
@@ -218,7 +216,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
                 			authorizationEndpointConfig.authorizationRequestRepository(getOAuth2AuthorizatinRequestRepository());}
                 		)
                
-                .successHandler(getAuthenticationSuccessHandler());
+                .successHandler(getAuthenticationSuccessHandler())
+                .failureUrl("/errorOAuth2");
 				oauth2.addObjectPostProcessor(authenticationFilterPostProcessor);
         		}
                 

src/main/webapp/app/layouts/error/error.route.ts

@@ -18,6 +18,14 @@ export const errorRoute: Routes = [
       errorMessage: 'error.http.403',
     },
   },
+  {
+    path: 'errorOAuth2',
+    component: ErrorComponent,
+    data: {
+      pageTitle: 'error.title',
+      errorMessage: 'error.oauth2error',
+    },
+  },
   {
     path: '404',
     component: ErrorComponent,

src/main/webapp/i18n/de/error.json

@@ -9,6 +9,7 @@
       "500": "Interner Serverfehler."
     },
     "concurrencyFailure": "Ein anderer Benutzer hat diese Daten zeitgleich mit Ihnen geändert. Ihre Änderungen wurden abgelehnt.",
-    "validation": "Validierungsfehler auf dem Server."
+    "validation": "Validierungsfehler auf dem Server.",
+    "oauth2error": "Es ist ein Fehler bei der OAuth2-Authentisierung aufgetreten! Bitte versuchen Sie es nochmals oder kontaktieren Sie den Administrator."
   }
 }

src/main/webapp/i18n/en/error.json

@@ -9,6 +9,7 @@
       "500": "Internal server error."
     },
     "concurrencyFailure": "Another user modified this data at the same time as you. Your changes were rejected.",
-    "validation": "Validation error on the server."
-  }
+    "validation": "Validation error on the server.",
+    "oauth2error": "There was a problem with the OAuth2 Authentication! Please retry or contact the administrator."
+      }
 }