From 07b98e0a57609259b1d2d57edbd6c1bc4d1d7330 Mon Sep 17 00:00:00 2001
From: Knut Ahlers <knut@ahlers.me>
Date: Sun, 3 Nov 2019 18:43:22 +0100
Subject: [PATCH] Fix: Handle Unauthorized as no user found instead of generic
 error

Signed-off-by: Knut Ahlers <knut@ahlers.me>
---
 plugins/auth/oidc/auth.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/plugins/auth/oidc/auth.go b/plugins/auth/oidc/auth.go
index 412cc08..8c64302 100644
--- a/plugins/auth/oidc/auth.go
+++ b/plugins/auth/oidc/auth.go
@@ -224,6 +224,10 @@ func (a *AuthOIDC) getOAuthConfig() *oauth2.Config {
 func (a *AuthOIDC) getUserFromToken(ctx context.Context, token *oauth2.Token) (string, error) {
 	ui, err := a.provider.UserInfo(ctx, oauth2.StaticTokenSource(token))
 	if err != nil {
+		if strings.Contains(err.Error(), "401 Unauthorized") {
+			// Handle Unauthorized as no user found instead of generic error
+			return "", plugins.ErrNoValidUserFound
+		}
 		return "", errors.Wrap(err, "Unable to fetch user info")
 	}