search

paralus / dashboard

Dashboard used with Paralus zero-trust solution to manage importing clusters, users, groups, roles and role association to multiple kubernetes clusters.
https://www.paralus.io/
Apache License 2.0
14 stars 13 forks source link

Handle user facing errors from Kratos #73

Closed akshay196 closed 2 years ago

akshay196 commented 2 years ago

Background: When a user-facing error occurs for example during Self Service User Login, Ory Kratos will store error message and context and redirect the User's Browser to the Error UI URL set by the selfservice.flows.error.ui_url configuration or SELFSERVICE_FLOWS_ERROR_UI_URL environment variable.

Actual result: Since we do not have error UI screen, any error occurred by Kratos in login flow will redirect user to ory.sh error page.

Expected result: Design a error ui page to display error message from Kratos.

Additional information: Check error message details here: https://www.ory.sh/docs/kratos/self-service/flows/user-facing-errors Once UI is ready, set selfservice.flows.error.ui_url in back-end.

akshay196 commented 2 years ago

Having something like in our theme is also fine: Screenshot from 2022-06-02 16-20-28 ⬆️ This is ORY's self service UI page.

P.S. We should skip reason and message in production environment, because it may contains internal details of the error, for example:

{
  "code": 500,
  "status": "Internal Server Error",
  "message": "RUNTIME ERROR: Field does not exist: groups\n\tfile:///etc/config/kratos/oidc.okta.jsonnet:12:19-32\tobject <anonymous>\n\tField \"idp_groups\"\t\n\tField \"traits\"\t\n\tField \"identity\"\t\n\tDuring manifestation\t\n"
}
meain commented 2 years ago

Not sure if we should just dump out the json as such, but probably format it a bit.

Some notes from discussion

niravparikh05 commented 2 years ago

this is completed with https://github.com/paralus/dashboard/pull/91