Handle 400 errors from the authorization server

[uttarayan21]

I was wondering if there is any way to handle custom status codes other than 200.

I get the redirect to callback_url with something like this

https://b5f6-45-251-234-73.ngrok.io/auth/instagram?code=AQBwRfNKQFHiv-X6m0-O8M9iLDrM-uVMwDcjYSyLRzIUeXylPVhu4V7qIZcEuT37yi21QtBjhiuvBAdi1g2jo_ddS68I3bIIcEddezdbsDo8GOLrxVVxupQpPKH5Fz6WaxGEbkzfUu9nhdiLy5Pa5Ri1sFm1GksUmK9jWRfHPfS73jgiL0jO45w91EQgR5kui3vHzchklRx-H_xDh9-YIb8i9ScdJsYXJZydBNZ5s4V9cA&state=3INTGxYIbi5lBu9ROTtUXw#_

but with 400 bad request.

So my question is, Is there any simple way to handle the 400 status code ?

[jebrosen]

It depends on when exactly the 400 is being returned. Is the 400 status code the one returned from Instagram, or did the TokenRequest guard fail and indicate a 400 response? The log should explain either case in more detail.

In case you do want or need to handle errors in the token exchange, you can use the Result request guard to "catch" the error instead:

#[get("/example")]
fn example_callback(token: Result<TokenResponse<GitHub>, rocket_oauth2::Error>, cookies: &CookieJar<'_>) -> Redirect { ... }

[uttarayan21]

Oh I see. I'll try that. The 400 status code AFAIK is being sent by instagram. I think it's indicated in the their docs somewhere but I can't find it right now but you can see here or here for stackoverflow questions regarding it.

This is the relevant part of the log.

GET /auth/instagram?code=AQDPOpOqCscv3vF6njUh4jNqu99wqMxKcH9kz9e384jNoTcesyGJLJ7h78nd3s6-d1R0RbXYO8CF3GQ5J_34CusAWzoDMrgRoJUVojlRwjJDNNOYvPz1AwNhi6KM6mE0rE63sSBMesuDOl-cIvFjlnpUto63L5RYy5C5d2pJBpcD6kmPiaYebe0I_ig_y8CddVs7AmLPhok90T6UJq1Ynlz6N3Zbb3JxJdOwYdYJ9T11og&state=JIsACzNC19Ezz2_EaqjliQ text/html:
   >> Matched: (instagram_callback) GET /auth/instagram
Warning: OAuth2 token exchange failed: token exchange returned non-success status code: 400
   >> `TokenResponse < Instagram >` request guard failed: Error { kind: ExchangeError(400), source: None }.
   >> Outcome: Failure
   >> No 400 catcher registered. Using Rocket default.
   >> Response succeeded.

[jebrosen]

Warning: OAuth2 token exchange failed: token exchange returned non-success status code: 400

Yeah, in this case it's Instagram responding with 400. I think you've actually stumbled on a long-unimplemented feature that I all but forgot: the authorization server can include a human-readable error description, but rocket_oauth2's default adapter does not attempt to read it. This looks like a more straightforward addition than I remember, so I'm going to repoen this issue to make it more visible.