CodeMirror/appwrite
1
0
Fork 0
mirror of synced 2024-06-26 18:20:43 +12:00
Code Issues Projects Releases Wiki Activity

feat: add new exceptions to accounts api

Browse source
This commit is contained in:
Christy Jacob 2022-01-31 02:44:47 +04:00
parent 506c19eb01
commit f042c00b20
3 changed files with 97 additions and 97 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

104
app/config/errorCodes.php
View file

@ -24,7 +24,7 @@ return [
],
Exception::TYPE_SERVICE_DISABLED => [
'name' => Exception::TYPE_SERVICE_DISABLED,
'description' => 'The requested service is disabled. You can toggle the service from the Appwrite console or by contacting the project owner.',
'description' => 'The requested service is disabled. You can enable/disable a service from the Appwrite console or by contacting the project owner.',
'statusCode' => 503,
],
Exception::TYPE_UNAUTHORIZED_SCOPE => [
@ -34,8 +34,8 @@ return [
],
Exception::TYPE_PASSWORD_RESET_REQUIRED => [
'name' => Exception::TYPE_PASSWORD_RESET_REQUIRED,
'description' => 'Password reset required',
'statusCode' => 403,
'description' => 'The current user requires a password reset.',
'statusCode' => 412,
],
Exception::TYPE_STORAGE_ERROR => [
'name' => Exception::TYPE_STORAGE_ERROR,
@ -44,33 +44,33 @@ return [
],
Exception::TYPE_RATE_LIMIT_EXCEEDED => [
'name' => Exception::TYPE_RATE_LIMIT_EXCEEDED,
'description' => 'Rate limit exceeded',
'description' => 'Rate limit for the current endpoint has been exceeded. ',
'statusCode' => 429,
],
Exception::TYPE_SMTP_DISABLED => [
'name' => Exception::TYPE_SMTP_DISABLED,
'description' => 'SMTP disabled',
'statusCode' => 500,
'description' => 'SMTP is disabled on your Appwrite instance. Please contact your project ',
'statusCode' => 503,
],
Exception::TYPE_EMAIL_NOT_WHITELISTED => [
'name' => Exception::TYPE_EMAIL_NOT_WHITELISTED,
'description' => 'Email not whitelisted',
'statusCode' => 403,
'description' => 'The user\'s email is not part of the whitelist. Please check the _APP_CONSOLE_WHITELIST_EMAILS environment variable of your Appwrite server.',
'statusCode' => 401,
],
Exception::TYPE_IP_NOT_WHITELISTED => [
'name' => Exception::TYPE_IP_NOT_WHITELISTED,
'description' => 'IP Address not whitelisted',
'statusCode' => 404,
'description' => 'The user\'s IP address is not part of the whitelist. Please check the _APP_CONSOLE_WHITELIST_IPS environment variable of your Appwrite server.',
'statusCode' => 401,
],
Exception::TYPE_INVALID_CREDENTIALS => [
'name' => Exception::TYPE_INVALID_CREDENTIALS,
'description' => 'Invalid credentials',
'statusCode' => 404,
'description' => 'Invalid credentials. Please check the email and password.',
'statusCode' => 401,
],
Exception::TYPE_INVALID_TOKEN => [
'name' => Exception::TYPE_INVALID_TOKEN,
'description' => 'Invalid token',
'statusCode' => 403,
'description' => 'The used token is invalid.',
'statusCode' => 401,
],
Exception::TYPE_JWT_VERIFICATION_FAILED => [
'name' => Exception::TYPE_JWT_VERIFICATION_FAILED,
@ -80,91 +80,91 @@ return [
Exception::TYPE_ANONYMOUS_CONSOLE_USER => [
'name' => Exception::TYPE_ANONYMOUS_CONSOLE_USER,
'description' => 'Anonymous session cannot be created for the console project.',
'statusCode' => 403,
'statusCode' => 401,
],
Exception::TYPE_SESSION_NOT_FOUND => [
'name' => Exception::TYPE_SESSION_NOT_FOUND,
'description' => 'Session not found',
'statusCode' => 400,
'description' => 'No valid session found.',
'statusCode' => 404,
],
Exception::TYPE_SESSION_ALREADY_EXISTS => [
'name' => Exception::TYPE_SESSION_ALREADY_EXISTS,
'description' => 'Session already exists',
'statusCode' => 403,
'description' => 'Cannot create anonymous session when there is an active session.',
'statusCode' => 401,
],
Exception::TYPE_USER_LIMIT_EXCEEDED => [
'name' => Exception::TYPE_USER_LIMIT_EXCEEDED,
