Catch relevant error during callback phase

I am not sure under which circumstances the original error condition yielding the CallbackError occurs. The newly added error occurs when we try to exchange the access token, but the client credentials are wrong. Thus I assume that we'd receive the same for all errors specified by the OAuth 2.0 spec.
opf · Jan 31, 2025 · e8c2564 · e8c2564
1 parent d63f596
commit e8c2564
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/lib/omniauth/openid_connect/version.rb b/lib/omniauth/openid_connect/version.rb
@@ -1,5 +1,5 @@
 module OmniAuth
   module OpenIDConnect
-    VERSION = '0.4.0'
+    VERSION = '0.4.1'
   end
 end
diff --git a/lib/omniauth/strategies/openid_connect.rb b/lib/omniauth/strategies/openid_connect.rb
@@ -100,7 +100,7 @@ def callback_phase
 
           super
         end
-      rescue CallbackError => e
+      rescue CallbackError, Rack::OAuth2::Client::Error => e
         fail!(:invalid_credentials, e)
       rescue ::Timeout::Error, ::Errno::ETIMEDOUT => e
         fail!(:timeout, e)