Welcome! Log In Create A New Profile

Advanced

Returning custom errors in authentication module

September 10, 2009 01:01PM
Hello -

In building my OAuth authentication module, I want to create way to provide as much salient feedback as possible to the client while also allowing custom error messages for the server. For example, instead of having a generic 403 (Forbidden) return code and that's it, it would be nice if I could return more detailed information like parameter missing, or signature mismatch, etc.

Additionally, most OAuth clients will be web APIs, so the normal place to put this is in the content payload (an XML response for example). However, the form of the response will change and would prefer to be customized by each server's API developer. For example, a simple one might be to return HTTP code 403 and present one of several detailed messages like this:

[code]
<supercoolapi><statusmessage>Missing parameter consumer_key</statusmessage></supercoolapi>
<supercoolapi><statusmessage>Unknown consumer_key</statusmessage></supercoolapi>
[/code]


... but how do I communicate properly between the plugin (which knows WHY the failure is a failure) and the API developer (who knows how to properly format the message)?

Here is Yahoo's list of error codes returned as an example of the complexity involved
http://developer.yahoo.com/oauth/guide/oauth-errors.html

The only thing I could think of was to have the user supply a "template file" which has some kind of limited variable substitution in it. So it might be something like:

[code]
<supercoolapi><statusmessage>${error_message}</statusmessage></supercoolapi>
[/code]


Is there a better way to do this?

Thanks in advance,

Chris
Subject Author Posted

Returning custom errors in authentication module

ckharris September 10, 2009 01:01PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 64
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready