discourse · ZogStriP · May 20, 2025 · May 16, 2025 · May 20, 2025 · May 20, 2025
diff --git a/app/controllers/users/omniauth_callbacks_controller.rb b/app/controllers/users/omniauth_callbacks_controller.rb
@@ -106,13 +106,19 @@ def valid_origin?(uri)
   end
 
   def failure
-    error_key = params[:message].to_s.gsub(/[^\w-]/, "")
-    error_key = "generic" if error_key.blank?
+    if provider = params[:provider].presence || params[:strategy].presence
+      if authenticator = Discourse.enabled_authenticators.find { _1.name == provider }
+        provider = authenticator.display_name
+      end
+    end
+
+    if provider.blank? && Discourse.enabled_authenticators.size == 1
+      provider = Discourse.enabled_authenticators.first.display_name
+    end
 
-    flash[:error] = I18n.t(
-      "login.omniauth_error.#{error_key}",
-      default: I18n.t("login.omniauth_error.generic"),
-    ).html_safe
+    key = params[:message].to_s.gsub(/[^\w-]/, "").presence || "generic"
+    default = I18n.t("login.omniauth_error.generic", provider:)
+    flash[:error] = I18n.t("login.omniauth_error.#{key}", provider:, default:).html_safe
 
     render "failure"
   end

diff --git a/app/views/application/_header.html.erb b/app/views/application/_header.html.erb
@@ -19,10 +19,12 @@
         <div class="panel clearfix">
           <%- unless current_user || local_assigns[:hide_auth_buttons] %>
             <span class='header-buttons'>
-              <%- if can_sign_up? %>
-                <a href="<%= path "/signup"%>" class='btn btn-primary btn-small sign-up-button'><%= I18n.t('sign_up') %></a>
-              <%- end %>
-              <a href="<%= path "/login"%>" class='btn btn-primary btn-small login-button btn-icon-text'><%= SvgSprite.raw_svg('user') %><%= I18n.t('log_in') %></a>
+              <span class='auth-buttons'>
+                <%- if can_sign_up? %>
+                  <a href="<%= path "/signup" %>" class='btn btn-text btn-primary btn-small sign-up-button'><%= I18n.t('sign_up') %></a>
+                <%- end %>
+                <a href="<%= path "/login" %>" class='btn btn-icon-text btn-primary btn-small login-button'><%= SvgSprite.raw_svg('user') %><%= I18n.t('log_in') %></a>
+              </span>
             </span>
           <%- end %>
         </div>

diff --git a/config/initializers/009-omniauth.rb b/config/initializers/009-omniauth.rb
@@ -6,6 +6,10 @@
 OmniAuth.config.logger = Rails.logger
 OmniAuth.config.silence_get_warning = true
 
+# uncomment this line to force the redirect to /auth/failure in development mode
+# (by default, omniauth raises an exception in development mode)
+# OmniAuth.config.failure_raise_out_environments = []
+
 OmniAuth.config.request_validation_phase = nil # We handle CSRF checks in before_request_phase
 OmniAuth.config.before_request_phase do |env|
   request = ActionDispatch::Request.new(env)

diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml
@@ -3000,10 +3000,10 @@ en:
     not_available: "Not available. Try %{suggestion}?"
     something_already_taken: "Something went wrong, perhaps the username or email is already registered. Try the forgot password link."
     omniauth_error:
-      generic: "Sorry, there was an error authorizing your account. Please try again."
-      csrf_detected: "Authorization timed out, or you have switched browsers. Please try again."
-      request_error: "An error occurred when starting authorization. Please try again."
-      invalid_iat: "Unable to verify authorization token due to server clock differences. Please try again."
+      generic: "Sorry, there was an error while trying to authorize your account with %{provider}. Please try again."
+      csrf_detected: "Sorry, the authorization timed out, or you have switched browsers. Please try again."
+      request_error: "Sorry, an error occurred when starting the authorization. Please try again."
+      invalid_iat: "Sorry, we are unable to verify the authorization token due to server clock differences. Please try again."
     omniauth_error_unknown: "Something went wrong processing your login, please try again."
     omniauth_confirm_title: "Log in using %{provider}"
     omniauth_confirm_button: "Continue"

diff --git a/lib/auth/authenticator.rb b/lib/auth/authenticator.rb
@@ -8,6 +8,11 @@ def name
     raise NotImplementedError
   end
 
