Commit c670d3b
committed
fix: handle missing OIDC auth request gracefully
The GET /login route called getAuthRequest() without error handling.
When a request arrived with an expired or invalid authRequest ID, the
Zitadel OIDC service returned a NOT_FOUND gRPC error that propagated
as an unhandled ConnectError, crashing the route handler with a 500.
Wrap the call in try/catch and add a null guard, returning a 400 JSON
response instead. This matches the existing pattern used by the SAML
branch which already checks for a missing samlRequest.
Made-with: Cursor1 parent a67b4fc commit c670d3b
1 file changed
Lines changed: 20 additions & 4 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
134 | 134 | | |
135 | 135 | | |
136 | 136 | | |
137 | | - | |
138 | | - | |
139 | | - | |
140 | | - | |
| 137 | + | |
| 138 | + | |
| 139 | + | |
| 140 | + | |
| 141 | + | |
| 142 | + | |
| 143 | + | |
| 144 | + | |
| 145 | + | |
| 146 | + | |
| 147 | + | |
| 148 | + | |
| 149 | + | |
| 150 | + | |
| 151 | + | |
| 152 | + | |
| 153 | + | |
| 154 | + | |
| 155 | + | |
| 156 | + | |
141 | 157 | | |
142 | 158 | | |
143 | 159 | | |
| |||
0 commit comments