Redirect with an error param on okta callback

[RulaKhaled]

Purpose/Motivation

What is the feature? Why is this being done?
We need a way to tell frontend that it's erroring, this is redirecting to the dashboard with an error param that will be caught in gazebo.

Links to relevant tickets

Improve Okta Login Error Handling for users

What does this PR do?

Include a brief description of the changes in this PR. Bullet points are your friend.
Check for error in the callback -> redirect to app wit the error and err description sent via OKTA

Notes to Reviewer

Anything to note to the team? Any tips on how to review, or where to start?

Legal Boilerplate

Look, I get it. The entity doing business as "Sentry" was incorporated in the State of Delaware in 2015 as Functional Software, Inc. In 2022 this entity acquired Codecov and as result Sentry is going to need some rights from me in order to utilize my contributions in this PR. So here's the deal: I retain all rights, title and interest in and to my contributions, and by keeping this boilerplate intact I confirm that Sentry can use, modify, copy, and redistribute my contributions, under Sentry's choice of terms.

[codecov-staging]

Codecov Report

All modified and coverable lines are covered by tests ✅

✅ All tests successful. No failed tests found.

📢 Thoughts on this report? Let us know!

[codecov-qa]

❌ 2 Tests Failed:

Tests completed	Failed	Passed	Skipped
2272	2	2270	6

View the top 2 failed tests by shortest run time

codecov_auth.tests.unit.views.test_okta_cloud test_okta_callback_perform_login_invalid_state

Stack Traces | 0.038s run time

signed_in_client = <utils.test_utils.Client object at 0x7f86167f2660>
caplog = <_pytest.logging.LogCaptureFixture object at 0x7f86159693d0>
okta_org = <Owner: Owner<github/foo-bar-organization>>
okta_account = <Account: Active Account: Lindsay Santiago>

    @pytest.mark.django_db
    def test_okta_callback_perform_login_invalid_state(
        signed_in_client: TestClient,
        caplog: LogCaptureFixture,
        okta_org: Owner,
        okta_account: Account,
    ):
        session = signed_in_client.session
        assert session.get(OKTA_SIGNED_IN_ACCOUNTS_SESSION_KEY) is None
        session["okta_cloud_oauth_state"] = "random-state"
    
        session[OKTA_CURRENT_SESSION] = {
            "org_ownerid": okta_org.ownerid,
            "okta_settings_id": okta_account.okta_settings.first().id,
        }
        session.save()
    
        res = signed_in_client.get(
            ".../login/okta/callback",
            data={
                "code": "random-code",
                "state": "different-state",
            },
        )
        assert res.status_code == 302
>       assert res.url == f"http://localhost:3000/github/{okta_org.username}"
E       AssertionError: assert 'http://local...invalid_state' == 'http://local...-organization'
E         
E         Skipping 38 identical leading characters in diff, use -v to show
E         - rganization
E         + rganization?error=invalid_state

.../unit/views/test_okta_cloud.py:412: AssertionError

codecov_auth.tests.unit.views.test_okta_cloud test_okta_callback_perform_login_no_user_data

Stack Traces | 0.039s run time

mocker = <pytest_mock.plugin.MockerFixture object at 0x7f86168632c0>
signed_in_client = <utils.test_utils.Client object at 0x7f86168610a0>
caplog = <_pytest.logging.LogCaptureFixture object at 0x7f8616862360>
okta_org = <Owner: Owner<github/foo-bar-organization>>
okta_account = <Account: Active Account: Sherry Castillo>
mocked_okta_token_request = <MagicMock name='post' id='140213971170176'>

    @pytest.mark.django_db
    def test_okta_callback_perform_login_no_user_data(
        mocker: MockerFixture,
        signed_in_client: TestClient,
        caplog: LogCaptureFixture,
        okta_org: Owner,
        okta_account: Account,
        mocked_okta_token_request: Any,
    ):
        state = "test-state"
        session = signed_in_client.session
        assert session.get(OKTA_SIGNED_IN_ACCOUNTS_SESSION_KEY) is None
        session["okta_cloud_oauth_state"] = state
    
        session[OKTA_CURRENT_SESSION] = {
            "org_ownerid": okta_org.ownerid,
            "okta_settings_id": okta_account.okta_settings.first().id,
        }
        session.save()
    
        mocked_okta_token_request.return_value = mocker.MagicMock(
            status_code=400,
        )
    
        res = signed_in_client.get(
            ".../login/okta/callback",
            data={
                "code": "random-code",
                "state": state,
            },
        )
>       assert res.status_code == 400
E       assert 302 == 400
E        +  where 302 = <HttpResponseRedirect status_code=302, "text/html; charset=utf-8", url="http://localhost:3000/github/foo-bar-organization?error=invalid_token_response">.status_code

.../unit/views/test_okta_cloud.py:451: AssertionError

To view individual test run time comparison to the main branch, go to the Test Analytics Dashboard

[codecov-public-qa]

Test Failures Detected: Due to failing tests, we cannot provide coverage reports at this time.

