+ defp handle_create_authorization_error(
+ %Plug.Conn{} = conn,
+ {:mfa_required, user, auth, _},
+ params
+ ) do
+ {:ok, token} = MFA.Token.create_token(user, auth)
+
+ data = %{
+ "mfa_token" => token.token,
+ "redirect_uri" => params["authorization"]["redirect_uri"],
+ "state" => params["authorization"]["state"]
+ }
+
+ MFAController.show(conn, data)
+ end
+
+ defp handle_create_authorization_error(
+ %Plug.Conn{} = conn,
+ {:account_status, :password_reset_pending},
+ %{"authorization" => _} = params
+ ) do
+ conn
+ |> put_flash(:error, dgettext("errors", "Password reset is required"))
+ |> put_status(:forbidden)
+ |> authorize(params)
+ end
+
+ defp handle_create_authorization_error(
+ %Plug.Conn{} = conn,
+ {:account_status, :deactivated},
+ %{"authorization" => _} = params
+ ) do
+ conn
+ |> put_flash(:error, dgettext("errors", "Your account is currently disabled"))
+ |> put_status(:forbidden)
+ |> authorize(params)
+ end
+