Wrong initialization of CallbackError in callback_phase?

[skogsmaskin]

https://github.com/intridea/omniauth-oauth2/blob/master/lib/omniauth/strategies/oauth2.rb#L71

I think request.params['error_description'] || request.params['error_reason'] should be the other way around (error_reason is more likely to contain a canonical symbol). Or possibly store both on CallbackError.

As with Facebook there is no way of using CallbackError in order to check if the user canceled the auth ("user_canceled" is stored in error_reason while error_description is something generic like "Permission Error".

[guilhermesimoes]

With Google it used to be the other way around. Which is why I coded it that way. Now it doesn't even return anything in error_description or error_reason.

I don't think there's any merit to changing this. At this point, everyone who uses OmniAuth has gotten used to one error or the other. Switching them will only lead to confusion.

Honestly, pretty much all of OmniAuth's error handling is broken. It should be up to each provider to define where the error comes from and to properly process it (remove underscores, capitalize it, etc).

Also, OmniAuth treats a user cancelling logging in as an error when it's clearly just another path that can be taken by the user. If there's ever a part of OmniAuth that's rewritten from scratch, I vote for this error handling stuff.

But since it is the way it is, here's how you can overcome it:

In your OmniAuth configuration, add the following:

OmniAuth::Builder do
  on_failure { |env| YourControllerThatHandlesOmniAuth.action(:failure).call(env) }
end

Then, in the failure action, you have access to params['error'], params['error_description'] and params['error_reason'].