Is your feature request related to a problem? Please describe.
When the external auth hook doesn't work properly (eg. hook is an http link to a server not working, hook return an invalid json user configuration, ...) the error message in the ui say "Invalid credentials, please retry" which is misleading for the users. They credentials may be valid but for some reason the hook fail. Thinking that their credentials are invalid they will retry, retry and retry again until they gave up or go insane.
Describe the solution you'd like
Show a message like a 500 error message instead of invalid credentials error message.
The example above only showcase a solution for the web client but this should also be considered for the web admin, and other protocols.
Describe alternatives you've considered
I have submitted the issue as a feature request because it doesn't break anything but it might as well be a bug.
What are you using SFTPGo for?
Private user, home usecase (home backup/VPS)
Additional context
Step to reproduce:
Run docker run --rm -p 8080:8080 -e SFTPGO_DATA_PROVIDER__EXTERNAL_AUTH_HOOK=http://localhost -d "drakkan/sftpgo" without having anything running on http://localhost.
After setting up the first admin account go directly to the webclient and try to login with any credentials. You will receive the message "Invalid credentials, please retry" but you also will see in the logs an entry with the message: error getting external auth hook HTTP response: Post \"http://localhost\": dial tcp [::1]:80: connect: connection refused witch is the real reason why you couldn't login and not the fact that you credentials where invalid.
Is your feature request related to a problem? Please describe.
When the external auth hook doesn't work properly (eg. hook is an http link to a server not working, hook return an invalid json user configuration, ...) the error message in the ui say "Invalid credentials, please retry" which is misleading for the users. They credentials may be valid but for some reason the hook fail. Thinking that their credentials are invalid they will retry, retry and retry again until they gave up or go insane.
Describe the solution you'd like
Show a message like a 500 error message instead of invalid credentials error message.
For example in this piece of web client code : https://github.com/drakkan/sftpgo/blob/3b5fba2eec04417319bbb4f4f2b93e1f4af2804b/internal/httpd/server.go#L267-L274 When
dataprovider.CheckUserAndPass(...)return an error different thandataprovider.ErrInvalidCredentialsinstead of creating a new error withutil.I18nErrorInvalidCredentialscreate a new error withutil.I18nError500Message.The example above only showcase a solution for the web client but this should also be considered for the web admin, and other protocols.
Describe alternatives you've considered
I have submitted the issue as a feature request because it doesn't break anything but it might as well be a bug.
What are you using SFTPGo for?
Private user, home usecase (home backup/VPS)
Additional context
Step to reproduce:
docker run --rm -p 8080:8080 -e SFTPGO_DATA_PROVIDER__EXTERNAL_AUTH_HOOK=http://localhost -d "drakkan/sftpgo"without having anything running on http://localhost.error getting external auth hook HTTP response: Post \"http://localhost\": dial tcp [::1]:80: connect: connection refusedwitch is the real reason why you couldn't login and not the fact that you credentials where invalid.