From c8bd2e0a3a79b5a72c2197c8b7676e6dcb3e3e93 Mon Sep 17 00:00:00 2001
From: Armin Berger <contribute@arminberger.ch>
Date: Mon, 22 Jul 2024 15:59:42 +0200
Subject: [PATCH] chore: refine error message for restricted login

Signed-off-by: Armin Berger <contribute@arminberger.ch>
---
 lib/Controller/LoginController.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/Controller/LoginController.php b/lib/Controller/LoginController.php
index 06612292..d15ebe02 100644
--- a/lib/Controller/LoginController.php
+++ b/lib/Controller/LoginController.php
@@ -553,10 +553,10 @@ public function code(string $state = '', string $code = '', string $scope = '',
 		$restrictLoginToGroups = $this->providerService->getSetting($providerId, ProviderService::SETTING_RESTRICT_LOGIN_TO_GROUPS, '0');
 		if($restrictLoginToGroups === '1') {
 			$syncGroups = $this->provisioningService->getSyncGroupsOfToken($providerId, $idTokenPayload);
-			$this->logger->debug("Prevented user from login as user is not part of a whitelisted group");
 
 			if($syncGroups === null || count($syncGroups) === 0) {
-				$message = $this->l10n->t('You are not allowed to login');
+				$this->logger->debug("Prevented user from login as user is not part of a whitelisted group");
+				$message = $this->l10n->t('You do not have permission to log in to this instance. If you believe this is an error, please contact an Administrator.');
 				return $this->build403TemplateResponse($message, Http::STATUS_FORBIDDEN, ['reason' => 'user not allowed to login']);
 			}
 		}