Handling an error query on redirect_uri from identity provider

[ad8lmondy]

Hello,

When a user is blocked in Auth0, and the Auth0 tenancy is using their "universal login", when an account is blocked in Auth0, Auth0 will still redirect the user back to the application, but it will pass on some error details as a query to the redirect URI.

For example: https://my.example.com/secure/redirect_uri?error=unauthorized&error_description=user%20is%20blocked&state=fm20P...J7fmCUE

When this happens, Apache returns a 400 Bad Request to the user:

Bad Request
Your browser sent a request that this server could not understand.

I had a bit of a search, but I couldn't find a clear way to get mod_auth_openidc to handle this. Could anyone point me in the right direction?

Thanks

[zandbelt]

you can set ErrorDocument and pickup the OIDC_ERROR and OIDC_ERROR_DESC variables that have been set with the values returned from the Provider, see: https://httpd.apache.org/docs/2.4/custom-error.html