better error handling for manager code request

silinternational · Jun 12, 2024 · 03f3b5e · 03f3b5e
1 parent 750fdf5
commit 03f3b5e
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 3 deletions.
diff --git a/modules/material/themes/material/mfa/send-manager-mfa.php b/modules/material/themes/material/mfa/send-manager-mfa.php
@@ -33,6 +33,24 @@
                     </p>
                 </div>
 
+                <?php
+                $message = $this->data['errorMessage'];
+
+                if (! empty($message)) {
+                ?>
+                    <div class="mdl-card__supporting-text" layout-children="column">
+                        <p class="mdl-color-text--red error">
+                            <i class="material-icons">error</i>
+
+                            <span class="mdl-typography--caption">
+                                <?= htmlentities($message) ?>
+                            </span>
+                        </p>
+                    </div>
+                <?php
+                }
+                ?>
+
                 <div class="mdl-card__actions" layout-children="row">
                 <button name="cancel" class="mdl-button mdl-button--primary">
                         <?= $this->t('{material:mfa:button_cancel}') ?>

diff --git a/modules/mfa/lib/Auth/Process/Mfa.php b/modules/mfa/lib/Auth/Process/Mfa.php
@@ -819,12 +819,12 @@ protected static function shouldPromptForMfa(array $mfa): bool
      * Send a rescue code to the manager, then redirect the user to a page where they
      * can enter the code.
      *
-     * NOTE: This function never returns.
+     * If successful, this function triggers a redirect and does not return
      *
      * @param array $state The state data.
      * @param LoggerInterface $logger A PSR-3 compatible logger.
      */
-    public static function sendManagerCode(array &$state, LoggerInterface $logger): void
+    public static function sendManagerCode(array &$state, LoggerInterface $logger): string
     {
         try {
             $idBrokerClient = self::getIdBrokerClient($state['idBrokerConfig']);
@@ -841,6 +841,7 @@ public static function sendManagerCode(array &$state, LoggerInterface $logger):
                 'employeeId' => $state['employeeId'],
                 'error' => $t->getCode() . ': ' . $t->getMessage(),
             ]));
+            return 'There was an unexpected error. Please try again or contact tech support for assistance';
         }
 
         $mfaOptions = $state['mfaOptions'];

diff --git a/modules/mfa/www/send-manager-mfa.php b/modules/mfa/www/send-manager-mfa.php
@@ -24,7 +24,7 @@
 $logger = LoggerFactory::getAccordingToState($state);
 
 if (filter_has_var(INPUT_POST, 'send')) {
-    Mfa::sendManagerCode($state, $logger);
+    $errorMessage = Mfa::sendManagerCode($state, $logger);
 } elseif (filter_has_var(INPUT_POST, 'cancel')) {
     $moduleUrl = SimpleSAML\Module::getModuleURL('mfa/prompt-for-mfa.php', [
         'StateId' => $stateId,
@@ -37,6 +37,7 @@
 $t = new Template($globalConfig, 'mfa:send-manager-mfa.php');
 $t->data['stateId'] = $stateId;
 $t->data['managerEmail'] = $state['managerEmail'];
+$t->data['errorMessage'] = $errorMessage ?? null;
 $t->show();
 
 $logger->info(json_encode([