'description' => 'Session expired',
'statusCode' => 403,
'description' => 'The current project has exceeded the maximum number of users. Please check your user limit in the Appwrite console.',
'statusCode' => 501,
],
Exception::TYPE_USER_ALREADY_EXISTS => [
'name' => Exception::TYPE_USER_ALREADY_EXISTS,
'description' => 'Session expired',
'statusCode' => 403,
'description' => 'A user with the same email ID already exists in your project.',
'statusCode' => 409,
],
Exception::TYPE_USER_BLOCKED => [
'name' => Exception::TYPE_USER_BLOCKED,
'description' => 'The current user has been blocked. Please contact the administrator for more information.',
'description' => 'The current user has been blocked. Please contact the project administrator for more information.',
'statusCode' => 401,
],
Exception::TYPE_USER_CREATION_FAILED => [
'name' => Exception::TYPE_USER_CREATION_FAILED,
'description' => 'Failed to create user.',
'statusCode' => 403,
'description' => 'There was an internal server error while creating the user.',
'statusCode' => 500,
],
Exception::TYPE_USER_NOT_FOUND => [
'name' => Exception::TYPE_USER_NOT_FOUND,
'description' => 'Session expired',
'statusCode' => 403,
'description' => 'User with the requested ID could not be found.',
'statusCode' => 404,
],
Exception::TYPE_EMAIL_ALREADY_EXISTS => [
'name' => Exception::TYPE_EMAIL_ALREADY_EXISTS,
'description' => 'Session expired',
'statusCode' => 403,
'description' => 'Another user with the same email already exists in the current project.',
'statusCode' => 409,
],
Exception::TYPE_PASSWORD_MISMATCH => [
'name' => Exception::TYPE_PASSWORD_MISMATCH,
'description' => 'Session expired',
'statusCode' => 403,
'description' => 'Passwords do not match. Please recheck.',
'statusCode' => 400,
],
Exception::TYPE_AUTH_METHOD_UNSUPPORTED => [
'name' => Exception::TYPE_AUTH_METHOD_UNSUPPORTED,
'description' => 'Session expired',
'statusCode' => 403,
'description' => 'The requested authentication method is either disabled or unsupported.',
'statusCode' => 501,
],
Exception::TYPE_PROVIDER_DISABLED => [
'name' => Exception::TYPE_PROVIDER_DISABLED,
'description' => 'Session expired',
'statusCode' => 403,
'description' => 'The chosen OAuth provider is disabled. Please contact your project administrator for more information.',
'statusCode' => 412,
],
Exception::TYPE_PROVIDER_NOT_SUPPORTED => [
'name' => Exception::TYPE_PROVIDER_NOT_SUPPORTED,
'description' => 'Session expired',
'statusCode' => 403,
Exception::TYPE_PROVIDER_UNSUPPORTED => [
'name' => Exception::TYPE_PROVIDER_UNSUPPORTED,
'description' => 'The chosen OAuth provider is unsupported.',
'statusCode' => 501,
],
Exception::TYPE_INVALID_LOGIN_STATE_PARAMS => [
'name' => Exception::TYPE_INVALID_LOGIN_STATE_PARAMS,
'description' => 'Session expired',
'statusCode' => 403,
'description' => 'Failed to parse the login state params from the OAuth provider.',
'statusCode' => 500,
],
Exception::TYPE_INVALID_SUCCESS_URL => [
'name' => Exception::TYPE_INVALID_SUCCESS_URL,
'description' => 'Session expired',
'statusCode' => 403,
'description' => 'Invalid URL received for OAuth success redirect.',
'statusCode' => 400,
],
Exception::TYPE_INVALID_FAILURE_URL => [
'name' => Exception::TYPE_INVALID_FAILURE_URL,
'description' => 'Session expired',
'statusCode' => 403,
'description' => 'Invalid URL received for OAuth failure redirect.',
'statusCode' => 400,
],
Exception::TYPE_OAUTH_ACCESS_TOKEN_FAILED => [
'name' => Exception::TYPE_OAUTH_ACCESS_TOKEN_FAILED,
'description' => 'Session expired',
'statusCode' => 403,
'description' => 'Failed to obtain access token from the OAuth provider.',
'statusCode' => 500,
],
Exception::TYPE_MISSING_PROVIDER_ID => [
'name' => Exception::TYPE_MISSING_PROVIDER_ID,
'description' => 'Session expired',
'statusCode' => 403,
Exception::TYPE_MISSING_USER_ID => [
'name' => Exception::TYPE_MISSING_USER_ID,
'description' => 'Failed to obtain user id from the OAuth provider.',
'statusCode' => 400,
]
];

86
app/controllers/api/account.php
View file

@ -20,7 +20,7 @@ use Utopia\Database\Exception\Duplicate;
use Utopia\Database\Query;
use Utopia\Database\Validator\Authorization;
use Utopia\Database\Validator\UID;
use Utopia\Exception;
use Appwrite\Extend\Exception;
use Utopia\Validator\ArrayList;
use Utopia\Validator\Assoc;
use Utopia\Validator\Range;
@ -68,11 +68,11 @@ App::post('/v1/account')
$whitelistIPs = $project->getAttribute('authWhitelistIPs');
if (!empty($whitelistEmails) && !\in_array($email, $whitelistEmails)) {
throw new Exception('Console registration is restricted to specific emails. Contact your administrator for more information.', 401);
throw new Exception('Console registration is restricted to specific emails. Contact your administrator for more information.', 401, Exception::TYPE_EMAIL_NOT_WHITELISTED);
}
if (!empty($whitelistIPs) && !\in_array($request->getIP(), $whitelistIPs)) {
throw new Exception('Console registration is restricted to specific IPs. Contact your administrator for more information.', 401);
throw new Exception('Console registration is restricted to specific IPs. Contact your administrator for more information.', 401, Exception::TYPE_IP_NOT_WHITELISTED);
}
}
@ -84,7 +84,7 @@ App::post('/v1/account')
], APP_LIMIT_USERS);
if ($sum >= $limit) {
throw new Exception('Project registration is restricted. Contact your administrator for more information.', 501);
throw new Exception('Project registration is restricted. Contact your administrator for more information.', 501, Exception::TYPE_USER_LIMIT_EXCEEDED);
}
}
@ -110,7 +110,7 @@ App::post('/v1/account')
'deleted' => false
])));
} catch (Duplicate $th) {
throw new Exception('Account already exists', 409);
throw new Exception('Account already exists', 409, Exception::TYPE_USER_ALREADY_EXISTS);
}
Authorization::unsetRole('role:' . Auth::USER_ROLE_GUEST);
@ -175,11 +175,11 @@ App::post('/v1/account/sessions')
->setParam('resource', 'user/'.($profile ? $profile->getId() : ''))
;
throw new Exception('Invalid credentials', 401); // Wrong password or username
throw new Exception('Invalid credentials', 401, Exception::TYPE_INVALID_CREDENTIALS); // Wrong password or username
}
if (false === $profile->getAttribute('status')) { // Account is blocked
throw new Exception('Invalid credentials. User is blocked', 401); // User is in status blocked
throw new Exception('Invalid credentials. User is blocked', 401, Exception::TYPE_USER_BLOCKED); // User is in status blocked
}
$detector = new Detector($request->getUserAgent('UNKNOWN'));
@ -282,13 +282,13 @@ App::get('/v1/account/sessions/oauth2/:provider')
}
if (empty($appId) || empty($appSecret)) {
throw new Exception('This provider is disabled. Please configure the provider app ID and app secret key from your ' . APP_NAME . ' console to continue.', 412);
throw new Exception('This provider is disabled. Please configure the provider app ID and app secret key from your ' . APP_NAME . ' console to continue.', 412, Exception::TYPE_PROVIDER_DISABLED);
}
$className = 'Appwrite\\Auth\\OAuth2\\'.\ucfirst($provider);
if (!\class_exists($className)) {
throw new Exception('Provider is not supported', 501);
throw new Exception('Provider is not supported', 501, Exception::TYPE_PROVIDER_UNSUPPORTED);
}
if(empty($success)) {
@ -406,7 +406,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
$className = 'Appwrite\\Auth\\OAuth2\\' . \ucfirst($provider);
if (!\class_exists($className)) {
throw new Exception('Provider is not supported', 501);
throw new Exception('Provider is not supported', 501, Exception::TYPE_PROVIDER_UNSUPPORTED);
