Commit 706dda00 authored by Lukas Burgey's avatar Lukas Burgey

Handle a specific exception in the auth process

parent 48b6b49d
...@@ -9,6 +9,7 @@ from django.shortcuts import redirect ...@@ -9,6 +9,7 @@ from django.shortcuts import redirect
from django.views import View from django.views import View
from oic import rndstr from oic import rndstr
from oic.oic.message import AuthorizationResponse from oic.oic.message import AuthorizationResponse
from oic.oauth2.exception import HttpError
from rest_framework import generics, views from rest_framework import generics, views
from rest_framework.permissions import AllowAny from rest_framework.permissions import AllowAny
from rest_framework.response import Response from rest_framework.response import Response
...@@ -31,7 +32,6 @@ def select_oidc_config(request): ...@@ -31,7 +32,6 @@ def select_oidc_config(request):
issuer_uri_urlenc = request.GET.get('idp', None) issuer_uri_urlenc = request.GET.get('idp', None)
idp_id = request.COOKIES.get(IDP_COOKIE_NAME, None) idp_id = request.COOKIES.get(IDP_COOKIE_NAME, None)
# IdP selection using the 'idp' url parameter # IdP selection using the 'idp' url parameter
try: try:
if issuer_uri_urlenc is not None: if issuer_uri_urlenc is not None:
...@@ -109,20 +109,29 @@ class AuthCallback(View): ...@@ -109,20 +109,29 @@ class AuthCallback(View):
if not state == aresp['state']: if not state == aresp['state']:
raise AuthException('AuthCallback: States do not match') raise AuthException('AuthCallback: States do not match')
ac_token_response = ( ac_token_response = None
oidc_client.do_access_token_request( try:
state=state, ac_token_response = (
request_args={ oidc_client.do_access_token_request(
'code': aresp['code'] state=state,
}, request_args={
'code': aresp['code']
},
)
) )
) except HttpError as exception:
# this exception is throw
LOGGER.error('AuthCallback: Access Token Request: %s', exception)
# the error is deleted from the session when the state is delivered
request.session['error'] = 'Server Communication Error'
return redirect('/')
# TODO retry in the future # TODO retry in the future
#pyoidc_userinfo = oidc_client.do_user_info_request( # pyoidc_userinfo = oidc_client.do_user_info_request(
# state=aresp["state"], # state=aresp["state"],
#) # )
#LOGGER.debug("pyoidc: %s", pyoidc_userinfo) # LOGGER.debug("pyoidc: %s", pyoidc_userinfo)
user = authenticate( user = authenticate(
request, request,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment