Commit e6eb7c1a authored by Lukas Burgey's avatar Lukas Burgey
Browse files

Change error handling and logging in auth

parent 89d739b9
......@@ -26,6 +26,10 @@ def idp_id_from_request(request):
return default_idp().id
class AuthException(Exception):
pass
class Auth(View):
def get(self, request):
try:
......@@ -41,7 +45,7 @@ class Auth(View):
state,
)
LOGGER.debug('redirecting user to oidc client %s', oidc_config)
LOGGER.debug('Auth: redirecting %s to IdP %s', state, oidc_config)
return redirect(auth_redirect)
except Exception as exception:
......@@ -57,16 +61,21 @@ class AuthCallback(View):
try:
state = utils.get_session(request, 'state', None)
idp_id = utils.get_session(request, 'idp_id', default_idp().id)
oidc_config = OIDCConfig.objects.get(id=idp_id)
LOGGER.debug('AuthCallback: %s returned from IdP %s', state, oidc_config)
aresp = oidc_config.oidc_client.parse_response(
AuthorizationResponse,
info=json.dumps(request.GET),
)
if 'error' in aresp:
LOGGER.debug('AuthCallback: error response: %s', aresp)
raise AuthException('Erroneous callback from IdP {}'.format(oidc_config))
if not state == aresp['state']:
LOGGER.error('states do not match')
raise Exception('States do not match')
LOGGER.error('AuthCallback: states do not match')
raise AuthException('AuthCallbackStates do not match')
ac_token_response = (
oidc_config.oidc_client.do_access_token_request(
......@@ -114,7 +123,7 @@ class AuthCallback(View):
return response
except Exception as exception:
except AuthException as exception:
LOGGER.error('AuthCallback: %s', exception)
# the error is deleted from the session when the state is delivered
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment