diff --git a/lib/SimpleSAML/Error/ErrorCodes.php b/lib/SimpleSAML/Error/ErrorCodes.php index 9f5fbc8e18f893112ddbc41cb273e9e9fc680f71..d08744bf715ebdd3adb653fadf6825065e206c33 100644 --- a/lib/SimpleSAML/Error/ErrorCodes.php +++ b/lib/SimpleSAML/Error/ErrorCodes.php @@ -21,39 +21,39 @@ class ErrorCodes final public static function defaultGetAllErrorCodeTitles(): array { return [ - 'ACSPARAMS' => Translate::noop('{errors:title_ACSPARAMS}'), + 'ACSPARAMS' => Translate::noop('No SAML response provided'), 'ARSPARAMS' => Translate::noop('No SAML message provided'), - 'AUTHSOURCEERROR' => Translate::noop('{errors:title_AUTHSOURCEERROR}'), - 'BADREQUEST' => Translate::noop('{errors:title_BADREQUEST}'), - 'CASERROR' => Translate::noop('{errors:title_CASERROR}'), - 'CONFIG' => Translate::noop('{errors:title_CONFIG}'), - 'CREATEREQUEST' => Translate::noop('{errors:title_CREATEREQUEST}'), - 'DISCOPARAMS' => Translate::noop('{errors:title_DISCOPARAMS}'), - 'GENERATEAUTHNRESPONSE' => Translate::noop('{errors:title_GENERATEAUTHNRESPONSE}'), - 'INVALIDCERT' => Translate::noop('{errors:title_INVALIDCERT}'), - 'LDAPERROR' => Translate::noop('{errors:title_LDAPERROR}'), - 'LOGOUTINFOLOST' => Translate::noop('{errors:title_LOGOUTINFOLOST}'), - 'LOGOUTREQUEST' => Translate::noop('{errors:title_LOGOUTREQUEST}'), + 'AUTHSOURCEERROR' => Translate::noop('Authentication source error'), + 'BADREQUEST' => Translate::noop('Bad request received'), + 'CASERROR' => Translate::noop('CAS Error'), + 'CONFIG' => Translate::noop('Configuration error'), + 'CREATEREQUEST' => Translate::noop('Error creating request'), + 'DISCOPARAMS' => Translate::noop('Bad request to discovery service'), + 'GENERATEAUTHNRESPONSE' => Translate::noop('Could not create authentication response'), + 'INVALIDCERT' => Translate::noop('Invalid certificate'), + 'LDAPERROR' => Translate::noop('LDAP Error'), + 'LOGOUTINFOLOST' => Translate::noop('Logout information lost'), + 'LOGOUTREQUEST' => Translate::noop('Error processing the Logout Request'), 'MEMCACHEDOWN' => Translate::noop('Cannot retrieve session data'), - 'METADATA' => Translate::noop('{errors:title_METADATA}'), - 'METADATANOTFOUND' => Translate::noop('{errors:title_METADATANOTFOUND}'), - 'NOACCESS' => Translate::noop('{errors:title_NOACCESS}'), - 'NOCERT' => Translate::noop('{errors:title_NOCERT}'), - 'NORELAYSTATE' => Translate::noop('{errors:title_NORELAYSTATE}'), - 'NOSTATE' => Translate::noop('{errors:title_NOSTATE}'), - 'NOTFOUND' => Translate::noop('{errors:title_NOTFOUND}'), - 'NOTFOUNDREASON' => Translate::noop('{errors:title_NOTFOUNDREASON}'), - 'NOTSET' => Translate::noop('{errors:title_NOTSET}'), - 'NOTVALIDCERT' => Translate::noop('{errors:title_NOTVALIDCERT}'), - 'PROCESSASSERTION' => Translate::noop('{errors:title_PROCESSASSERTION}'), - 'PROCESSAUTHNREQUEST' => Translate::noop('{errors:title_PROCESSAUTHNREQUEST}'), - 'RESPONSESTATUSNOSUCCESS' => Translate::noop('{errors:title_RESPONSESTATUSNOSUCCESS}'), - 'SLOSERVICEPARAMS' => Translate::noop('{errors:title_SLOSERVICEPARAMS}'), + 'METADATA' => Translate::noop('Error loading metadata'), + 'METADATANOTFOUND' => Translate::noop('Metadata not found'), + 'NOACCESS' => Translate::noop('No access'), + 'NOCERT' => Translate::noop('No certificate'), + 'NORELAYSTATE' => Translate::noop('No RelayState'), + 'NOSTATE' => Translate::noop('State information lost'), + 'NOTFOUND' => Translate::noop('Page not found'), + 'NOTFOUNDREASON' => Translate::noop('Page not found'), + 'NOTSET' => Translate::noop('Password not set'), + 'NOTVALIDCERT' => Translate::noop('Invalid certificate'), + 'PROCESSASSERTION' => Translate::noop('Error processing response from Identity Provider'), + 'PROCESSAUTHNREQUEST' => Translate::noop('Error processing request from Service Provider'), + 'RESPONSESTATUSNOSUCCESS' => Translate::noop('Error received from Identity Provider'), + 'SLOSERVICEPARAMS' => Translate::noop('No SAML message provided'), 'SSOPARAMS' => Translate::noop('No SAML request provided'), - 'UNHANDLEDEXCEPTION' => Translate::noop('{errors:title_UNHANDLEDEXCEPTION}'), - 'UNKNOWNCERT' => Translate::noop('{errors:title_UNKNOWNCERT}'), - 'USERABORTED' => Translate::noop('{errors:title_USERABORTED}'), - 'WRONGUSERPASS' => Translate::noop('{errors:title_WRONGUSERPASS}'), + 'UNHANDLEDEXCEPTION' => Translate::noop('Unhandled exception'), + 'UNKNOWNCERT' => Translate::noop('Unknown certificate'), + 'USERABORTED' => Translate::noop('Authentication aborted'), + 'WRONGUSERPASS' => Translate::noop('Incorrect username or password'), ]; } @@ -79,45 +79,84 @@ class ErrorCodes final public static function defaultGetAllErrorCodeDescriptions(): array { return [ - 'ACSPARAMS' => Translate::noop('{errors:descr_ACSPARAMS}'), + 'ACSPARAMS' => Translate::noop("" . + "You accessed the Assertion Consumer Service interface, but did not " . + "provide a SAML Authentication Response. Please note that this endpoint is" . + " not intended to be accessed directly."), 'ARSPARAMS' => Translate::noop("" . "You accessed the Artifact Resolution Service interface, but did not " . "provide a SAML ArtifactResolve message. Please note that this endpoint is" . " not intended to be accessed directly."), - 'AUTHSOURCEERROR' => Translate::noop('{errors:descr_AUTHSOURCEERROR}'), - 'BADREQUEST' => Translate::noop('{errors:descr_BADREQUEST}'), - 'CASERROR' => Translate::noop('{errors:descr_CASERROR}'), - 'CONFIG' => Translate::noop('{errors:descr_CONFIG}'), - 'CREATEREQUEST' => Translate::noop('{errors:descr_CREATEREQUEST}'), - 'DISCOPARAMS' => Translate::noop('{errors:descr_DISCOPARAMS}'), - 'GENERATEAUTHNRESPONSE' => Translate::noop('{errors:descr_GENERATEAUTHNRESPONSE}'), - 'INVALIDCERT' => Translate::noop('{errors:descr_INVALIDCERT}'), - 'LDAPERROR' => Translate::noop('{errors:descr_LDAPERROR}'), - 'LOGOUTINFOLOST' => Translate::noop('{errors:descr_LOGOUTINFOLOST}'), - 'LOGOUTREQUEST' => Translate::noop('{errors:descr_LOGOUTREQUEST}'), - 'MEMCACHEDOWN' => Translate::noop('{errors:descr_MEMCACHEDOWN}'), - 'METADATA' => Translate::noop('{errors:descr_METADATA}'), - 'METADATANOTFOUND' => Translate::noop('{errors:descr_METADATANOTFOUND}'), - 'NOACCESS' => Translate::noop('{errors:descr_NOACCESS}'), - 'NOCERT' => Translate::noop('{errors:descr_NOCERT}'), - 'NORELAYSTATE' => Translate::noop('{errors:descr_NORELAYSTATE}'), - 'NOSTATE' => Translate::noop('{errors:descr_NOSTATE}'), - 'NOTFOUND' => Translate::noop('{errors:descr_NOTFOUND}'), - 'NOTFOUNDREASON' => Translate::noop('{errors:descr_NOTFOUNDREASON}'), - 'NOTSET' => Translate::noop('{errors:descr_NOTSET}'), - 'NOTVALIDCERT' => Translate::noop('{errors:descr_NOTVALIDCERT}'), - 'PROCESSASSERTION' => Translate::noop('{errors:descr_PROCESSASSERTION}'), - 'PROCESSAUTHNREQUEST' => Translate::noop('{errors:descr_PROCESSAUTHNREQUEST}'), - 'RESPONSESTATUSNOSUCCESS' => Translate::noop('{errors:descr_RESPONSESTATUSNOSUCCESS}'), - 'SLOSERVICEPARAMS' => Translate::noop('{errors:descr_SLOSERVICEPARAMS}'), + 'AUTHSOURCEERROR' => Translate::noop('Authentication error in source %AUTHSOURCE%. The reason was: %REASON%'), + 'BADREQUEST' => Translate::noop('There is an error in the request to this page. The reason was: %REASON%'), + 'CASERROR' => Translate::noop('Error when communicating with the CAS server.'), + 'CONFIG' => Translate::noop('SimpleSAMLphp appears to be misconfigured.'), + 'CREATEREQUEST' => Translate::noop("An error occurred when trying to create the SAML request."), + 'DISCOPARAMS' => Translate::noop("" . + "The parameters sent to the discovery service were not according to " . + "specifications."), + 'GENERATEAUTHNRESPONSE' => Translate::noop("" . + "When this identity provider tried to create an authentication response, " . + "an error occurred."), + 'INVALIDCERT' => Translate::noop("" . + "Authentication failed: the certificate your browser sent is invalid or " . + "cannot be read"), + 'LDAPERROR' => Translate::noop("" . + "LDAP is the user database, and when you try to login, we need to contact " . + "an LDAP database. An error occurred when we tried it this time."), + 'LOGOUTINFOLOST' => Translate::noop("" . + "The information about the current logout operation has been lost. You " . + "should return to the service you were trying to log out from and try to " . + "log out again. This error can be caused by the logout information " . + "expiring. The logout information is stored for a limited amout of time - " . + "usually a number of hours. This is longer than any normal logout " . + "operation should take, so this error may indicate some other error with " . + "the configuration. If the problem persists, contact your service " . + "provider."), + 'LOGOUTREQUEST' => Translate::noop('An error occurred when trying to process the Logout Request.'), + 'MEMCACHEDOWN' => Translate::noop("" . + "Your session data cannot be retrieved right now due to technical " . + "difficulties. Please try again in a few minutes."), + 'METADATA' => Translate::noop("" . + "There is some misconfiguration of your SimpleSAMLphp installation. If you" . + " are the administrator of this service, you should make sure your " . + "metadata configuration is correctly setup."), + 'METADATANOTFOUND' => Translate::noop('Unable to locate metadata for %ENTITYID%'), + 'NOACCESS' => Translate::noop("" . + "This endpoint is not enabled. Check the enable options in your " . + "configuration of SimpleSAMLphp."), + 'NOCERT' => Translate::noop('Authentication failed: your browser did not send any certificate'), + 'NORELAYSTATE' => Translate::noop("". + "The initiator of this request did not provide a RelayState parameter " . + "indicating where to go next."), + 'NOSTATE' => Translate::noop('State information lost, and no way to restart the request'), + 'NOTFOUND' => Translate::noop('The given page was not found. The URL was: %URL%'), + 'NOTFOUNDREASON' => Translate::noop("The given page was not found. The reason was: %REASON% The URL was: %URL%"), + 'NOTSET' => Translate::noop("" . + "The password in the configuration (auth.adminpassword) is not changed " . + "from the default value. Please edit the configuration file."), + 'NOTVALIDCERT' => Translate::noop('You did not present a valid certificate.'), + 'PROCESSASSERTION' => Translate::noop('We did not accept the response sent from the Identity Provider.'), + 'PROCESSAUTHNREQUEST' => Translate::noop("" . + "This Identity Provider received an Authentication Request from a Service " . + "Provider, but an error occurred when trying to process the request."), + 'RESPONSESTATUSNOSUCCESS' => Translate::noop("" . + "The Identity Provider responded with an error. (The status code in the " . + "SAML Response was not success)"), + 'SLOSERVICEPARAMS' => Translate::noop("" . + "You accessed the SingleLogoutService interface, but did not provide a " . + "SAML LogoutRequest or LogoutResponse. Please note that this endpoint is " . + "not intended to be accessed directly."), 'SSOPARAMS' => Translate::noop("" . "You accessed the Single Sign On Service interface, but did not provide a " . "SAML Authentication Request. Please note that this endpoint is not " . "intended to be accessed directly."), - 'UNHANDLEDEXCEPTION' => Translate::noop('{errors:descr_UNHANDLEDEXCEPTION}'), - 'UNKNOWNCERT' => Translate::noop('{errors:descr_UNKNOWNCERT}'), - 'USERABORTED' => Translate::noop('{errors:descr_USERABORTED}'), - 'WRONGUSERPASS' => Translate::noop('{errors:descr_WRONGUSERPASS}'), + 'UNHANDLEDEXCEPTION' => Translate::noop('An unhandled exception was thrown.'), + 'UNKNOWNCERT' => Translate::noop('Authentication failed: the certificate your browser sent is unknown'), + 'USERABORTED' => Translate::noop('The authentication was aborted by the user'), + 'WRONGUSERPASS' => Translate::noop("" . + "Either no user with the given username could be found, or the password " . + "you gave was wrong. Please check the username and try again."), ]; } diff --git a/templates/error.twig b/templates/error.twig index 0db60937391558ced2905d9b1e40ceaeaa670dfa..9f9bcf90763478aa0279ec17d2877cc6163e54fc 100644 --- a/templates/error.twig +++ b/templates/error.twig @@ -38,21 +38,21 @@ {# Add error report submit section if we have a valid technical contact. 'errorreportaddress' will only be set if the technical contact email address has been set. #} {% if errorReportAddress is defined -%} - <h2>{{ '{errors:report_header}' | trans }}</h2> + <h2>{{ 'Report errors' | trans }}</h2> <form action="{{ errorReportAddress }}" class="pure-form" method="post"> - <p>{{ '{errors:report_text}' | trans }}</p> - <label for="email">{{ '{errors:report_email}' | trans }}</label> + <p>{{ 'Optionally enter your email address, for the administrators to be able contact you for further questions about your issue:' | trans }}</p> + <label for="email">{{ 'E-mail address:' | trans }}</label> <input type="email" name="email" id="email" class="edge" size="50" value="{{ email }}"> - <textarea class="text-area edge" name="text" rows="6" cols="50" placeholder="{{ '{errors:report_explain}' | trans }}" required></textarea> + <textarea class="text-area edge" name="text" rows="6" cols="50" placeholder="{{ 'Explain what you did when this error occurred...' | trans }}" required></textarea> <p class="center"> <input type="hidden" name="reportId" value="{{ error.reportId }}" /> - <input type="submit" name="send" class="pure-button pure-button-red" value="{{ '{errors:report_submit}' | trans }}" /> + <input type="submit" name="send" class="pure-button pure-button-red" value="{{ 'Send error report' | trans }}" /> </p> </form> {%- endif %} - <h2>{{ '{errors:howto_header}' | trans }}</h2> - <p>{{ '{errors:howto_text}' | trans }}</p> + <h2>{{ 'How to get help' | trans }}</h2> + <p>{{ 'This error probably is due to some unexpected behaviour or to misconfiguration of SimpleSAMLphp. Contact the administrator of this login service, and send them the error message above.' | trans }}</p> {% endblock %}