A user can't log in, they get a "cloud.gov Login Error" from inside of Tock

[neilmb]

On the #tock-dev channel https://gsa-tts.slack.com/archives/C1JFYCX3P/p1710438867576619, we had a user report that they aren't able to access Tock because they get this error screen

Because this error comes from Tock, it appears that they have successfully logged in with Cloud.gov/GSA SecureAuth, but then we are raising this error from inside our application.

We should check the logs, find out why this is happening and fix it so that this person can log in.

[durland18F]

Little more context: this is me, I have been getting these errors for something like six weeks, sometimes I get the "invite users/dashboard" page rather than this error (I don't have a single particular path I use to get to Tock, so the error I get may be dependent on the actions I take to get there, I'm not sure).

[kfoley-18F]

@durland18F - have you been given cloud.gov staging access as part of the dashboard work? Your permissions in UAA might have changed the routing in cloud.gov in ways that this isn't a Tock problem.

[neilmb]

The error comes from this Oauth callback https://github.com/cloud-gov/cg-django-uaa/blob/b844a804940e22be8f00d62a668bfaec9112486b/uaa_client/views.py#L38

There's an error_code context variable there, but I don't think that we are showing it anywhere in our login_error.html template. https://github.com/18F/tock/blob/main/tock/tock/templates/uaa_client/login_error.html

I'm looking into the logs to see if I can find where that error is ocurring to see what we can do about it.

[durland18F]

@kfoley-18F Yes, I was wondering if the cloud stuff was causing it. I remember that this Tock problem seemed to surface around the time I started on cloud, but I can't recall if it was after I was given those permissions.

[cantsin]

This seems to have been fixed. (We didn't do anything). Do we want to add error_code to login_error.html so we have an easier way to track down what's happening? Otherwise I think we can close this ticket 🤷🏻‍♂️