https://kotlinlang.org logo
#ktor
Title
# ktor
e

Eric Grimsborn

08/19/2020, 11:15 AM
server
authentication
oauth
routing
I am trying to implement an OAuth code flow. When the flow fails e.g. user does not have access to the app i get a callback with an
error
query parameter. When this is the case I do not wish to apply auth. I have this routing:
Copy code
route("/login-callback") {
    param("error"){
       handle(errorHandler)
    }
    authenticate("my-oauth") {
        handle(successHandler)
    }
}
when running without authentication block it will match the errorHandler but when adding the authentication around successHandler it will run it for errorHandler as well and since the request is not authed it will redirect causing another callback etc. until I get too many redirects error. Is there a way to not run the auth when matching
param("error")
above?
My current solution is:
Copy code
install(Authentication) {
    oauth("my-oauth") {
        // other conf
        urlProvider = {
            if(parameters.contains("error")){
                throw MyAuthenticationFailedException()
            }
            redirectUrl("/login-callback")
        }
    }
}
and matching
MyAuthenticationFailedException
in the statuspages where i run the errorHandler. But that feels very much like a hack.
5 Views