MDL-70282 oauth: Improve error information

If the request to the OAuth 2 token endpoint fails show the response
body the endpoint returned with its HTTP status (when debug: DEVELOPER).
If no response is available show any error returned by Curl.  Previously
none of this information was available making troubleshooting difficult.

If a token refresh fails in \core\oauth2\refresh_system_tokens_task an
exception is now thrown so that the result is shown as "Fail" on
admin/tasklogs.php?filter=core\oauth2\refresh_system_tokens_task

lang/en/error.php

@@ -474,6 +474,9 @@ $string['notownerofkey'] = 'You are not owner of this key';
 $string['nousers'] = 'No such user!';
 $string['oauth1accesstoken'] = 'OAuth 1.0 error: We did not obtain the access token.';
 $string['oauth1requesttoken'] = 'OAuth 1.0 error: We did not obtain the request token - the service provider may be temporarily down.';
+$string['oauth2upgradetokenerror'] = 'Could not upgrade OAuth 2 token. HTTP status for remote endpoint: {$a}';
+$string['oauth2refreshtokenerror'] = 'Could not refresh OAuth 2 token. HTTP status for remote endpoint: {$a}';
+$string['oauth2refreshtokentaskerror'] = 'Could not refresh OAuth 2 token for one or more issuers. View task output for details.';
 $string['onlyadmins'] = 'Only administrators can do that';
 $string['onlyeditingteachers'] = 'Only editing teachers can do that';
 $string['onlyeditown'] = 'You can only edit your own information';

lib/classes/oauth2/client.php

@@ -403,7 +403,8 @@ class client extends \oauth2_client {
         }
 
         if ($this->info['http_code'] !== 200) {
-            throw new moodle_exception('Could not upgrade oauth token');
+            $debuginfo = !empty($this->error) ? $this->error : $response;
+            throw new moodle_exception('oauth2refreshtokenerror', 'core_error', '', $this->info['http_code'], $debuginfo);
         }
 
         $r = json_decode($response);

lib/classes/oauth2/refresh_system_tokens_task.php

@@ -85,6 +85,7 @@ class refresh_system_tokens_task extends scheduled_task {
      */
     public function execute() {
         $issuers = \core\oauth2\api::get_all_issuers();
+        $tasksuccess = true;
         foreach ($issuers as $issuer) {
             if ($issuer->is_system_account_connected()) {
                 try {
@@ -92,13 +93,19 @@ class refresh_system_tokens_task extends scheduled_task {
                     // Returns false or throws a moodle_exception on error.
                     $success = \core\oauth2\api::get_system_oauth_client($issuer);
                 } catch (moodle_exception $e) {
+                    mtrace($e->getMessage());
                     $success = false;
                 }
                 if ($success === false) {
                     $this->notify_admins($issuer);
+                    $tasksuccess = false;
                 }
             }
         }
+
+        if (!$tasksuccess) {
+             throw new moodle_exception('oauth2refreshtokentaskerror', 'core_error');
+        }
     }
 
 }

lib/oauthlib.php

@@ -568,7 +568,8 @@ abstract class oauth2_client extends curl {
         }
 
         if ($this->info['http_code'] !== 200) {
-            throw new moodle_exception('Could not upgrade oauth token');
+            $debuginfo = !empty($this->error) ? $this->error : $response;
+            throw new moodle_exception('oauth2upgradetokenerror', 'core_error', '', $this->info['http_code'], $debuginfo);
         }
 
         $r = json_decode($response);