}
$oauth2 = new $className($appId, $appSecret, $callback);
@ -415,18 +415,18 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
try {
$state = \array_merge($defaultState, $oauth2->parseState($state));
} catch (\Exception$exception) {
throw new Exception('Failed to parse login state params as passed from OAuth2 provider');
throw new Exception('Failed to parse login state params as passed from OAuth2 provider', 500, Exception::TYPE_INVALID_LOGIN_STATE_PARAMS);
}
} else {
$state = $defaultState;
}
if (!$validateURL->isValid($state['success'])) {
throw new Exception('Invalid redirect URL for success login', 400);
throw new Exception('Invalid redirect URL for success login', 400, Exception::TYPE_INVALID_SUCCESS_URL);
}
if (!empty($state['failure']) && !$validateURL->isValid($state['failure'])) {
throw new Exception('Invalid redirect URL for failure login', 400);
throw new Exception('Invalid redirect URL for failure login', 400, Exception::TYPE_INVALID_FAILURE_URL);
}
$state['failure'] = null;
@ -437,7 +437,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
$response->redirect($state['failure'], 301, 0);
}
throw new Exception('Failed to obtain access token');
throw new Exception('Failed to obtain access token', 500, Exception::TYPE_OAUTH_ACCESS_TOKEN_FAILED);
}
$oauth2ID = $oauth2->getUserID($accessToken);
@ -447,7 +447,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
$response->redirect($state['failure'], 301, 0);
}
throw new Exception('Missing ID from OAuth2 provider', 400);
throw new Exception('Missing ID from OAuth2 provider', 400, Exception::TYPE_MISSING_USER_ID);
}
$sessions = $user->getAttribute('sessions', []);
@ -482,7 +482,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
$sum = $dbForProject->count('users', [ new Query('deleted', Query::TYPE_EQUAL, [false]),], APP_LIMIT_USERS);
if ($sum >= $limit) {
throw new Exception('Project registration is restricted. Contact your administrator for more information.', 501);
throw new Exception('Project registration is restricted. Contact your administrator for more information.', 501, Exception::TYPE_USER_LIMIT_EXCEEDED);
}
}
@ -508,13 +508,13 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
'deleted' => false
])));
} catch (Duplicate $th) {
throw new Exception('Account already exists', 409);
throw new Exception('Account already exists', 409, Exception::TYPE_USER_ALREADY_EXISTS);
}
}
}
if (false === $user->getAttribute('status')) { // Account is blocked
throw new Exception('Invalid credentials. User is blocked', 401); // User is in status blocked
throw new Exception('Invalid credentials. User is blocked', 401, Exception::TYPE_USER_BLOCKED); // User is in status blocked
}
// Create session token, verify user account and update OAuth2 ID and Access Token
@ -637,7 +637,7 @@ App::post('/v1/account/sessions/magic-url')
/** @var Appwrite\Event\Event $mails */
if(empty(App::getEnv('_APP_SMTP_HOST'))) {
throw new Exception('SMTP Disabled', 503);
throw new Exception('SMTP Disabled', 503, Exception::TYPE_SMTP_DISABLED);
}
$roles = Authorization::getRoles();
@ -655,7 +655,7 @@ App::post('/v1/account/sessions/magic-url')
], APP_LIMIT_USERS);
if ($sum >= $limit) {
throw new Exception('Project registration is restricted. Contact your administrator for more information.', 501);
throw new Exception('Project registration is restricted. Contact your administrator for more information.', 501, Exception::TYPE_USER_LIMIT_EXCEEDED);
}
}
@ -705,7 +705,7 @@ App::post('/v1/account/sessions/magic-url')
$user = $dbForProject->updateDocument('users', $user->getId(), $user);
if (false === $user) {
throw new Exception('Failed to save user to DB', 500);
throw new Exception('Failed to save user to DB', 500, Exception::TYPE_USER_CREATION_FAILED);
