From 3d474c2fff7a8ee846421f367d69300a7dfcf378 Mon Sep 17 00:00:00 2001
From: ralf <rb@egroupware.org>
Date: Tue, 7 May 2024 11:28:12 +0200
Subject: [PATCH] display OpenIDConnect errors and problem on the login page,
 do NOT fail silently

---
 api/src/Auth/Openidconnect.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/api/src/Auth/Openidconnect.php b/api/src/Auth/Openidconnect.php
index 55ffb60fa7..784e41375a 100644
--- a/api/src/Auth/Openidconnect.php
+++ b/api/src/Auth/Openidconnect.php
@@ -51,6 +51,8 @@ class Openidconnect implements BackendSSO
 				// fail if auto-creation of authenticated users is NOT configured
 				if (empty($GLOBALS['egw_info']['server']['auto_create_acct']))
 				{
+					error_log(__METHOD__."() OpenIDConnect login successful, but user '$account_lid' does NOT exist in EGroupware, AND automatic user creating is disabled!");
+					$_GET['cd'] = lang("OpenIDConnect login successful, but user '%1' does NOT exist in EGroupware, AND automatic user creating is disabled!", $account_lid);
 					return null;
 				}
 				try {
@@ -75,7 +77,7 @@ class Openidconnect implements BackendSSO
 		}
 		catch(\Exception $e) {
 			_egw_log_exception($e);
-			$GLOBALS['egw']->session->cd_reason = 'OpenIDConnect Error: '.$e->getMessage();
+			$_GET['cd'] = 'OpenIDConnect Error: '.$e->getMessage();
 			return null;
 		}
 	}