From 25b5667d1e0bd124600792d1dd10968a6ea096bc Mon Sep 17 00:00:00 2001
From: Shrihari Prakash <shrihariprakash@outlook.com>
Date: Fri, 27 Oct 2023 22:29:05 +0530
Subject: [PATCH] Improved error handling in authorization logic.

---
 src/service/api/oauth/authorize.all.ts | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/src/service/api/oauth/authorize.all.ts b/src/service/api/oauth/authorize.all.ts
index 4a557e1a..9e66710d 100644
--- a/src/service/api/oauth/authorize.all.ts
+++ b/src/service/api/oauth/authorize.all.ts
@@ -64,10 +64,22 @@ async function ALL__Authorize(req: Request, res: Response, next: NextFunction) {
       return res.json({ code: code.authorizationCode, state: (req.query.state as string) || uuidv4() });
     }
   } catch (error: any) {
+    const redirectUri = new URL(req.query.redirect_uri as string);
+    redirectUri.searchParams.append("state", req.query.state as string);
     if (!error.name) {
-      return res.json({ error: "unknown_error" });
+      if (Configuration.get("oauth.authorization.enable-redirect")) {
+        redirectUri.searchParams.append("error", "server_error");
+        redirectUri.searchParams.append("error_description", "Server error");
+        return res.redirect(redirectUri.toString());
+      }
+      return res.json({ error: "server_error" });
+    }
+    if (Configuration.get("oauth.authorization.enable-redirect")) {
+      redirectUri.searchParams.append("error", error.name);
+      redirectUri.searchParams.append("error_description", error.message);
+      return res.redirect(redirectUri.toString());
     }
-    res.status(statusCodes.unauthorized).json({ error: error.name, error_description: error.message });
+    return res.status(statusCodes.unauthorized).json({ error: error.name, error_description: error.message });
   }
 }