}
if(empty($url)) {
@ -783,13 +783,13 @@ App::put('/v1/account/sessions/magic-url')
$user = $dbForProject->getDocument('users', $userId);
if ($user->isEmpty() || $user->getAttribute('deleted')) {
throw new Exception('User not found', 404);
throw new Exception('User not found', 404, Exception::TYPE_USER_NOT_FOUND);
}
$token = Auth::tokenVerify($user->getAttribute('tokens', []), Auth::TOKEN_TYPE_MAGIC_URL, $secret);
if (!$token) {
throw new Exception('Invalid login token', 401);
throw new Exception('Invalid login token', 401, Exception::TYPE_INVALID_TOKEN);
}
$detector = new Detector($request->getUserAgent('UNKNOWN'));
@ -839,7 +839,7 @@ App::put('/v1/account/sessions/magic-url')
$user = $dbForProject->updateDocument('users', $user->getId(), $user);
if (false === $user) {
throw new Exception('Failed saving user to DB', 500);
throw new Exception('Failed saving user to DB', 500, Exception::TYPE_USER_CREATION_FAILED);
}
$audits
@ -912,11 +912,11 @@ App::post('/v1/account/sessions/anonymous')
$protocol = $request->getProtocol();
if ('console' === $project->getId()) {
throw new Exception('Failed to create anonymous user.', 401);
throw new Exception('Failed to create anonymous user.', 401, Exception::TYPE_ANONYMOUS_CONSOLE_USER);
}
if (!$user->isEmpty()) {
throw new Exception('Cannot create an anonymous user when logged in.', 401);
throw new Exception('Cannot create an anonymous user when logged in.', 401, Exception::TYPE_SESSION_ALREADY_EXISTS);
}
$limit = $project->getAttribute('auths', [])['limit'] ?? 0;
@ -927,7 +927,7 @@ App::post('/v1/account/sessions/anonymous')
], APP_LIMIT_USERS);
if ($sum >= $limit) {
throw new Exception('Project registration is restricted. Contact your administrator for more information.', 501);
throw new Exception('Project registration is restricted. Contact your administrator for more information.', 501, Exception::TYPE_USER_LIMIT_EXCEEDED);
}
}
@ -1051,7 +1051,7 @@ App::post('/v1/account/jwt')
}
if ($current->isEmpty()) {
throw new Exception('No valid session found', 401);
throw new Exception('No valid session found', 401, Exception::TYPE_SESSION_NOT_FOUND);
}
$jwt = new JWT(App::getEnv('_APP_OPENSSL_KEY_V1'), 'HS256', 900, 10); // Instantiate with key, algo, maxAge and leeway.
@ -1296,7 +1296,7 @@ App::get('/v1/account/sessions/:sessionId')
}
}
throw new Exception('Session not found', 404);
throw new Exception('Session not found', 404, Exception::TYPE_SESSION_NOT_FOUND);
});
App::patch('/v1/account/name')
@ -1370,7 +1370,7 @@ App::patch('/v1/account/password')
// Check old password only if its an existing user.
if ($user->getAttribute('passwordUpdate') !== 0 && !Auth::passwordVerify($oldPassword, $user->getAttribute('password'))) { // Double check user password
throw new Exception('Invalid credentials', 401);
throw new Exception('Invalid credentials', 401, Exception::TYPE_INVALID_CREDENTIALS);
}
$user = $dbForProject->updateDocument('users', $user->getId(), $user
@ -1422,14 +1422,14 @@ App::patch('/v1/account/email')
!$isAnonymousUser &&
!Auth::passwordVerify($password, $user->getAttribute('password'))
) { // Double check user password
throw new Exception('Invalid credentials', 401);
throw new Exception('Invalid credentials', 401, Exception::TYPE_INVALID_CREDENTIALS);
}
$email = \strtolower($email);
$profile = $dbForProject->findOne('users', [new Query('email', Query::TYPE_EQUAL, [$email])]); // Get user by email address
if ($profile) {
throw new Exception('User already registered', 409);
throw new Exception('User already registered', 409, Exception::TYPE_USER_ALREADY_EXISTS);
}
try {
@ -1440,7 +1440,7 @@ App::patch('/v1/account/email')
->setAttribute('search', implode(' ', [$user->getId(), $user->getAttribute('name'), $user->getAttribute('email')]))
);
} catch(Duplicate $th) {
throw new Exception('Email already exists', 409);
throw new Exception('Email already exists', 409, Exception::TYPE_EMAIL_ALREADY_EXISTS);
}
$audits
@ -1644,7 +1644,7 @@ App::delete('/v1/account/sessions/:sessionId')
}
}
throw new Exception('Session not found', 404);
throw new Exception('Session not found', 404, Exception::TYPE_SESSION_NOT_FOUND);
});
App::delete('/v1/account/sessions')
@ -1764,7 +1764,7 @@ App::post('/v1/account/recovery')
/** @var Appwrite\Stats\Stats $usage */
if(empty(App::getEnv('_APP_SMTP_HOST'))) {
throw new Exception('SMTP Disabled', 503);
throw new Exception('SMTP Disabled', 503, Exception::TYPE_SMTP_DISABLED);
}
$roles = Authorization::getRoles();
@ -1775,11 +1775,11 @@ App::post('/v1/account/recovery')
$profile = $dbForProject->findOne('users', [new Query('deleted', Query::TYPE_EQUAL, [false]), new Query('email', Query::TYPE_EQUAL, [$email])]); // Get user by email address
if (!$profile) {
throw new Exception('User not found', 404);
throw new Exception('User not found', 404, Exception::TYPE_USER_NOT_FOUND);
}
if (false === $profile->getAttribute('status')) { // Account is blocked
throw new Exception('Invalid credentials. User is blocked', 401);
throw new Exception('Invalid credentials. User is blocked', 401, Exception::TYPE_USER_BLOCKED);
}
$expire = \time() + Auth::TOKEN_EXPIRATION_RECOVERY;
@ -1870,20 +1870,20 @@ App::put('/v1/account/recovery')
/** @var Appwrite\Stats\Stats $usage */
if ($password !== $passwordAgain) {
throw new Exception('Passwords must match', 400);
throw new Exception('Passwords must match', 400, Exception::TYPE_PASSWORD_MISMATCH);
}
$profile = $dbForProject->getDocument('users', $userId);
if ($profile->isEmpty() || $profile->getAttribute('deleted')) {
throw new Exception('User not found', 404);
throw new Exception('User not found', 404, Exception::TYPE_USER_NOT_FOUND);
}
$tokens = $profile->getAttribute('tokens', []);
$recovery = Auth::tokenVerify($tokens, Auth::TOKEN_TYPE_RECOVERY, $secret);
if (!$recovery) {
throw new Exception('Invalid recovery token', 401);
throw new Exception('Invalid recovery token', 401, Exception::TYPE_INVALID_TOKEN);
}
Authorization::setRole('user:' . $profile->getId());
@ -1957,7 +1957,7 @@ App::post('/v1/account/verification')
/** @var Appwrite\Stats\Stats $usage */
if(empty(App::getEnv('_APP_SMTP_HOST'))) {
throw new Exception('SMTP Disabled', 503);
throw new Exception('SMTP Disabled', 503, Exception::TYPE_SMTP_DISABLED);
}
$roles = Authorization::getRoles();
@ -2055,14 +2055,14 @@ App::put('/v1/account/verification')
$profile = $dbForProject->getDocument('users', $userId);
if ($profile->isEmpty()) {
throw new Exception('User not found', 404);
throw new Exception('User not found', 404, Exception::TYPE_USER_NOT_FOUND);
}
$tokens = $profile->getAttribute('tokens', []);
$verification = Auth::tokenVerify($tokens, Auth::TOKEN_TYPE_VERIFICATION, $secret);
if (!$verification) {
throw new Exception('Invalid verification token', 401);
throw new Exception('Invalid verification token', 401, Exception::TYPE_INVALID_TOKEN);
}
Authorization::setRole('user:' . $profile->getId());

4
src/Appwrite/Extend/Exception.php
View file

@ -42,12 +42,12 @@ class Exception extends \Exception
/** OAuth **/
const TYPE_PROVIDER_DISABLED = 'provider_disabled';
const TYPE_PROVIDER_NOT_SUPPORTED = 'provider_not_supported';
const TYPE_PROVIDER_UNSUPPORTED = 'provider_unsupported';
const TYPE_INVALID_LOGIN_STATE_PARAMS = 'invalid_login_state_params';
const TYPE_INVALID_SUCCESS_URL = 'invalid_success_url';
const TYPE_INVALID_FAILURE_URL = 'invalid_failure_url';
const TYPE_OAUTH_ACCESS_TOKEN_FAILED = 'oauth_access_token_failed';
const TYPE_MISSING_PROVIDER_ID = 'missing_provider_id';
const TYPE_MISSING_USER_ID = 'missing_user_id';
private $errorCode = '';