search

team-alembic / ash_authentication

The Ash Authentication framework
MIT License
96 stars 52 forks source link

Helpful Error from `AshAuthentication.Secret` `secret_for` #437

Open dewetblomerus opened 1 year ago

dewetblomerus commented 1 year ago

Trying to set up Auth0 using this guide I got to the login error page, but no errors were raised.

Here is the reason from the AuthController:

reason #=> %AshAuthentication.Errors.MissingSecret{
  resource: Red.Accounts.User,
  changeset: nil,
  query: nil,
  error_context: [],
  vars: [],
  path: [:authentication, :strategies, :auth0, :client_id],
  stacktrace: #Stacktrace<>,
  class: :forbidden
}

Eventually I tried this:

  def secret_for([:authentication, :strategies, :auth0, :redirect_uri], Red.Accounts.User, _) do
    get_config(:redirect_uri)
    |> dbg()
  end

Which showed me this:

get_config(:redirect_uri) #=> :error

Only here did I realize I made the mistake of saving the wrong key in my config file redirect_url

What I think should happen, is that if my secret_for function does not return the correct type, a helpful error is raised, letting me know what I returned.

jimsynz commented 1 year ago

You're absolutely right. Thanks!

jimsynz commented 1 year ago

We need to rearrange this function to validate the return value and return a useful error message.