+  # Used in error messages and for display purposes
+  def display_name
+    name
+  end
+
   def enabled?
     raise NotImplementedError
   end

diff --git a/lib/auth/discord_authenticator.rb b/lib/auth/discord_authenticator.rb
@@ -42,6 +42,10 @@ def name
     "discord"
   end
 
+  def display_name
+    "Discord"
+  end
+
   def enabled?
     SiteSetting.enable_discord_logins?
   end

diff --git a/lib/auth/facebook_authenticator.rb b/lib/auth/facebook_authenticator.rb
@@ -7,6 +7,10 @@ def name
     "facebook"
   end
 
+  def display_name
+    "Facebook"
+  end
+
   def enabled?
     SiteSetting.enable_facebook_logins
   end

diff --git a/lib/auth/github_authenticator.rb b/lib/auth/github_authenticator.rb
@@ -7,6 +7,10 @@ def name
     "github"
   end
 
+  def display_name
+    "GitHub"
+  end
+
   def enabled?
     SiteSetting.enable_github_logins
   end

diff --git a/lib/auth/google_oauth2_authenticator.rb b/lib/auth/google_oauth2_authenticator.rb
@@ -10,6 +10,10 @@ def name
     "google_oauth2"
   end
 
+  def display_name
+    "Google"
+  end
+
   def enabled?
     SiteSetting.enable_google_oauth2_logins
   end

diff --git a/lib/auth/linkedin_oidc_authenticator.rb b/lib/auth/linkedin_oidc_authenticator.rb
@@ -45,6 +45,10 @@ def name
     "linkedin_oidc"
   end
 
+  def display_name
+    "LinkedIn"
+  end
+
   def enabled?
     SiteSetting.enable_linkedin_oidc_logins
   end

diff --git a/lib/auth/twitter_authenticator.rb b/lib/auth/twitter_authenticator.rb
@@ -5,6 +5,10 @@ def name
     "twitter"
   end
 
+  def display_name
+    "X / Twitter"
+  end
+
   def enabled?
     SiteSetting.enable_twitter_logins
   end

diff --git a/lib/discourse.rb b/lib/discourse.rb
@@ -523,7 +523,7 @@ def self.authenticators
   end
 
   def self.enabled_authenticators
-    authenticators.select { |authenticator| authenticator.enabled? }
+    authenticators.select(&:enabled?)
   end
 
   def self.cache

diff --git a/spec/requests/omniauth_callbacks_controller_spec.rb b/spec/requests/omniauth_callbacks_controller_spec.rb
@@ -81,7 +81,7 @@ def enabled?
     it "should display the failure message if needed" do
       get "/auth/failure"
       expect(response.status).to eq(200)
-      expect(response.body).to include(I18n.t("login.omniauth_error.generic"))
+      expect(response.body).to include(I18n.t("login.omniauth_error.generic", provider: "Google"))
     end
 
     describe "request" do

diff --git a/spec/views/omniauth_callbacks/failure.html.erb_spec.rb b/spec/views/omniauth_callbacks/failure.html.erb_spec.rb
@@ -1,11 +1,11 @@
 # frozen_string_literal: true
 
 RSpec.describe "users/omniauth_callbacks/failure.html.erb" do
-  before { flash[:error] = I18n.t("login.omniauth_error", strategy: "test") }
+  before { flash[:error] = I18n.t("login.omniauth_error.generic", provider: "test") }
 
   it "renders the failure page" do
     render template: "users/omniauth_callbacks/failure"
 
-    expect(rendered).to match I18n.t("login.omniauth_error.generic", strategy: "test")
+    expect(rendered).to match I18n.t("login.omniauth_error.generic", provider: "test")
   end
 end