From f6d03bf5df52a017da6426eca6bdbebe1e79089f Mon Sep 17 00:00:00 2001
From: MaysWind <i@mayswind.net>
Date: Fri, 24 Oct 2025 23:38:29 +0800
Subject: [PATCH] show error page when the OAuth 2.0 redirect fails

---
 pkg/api/oauth2_authentications.go | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/pkg/api/oauth2_authentications.go b/pkg/api/oauth2_authentications.go
index 065b045d..30ac651e 100644
--- a/pkg/api/oauth2_authentications.go
+++ b/pkg/api/oauth2_authentications.go
@@ -59,25 +59,25 @@ func (a *OAuth2AuthenticationApi) LoginHandler(c *core.WebContext) (string, *err
 
 	if err != nil {
 		log.Warnf(c, "[oauth2_authentications.LoginHandler] parse request failed, because %s", err.Error())
-		return "", errs.NewIncompleteOrIncorrectSubmissionError(err)
+		return a.redirectToFailedCallbackPage(c, errs.NewIncompleteOrIncorrectSubmissionError(err))
 	}
 
 	if oauth2LoginReq.Platform != "mobile" && oauth2LoginReq.Platform != "desktop" {
-		return "", errs.ErrInvalidOAuth2LoginRequest
+		return a.redirectToFailedCallbackPage(c, errs.ErrInvalidOAuth2LoginRequest)
 	}
 
 	found, remark := a.GetSubmissionRemark(duplicatechecker.DUPLICATE_CHECKER_TYPE_OAUTH2_REDIRECT, 0, oauth2LoginReq.ClientSessionId)
 
 	if found {
 		log.Errorf(c, "[oauth2_authentications.LoginHandler] another oauth 2.0 state \"%s\" has been processing for client session id \"%s\"", remark, oauth2LoginReq.ClientSessionId)
-		return "", errs.ErrRepeatedRequest
+		return a.redirectToFailedCallbackPage(c, errs.ErrRepeatedRequest)
 	}
 
 	verifier, err := utils.GetRandomNumberOrLowercaseLetter(64)
 
 	if err != nil {
 		log.Errorf(c, "[oauth2_authentications.LoginHandler] failed to generate random string for oauth 2.0 state, because %s", err.Error())
-		return "", errs.ErrSystemError
+		return a.redirectToFailedCallbackPage(c, errs.ErrSystemError)
 	}
 
 	remark = fmt.Sprintf("%s|%s|%s", oauth2LoginReq.Platform, oauth2LoginReq.ClientSessionId, verifier)
@@ -87,7 +87,7 @@ func (a *OAuth2AuthenticationApi) LoginHandler(c *core.WebContext) (string, *err
 
 	if err != nil {
 		log.Errorf(c, "[oauth2_authentications.LoginHandler] failed to get oauth 2.0 auth url, because %s", err.Error())
-		return "", errs.Or(err, errs.ErrSystemError)
+		return a.redirectToFailedCallbackPage(c, errs.Or(err, errs.ErrSystemError))
 	}
 
 	a.SetSubmissionRemarkWithCustomExpiration(duplicatechecker.DUPLICATE_CHECKER_TYPE_OAUTH2_REDIRECT, 0, oauth2LoginReq.ClientSessionId, remark, a.CurrentConfig().OAuth2StateExpiredTimeDuration)