Bug #6861
closedDouble exception on incomplete authorisation information
0%
Description
When Mentat does not get identity field, it throws up exceptions - which throws another.
Throwing exception is not itself wrong, throwing another based on the same reason from the handler is.
However, the problem might be legitimate (identity provider not sending attributes), so user should probably be somehow informed, instead of getting generic 500 page.
Also, exception handler should log some relevant info (obtained auth data or so) for admin debugging.
(Setting priority to low, as it is now mitigated by Shibboleth configuration on server, however we should look into it eventually.)
Message type: CRITICAL Location: /var/mentat/venv/lib/python3.7/site-packages/vial/app.py:414 Module: app Function: eh_internal_server_error Time: 2020-12-04 10:40:28,374 Message: INTERNAL SERVER ERROR Request: /auth_env/register? Traceback: Traceback (most recent call last): File "/var/mentat/venv/lib/python3.7/site-packages/hawat/blueprints/auth_env/__init__.py", line 179, in get_item return self.get_user_from_env() File "/var/mentat/venv/lib/python3.7/site-packages/hawat/blueprints/auth_env/__init__.py", line 126, in get_user_from_env gettext("Unable to retrieve account login from your authentication provider.") hawat.blueprints.auth_env.RegistrationException: Nelze získat uživatelské jméno od Vašeho poskytovatele identity. During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/var/mentat/venv/lib/python3.7/site-packages/flask/app.py", line 1949, in full_dispatch_request rv = self.dispatch_request() File "/var/mentat/venv/lib/python3.7/site-packages/flask/app.py", line 1935, in dispatch_request return self.view_functions[rule.endpoint](**req.view_args) File "/var/mentat/venv/lib/python3.7/site-packages/flask/views.py", line 89, in view return self.dispatch_request(*args, **kwargs) File "/var/mentat/venv/lib/python3.7/site-packages/vial/blueprints/auth_env/__init__.py", line 251, in dispatch_request return super().dispatch_request() File "/var/mentat/venv/lib/python3.7/site-packages/vial/view/__init__.py", line 1622, in dispatch_request item = self.get_item() File "/var/mentat/venv/lib/python3.7/site-packages/hawat/blueprints/auth_env/__init__.py", line 181, in get_item self.abort(500, exc) File "/var/mentat/venv/lib/python3.7/site-packages/vial/view/mixin.py", line 60, in abort flask.abort(status_code, message) File "/var/mentat/venv/lib/python3.7/site-packages/werkzeug/exceptions.py", line 772, in abort return _aborter(status, *args, **kwargs) File "/var/mentat/venv/lib/python3.7/site-packages/werkzeug/exceptions.py", line 753, in __call__ raise self.mapping[code](*args, **kwargs) werkzeug.exceptions.InternalServerError: 500 Internal Server Error: Nelze získat uživatelské jméno od Vašeho poskytovatele identity.
Related issues
Updated by Pavel Kácha almost 4 years ago
- To be discussed changed from No to Yes
Updated by Pavel Kácha almost 4 years ago
- To be discussed deleted (
Yes)
After discussion 2021-01-11:
- rewrapped exception might be on purpose - would need to look into it if it's really necessary globally (not just in auth module)
- user does actually not need not to be informed much more apart from that error occured - admins knows it happended because it's mailed to him and has to look into it anyway. So no change in presentation necessary.
- However, exceptions, which leave app, should be logged with some more relevant info for debugging: session, cookie, request, user, environment. Flask might have some tools to help with this (something akin to cgitb).
Mek: handlers setting is in _setup_app_core - lib/vial/app.py
Updated by Rajmund Hruška 5 months ago
- Category set to Development - GUI
- Status changed from New to In Progress
- Target version changed from Backlog to 2.13.1
Updated by Rajmund Hruška 5 months ago
- Status changed from In Progress to Feedback
The same issue is present in attachment download view of events.
Message type: CRITICAL
Location: /var/mentat/venv/lib/python3.11/site-packages/hawat/base.py:492
Module: base
Function: eh_badrequest
Time: 2024-07-04 09:22:14,916
Message:
BAD REQUEST
Request: /events/xxxxxxxxxxxxxxxxxxxxxxxxx/attachments/str/download?
Traceback:
Traceback (most recent call last):
File "/var/mentat/venv/lib/python3.11/site-packages/hawat/blueprints/events/__init__.py", line 421, in dispatch_request
attachment_number = int(attachment_number)
^^^^^^^^^^^^^^^^^^^^^^
ValueError: invalid literal for int() with base 10: 'str'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 1823, in full_dispatch_request
rv = self.dispatch_request()
^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 1799, in dispatch_request
return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask_login/utils.py", line 290, in decorated_view
return current_app.ensure_sync(func)(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask/views.py", line 107, in view
return current_app.ensure_sync(self.dispatch_request)(**kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/hawat/blueprints/events/__init__.py", line 423, in dispatch_request
self.abort(400,
File "/var/mentat/venv/lib/python3.11/site-packages/hawat/view/mixin.py", line 60, in abort
flask.abort(status_code, message)
File "/var/mentat/venv/lib/python3.11/site-packages/flask/helpers.py", line 310, in abort
current_app.aborter(code, *args, **kwargs)
File "/var/mentat/venv/lib/python3.11/site-packages/werkzeug/exceptions.py", line 861, in __call__
raise self.mapping[code](*args, **kwargs)
werkzeug.exceptions.BadRequest: 400 Bad Request: Attachment number must be a valid number.
Updated by Rajmund Hruška 5 months ago
- Related to Task #7757: Log request and environment in case of an error added
Updated by Rajmund Hruška 5 months ago
- Status changed from Resolved to In Review