Project

General

Profile

Actions

Bug #6861

open

Double exception on incomplete authorisation information

Added by Pavel Kácha 7 months ago. Updated 7 months ago.

Status:
New
Priority:
Low
Category:
-
Target version:
Start date:
01/06/2021
Due date:
% Done:

0%

Estimated time:
To be discussed:

Description

When Mentat does not get identity field, it throws up exceptions - which throws another.

Throwing exception is not itself wrong, throwing another based on the same reason from the handler is.

However, the problem might be legitimate (identity provider not sending attributes), so user should probably be somehow informed, instead of getting generic 500 page.

Also, exception handler should log some relevant info (obtained auth data or so) for admin debugging.

(Setting priority to low, as it is now mitigated by Shibboleth configuration on server, however we should look into it eventually.)

Message type: CRITICAL
Location:     /var/mentat/venv/lib/python3.7/site-packages/vial/app.py:414
Module:       app
Function:     eh_internal_server_error
Time:         2020-12-04 10:40:28,374

Message:

INTERNAL SERVER ERROR

Request: /auth_env/register?
Traceback:
Traceback (most recent call last):
  File "/var/mentat/venv/lib/python3.7/site-packages/hawat/blueprints/auth_env/__init__.py", line 179, in get_item
    return self.get_user_from_env()
  File "/var/mentat/venv/lib/python3.7/site-packages/hawat/blueprints/auth_env/__init__.py", line 126, in get_user_from_env
    gettext("Unable to retrieve account login from your authentication provider.")
hawat.blueprints.auth_env.RegistrationException: Nelze získat uživatelské jméno od Vašeho poskytovatele identity.

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/var/mentat/venv/lib/python3.7/site-packages/flask/app.py", line 1949, in full_dispatch_request
    rv = self.dispatch_request()
  File "/var/mentat/venv/lib/python3.7/site-packages/flask/app.py", line 1935, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/var/mentat/venv/lib/python3.7/site-packages/flask/views.py", line 89, in view
    return self.dispatch_request(*args, **kwargs)
  File "/var/mentat/venv/lib/python3.7/site-packages/vial/blueprints/auth_env/__init__.py", line 251, in dispatch_request
    return super().dispatch_request()
  File "/var/mentat/venv/lib/python3.7/site-packages/vial/view/__init__.py", line 1622, in dispatch_request
    item = self.get_item()
  File "/var/mentat/venv/lib/python3.7/site-packages/hawat/blueprints/auth_env/__init__.py", line 181, in get_item
    self.abort(500, exc)
  File "/var/mentat/venv/lib/python3.7/site-packages/vial/view/mixin.py", line 60, in abort
    flask.abort(status_code, message)
  File "/var/mentat/venv/lib/python3.7/site-packages/werkzeug/exceptions.py", line 772, in abort
    return _aborter(status, *args, **kwargs)
  File "/var/mentat/venv/lib/python3.7/site-packages/werkzeug/exceptions.py", line 753, in __call__
    raise self.mapping[code](*args, **kwargs)
werkzeug.exceptions.InternalServerError: 500 Internal Server Error: Nelze získat uživatelské jméno od Vašeho poskytovatele identity.

Actions

Also available in: Atom PDF