From edf53840dee5865dbfdd264520d3989c5827fb66 Mon Sep 17 00:00:00 2001
From: Andrey Antukh <niwi@niwi.nz>
Date: Wed, 9 Mar 2022 16:10:38 +0100
Subject: [PATCH] :bug: Fix issues with gitlab oidc provider

---
 backend/src/app/http/oauth.clj | 29 ++++++++++++++++-------------
 1 file changed, 16 insertions(+), 13 deletions(-)

diff --git a/backend/src/app/http/oauth.clj b/backend/src/app/http/oauth.clj
index 1f1ef97698..152e9fccda 100644
--- a/backend/src/app/http/oauth.clj
+++ b/backend/src/app/http/oauth.clj
@@ -97,8 +97,8 @@
          info)
        (ex/raise :type :internal
                  :code :unable-to-retrieve-user-info
-                 ::http-status status
-                 ::http-body body)))))
+                 :http-status status
+                 :http-body body)))))
 
 (s/def ::backend ::us/not-empty-string)
 (s/def ::email ::us/not-empty-string)
@@ -224,15 +224,18 @@
       (redirect-response uri))))
 
 (defn- auth-handler
-  [{:keys [tokens] :as cfg} {:keys [params] :as request} respond _]
-  (let [props (extract-utm-props params)
-        state (tokens :generate
-                      {:iss :oauth
-                       :invitation-token (:invitation-token params)
-                       :props props
-                       :exp (dt/in-future "15m")})
-        uri   (build-auth-uri cfg state)]
-    (respond (yrs/response 200 {:redirect-uri uri}))))
+  [{:keys [tokens] :as cfg} {:keys [params] :as request} respond raise]
+  (try
+    (let [props (extract-utm-props params)
+          state (tokens :generate
+                        {:iss :oauth
+                         :invitation-token (:invitation-token params)
+                         :props props
+                         :exp (dt/in-future "15m")})
+          uri   (build-auth-uri cfg state)]
+      (respond (yrs/response 200 {:redirect-uri uri})))
+    (catch Throwable cause
+      (raise cause))))
 
 (defn- callback-handler
   [cfg request respond _]
@@ -242,7 +245,7 @@
               (generate-redirect cfg request info profile)))
 
           (handle-error [cause]
-            (l/warn :hint "error on oauth process" :cause cause)
+            (l/error :hint "error on oauth process" :cause cause)
             (respond (generate-error-redirect cfg cause)))]
 
     (-> (process-request)
@@ -394,7 +397,7 @@
               :scopes        #{"openid" "profile" "email"}
               :auth-uri      (str base "/oauth/authorize")
               :token-uri     (str base "/oauth/token")
-              :user-uri      (str base "/api/v4/user")
+              :user-uri      (str base "/oauth/userinfo")
               :name          "gitlab"}]
     (if (and (string? (:client-id opts))
              (string? (:client-secret opts)))