more error handling

Author: ezynda3

client/transport/oauth.go

@@ -195,7 +195,7 @@ func (h *OAuthHandler) refreshToken(ctx context.Context, refreshToken string) (*
 
 	if resp.StatusCode != http.StatusOK {
 		body, _ := io.ReadAll(resp.Body)
-		return nil, fmt.Errorf("refresh token request failed with status %d: %s", resp.StatusCode, body)
+		return nil, extractOAuthError(body, resp.StatusCode, "refresh token request failed")
 	}
 
 	var tokenResp Token
@@ -232,6 +232,18 @@ func (h *OAuthHandler) GetClientID() string {
 	return h.config.ClientID
 }
 
+// extractOAuthError attempts to parse an OAuth error response from the response body
+func extractOAuthError(body []byte, statusCode int, context string) error {
+	// Try to parse the error as an OAuth error response
+	var oauthErr OAuthError
+	if err := json.Unmarshal(body, &oauthErr); err == nil && oauthErr.ErrorCode != "" {
+		return fmt.Errorf("%s: %w", context, oauthErr)
+	}
+	
+	// If not a valid OAuth error, return the raw response
+	return fmt.Errorf("%s with status %d: %s", context, statusCode, body)
+}
+
 // GetClientSecret returns the client secret
 func (h *OAuthHandler) GetClientSecret() string {
 	return h.config.ClientSecret
@@ -247,6 +259,21 @@ func (h *OAuthHandler) GetExpectedState() string {
 	return h.expectedState
 }
 
+// OAuthError represents a standard OAuth 2.0 error response
+type OAuthError struct {
+	ErrorCode        string `json:"error"`
+	ErrorDescription string `json:"error_description,omitempty"`
+	ErrorURI         string `json:"error_uri,omitempty"`
+}
+
+// Error implements the error interface
+func (e OAuthError) Error() string {
+	if e.ErrorDescription != "" {
+		return fmt.Sprintf("OAuth error: %s - %s", e.ErrorCode, e.ErrorDescription)
+	}
+	return fmt.Sprintf("OAuth error: %s", e.ErrorCode)
+}
+
 // OAuthProtectedResource represents the response from /.well-known/oauth-protected-resource
 type OAuthProtectedResource struct {
 	AuthorizationServers []string `json:"authorization_servers"`
@@ -486,7 +513,7 @@ func (h *OAuthHandler) RegisterClient(ctx context.Context, clientName string) er
 
 	if resp.StatusCode != http.StatusCreated && resp.StatusCode != http.StatusOK {
 		body, _ := io.ReadAll(resp.Body)
-		return fmt.Errorf("registration request failed with status %d: %s", resp.StatusCode, body)
+		return extractOAuthError(body, resp.StatusCode, "registration request failed")
 	}
 
 	var regResponse struct {
@@ -566,7 +593,7 @@ func (h *OAuthHandler) ProcessAuthorizationResponse(ctx context.Context, code, s
 
 	if resp.StatusCode != http.StatusOK {
 		body, _ := io.ReadAll(resp.Body)
-		return fmt.Errorf("token request failed with status %d: %s", resp.StatusCode, body)
+		return extractOAuthError(body, resp.StatusCode, "token request failed")
 	}
 
 	var tokenResp Token

client/transport/oauth_test.go

@@ -220,6 +220,45 @@ func TestOAuthHandler_GetServerMetadata_EmptyURL(t *testing.T) {
 	}
 }
 
+func TestOAuthError(t *testing.T) {
+	testCases := []struct {
+		name        string
+		errorCode   string
+		description string
+		uri         string
+		expected    string
+	}{
+		{
+			name:        "Error with description",
+			errorCode:   "invalid_request",
+			description: "The request is missing a required parameter",
+			uri:         "https://example.com/errors/invalid_request",
+			expected:    "OAuth error: invalid_request - The request is missing a required parameter",
+		},
+		{
+			name:        "Error without description",
+			errorCode:   "unauthorized_client",
+			description: "",
+			uri:         "",
+			expected:    "OAuth error: unauthorized_client",
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			oauthErr := OAuthError{
+				ErrorCode:        tc.errorCode,
+				ErrorDescription: tc.description,
+				ErrorURI:         tc.uri,
+			}
+			
+			if oauthErr.Error() != tc.expected {
+				t.Errorf("Expected error message %q, got %q", tc.expected, oauthErr.Error())
+			}
+		})
+	}
+}
+
 func TestOAuthHandler_ProcessAuthorizationResponse_StateValidation(t *testing.T) {
 	// Create an OAuth handler
 	config := OAuthConfig{