❌ Failed Test Results:

Completed 2278 tests with 2 failed, 2270 passed and 6 skipped.

View the full list of failed tests

pytest

• Class name: codecov_auth.tests.unit.views.test_okta_cloud
  Test name: test_okta_callback_perform_login_invalid_state
  
  

  signed_in_client = <utils.test_utils.Client object at 0x7f86167f2660>
  caplog = <_pytest.logging.LogCaptureFixture object at 0x7f86159693d0>
  okta_org = <Owner: Owner<github/foo-bar-organization>>
  okta_account = <Account: Active Account: Lindsay Santiago>
  
      @pytest.mark.django_db
      def test_okta_callback_perform_login_invalid_state(
          signed_in_client: TestClient,
          caplog: LogCaptureFixture,
          okta_org: Owner,
          okta_account: Account,
      ):
          session = signed_in_client.session
          assert session.get(OKTA_SIGNED_IN_ACCOUNTS_SESSION_KEY) is None
          session["okta_cloud_oauth_state"] = "random-state"
      
          session[OKTA_CURRENT_SESSION] = {
              "org_ownerid": okta_org.ownerid,
              "okta_settings_id": okta_account.okta_settings.first().id,
          }
          session.save()
      
          res = signed_in_client.get(
              ".../login/okta/callback",
              data={
                  "code": "random-code",
                  "state": "different-state",
              },
          )
          assert res.status_code == 302
  >       assert res.url == f"http://localhost:3000/github/{okta_org.username}"
  E       AssertionError: assert 'http://local...invalid_state' == 'http://local...-organization'
  E         
  E         Skipping 38 identical leading characters in diff, use -v to show
  E         - rganization
  E         + rganization&error=invalid_state
  
  .../unit/views/test_okta_cloud.py:412: AssertionError

• Class name: codecov_auth.tests.unit.views.test_okta_cloud
  Test name: test_okta_callback_perform_login_no_user_data
  
  

  mocker = <pytest_mock.plugin.MockerFixture object at 0x7f86168632c0>
  signed_in_client = <utils.test_utils.Client object at 0x7f86168610a0>
  caplog = <_pytest.logging.LogCaptureFixture object at 0x7f8616862360>
  okta_org = <Owner: Owner<github/foo-bar-organization>>
  okta_account = <Account: Active Account: Sherry Castillo>
  mocked_okta_token_request = <MagicMock name='post' id='140213971170176'>
  
      @pytest.mark.django_db
      def test_okta_callback_perform_login_no_user_data(
          mocker: MockerFixture,
          signed_in_client: TestClient,
          caplog: LogCaptureFixture,
          okta_org: Owner,
          okta_account: Account,
          mocked_okta_token_request: Any,
      ):
          state = "test-state"
          session = signed_in_client.session
          assert session.get(OKTA_SIGNED_IN_ACCOUNTS_SESSION_KEY) is None
          session["okta_cloud_oauth_state"] = state
      
          session[OKTA_CURRENT_SESSION] = {
              "org_ownerid": okta_org.ownerid,
              "okta_settings_id": okta_account.okta_settings.first().id,
          }
          session.save()
      
          mocked_okta_token_request.return_value = mocker.MagicMock(
              status_code=400,
          )
      
          res = signed_in_client.get(
              ".../login/okta/callback",
              data={
                  "code": "random-code",
                  "state": state,
              },
          )
  >       assert res.status_code == 400
  E       assert 302 == 400
  E        +  where 302 = <HttpResponseRedirect status_code=302, "text/html; charset=utf-8", url="http://localhost:3000/github/foo-bar-organization&error=invalid_token_response">.status_code
  
  .../unit/views/test_okta_cloud.py:451: AssertionError

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 96.28%. Comparing base (ff2e8dd) to head (a2f640e).
Report is 5 commits behind head on main.

✅ All tests successful. No failed tests found.

Additional details and impacted files

@@               Coverage Diff                @@
##               main       #814        +/-   ##
================================================
+ Coverage   96.22000   96.28000   +0.06000     
================================================
  Files           812        812                
  Lines         18529      18789       +260     
================================================
+ Hits          17830      18091       +261     
+ Misses          699        698         -1     

Flag	Coverage Δ
unit	92.20% <100.00%> (+0.12%)	⬆️
unit-latest-uploader	92.20% <100.00%> (+0.12%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[michelletran-codecov]

LGTM. Just make sure to dismiss the code scanning warning.