From 3048c8c41fc64b90cd9075254115f17da151485e Mon Sep 17 00:00:00 2001
From: Stephen Abello <stephen.abello@combodo.com>
Date: Thu, 6 Jul 2023 09:52:00 +0200
Subject: [PATCH] =?UTF-8?q?N=C2=B05560=20-=20Display=20an=20error=20when?=
 =?UTF-8?q?=20trying=20to=20regenerate=20an=20expired=20OAuth=20token?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Controller/AjaxOauthClientController.php    | 17 ++++++++++-------
 .../Client/OAuth/OAuthClientProviderFactory.php |  3 ++-
 2 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/datamodels/2.x/itop-oauth-client/src/Controller/AjaxOauthClientController.php b/datamodels/2.x/itop-oauth-client/src/Controller/AjaxOauthClientController.php
index 65523046b..4ec94b2f6 100644
--- a/datamodels/2.x/itop-oauth-client/src/Controller/AjaxOauthClientController.php
+++ b/datamodels/2.x/itop-oauth-client/src/Controller/AjaxOauthClientController.php
@@ -11,6 +11,7 @@ use Combodo\iTop\Application\TwigBase\Controller\Controller;
 use Combodo\iTop\Core\Authentication\Client\OAuth\OAuthClientProviderFactory;
 use Dict;
 use IssueLog;
+use League\OAuth2\Client\Provider\Exception\IdentityProviderException;
 use MetaModel;
 use utils;
 
@@ -64,13 +65,15 @@ class AjaxOauthClientController extends Controller
 			}
 			if (isset($aQuery['code'])) {
 				$sCode = $aQuery['code'];
-				$oAccessToken = OAuthClientProviderFactory::GetAccessTokenFromCode($oOAuthClient, $sCode);
-
-				$oOAuthClient->SetAccessToken($oAccessToken);
-
-
-
-				$aResult['status'] = 'success';
+				try {
+					$oAccessToken = OAuthClientProviderFactory::GetAccessTokenFromCode($oOAuthClient, $sCode);
+					$oOAuthClient->SetAccessToken($oAccessToken);
+					$aResult['status'] = 'success';
+				}
+				catch (IdentityProviderException $e) {
+					$aResult['status'] = 'error';
+					$aResult['error_description'] = $e->getMessage();
+				}
 			}
 		} else {
 			$aResult['status'] = 'error';
diff --git a/sources/Core/Authentication/Client/OAuth/OAuthClientProviderFactory.php b/sources/Core/Authentication/Client/OAuth/OAuthClientProviderFactory.php
index 66230eb3e..77006d436 100644
--- a/sources/Core/Authentication/Client/OAuth/OAuthClientProviderFactory.php
+++ b/sources/Core/Authentication/Client/OAuth/OAuthClientProviderFactory.php
@@ -74,6 +74,7 @@ class OAuthClientProviderFactory
 	 * @return AccessTokenInterface
 	 * @throws \ArchivedObjectException
 	 * @throws \CoreException
+	 * @throws \League\OAuth2\Client\Provider\Exception\IdentityProviderException
 	 */
 	public static function GetAccessTokenFromCode(OAuthClient $oOAuthClient, $sCode)
 	{
@@ -109,7 +110,7 @@ class OAuthClientProviderFactory
 	/**
 	 * @param \DBObject $oOAuthClient
 	 *
-	 * @return mixed
+	 * @return OAuthClientProviderAbstract
 	 * @throws \ArchivedObjectException
 	 * @throws \CoreException
 	 */