From bf7b150bd3638ec075e328039568bd6a1976fb46 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Fri, 7 Jun 2019 10:22:10 +0200 Subject: [PATCH] do not crash if no idp is found (#19260) Also improve logging of no idp situation in default backend. --- mellon/backends.py | 9 ++++++++- mellon/views.py | 3 +-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/mellon/backends.py b/mellon/backends.py index 575bb08..abaaf5e 100644 --- a/mellon/backends.py +++ b/mellon/backends.py @@ -14,18 +14,25 @@ # along with this program. If not, see . from __future__ import unicode_literals +import logging from django.contrib.auth.backends import ModelBackend from . import utils +logger = logging.getLogger(__name__) + class SAMLBackend(ModelBackend): def authenticate(self, saml_attributes, request=None): # without an issuer we can do nothing if 'issuer' not in saml_attributes: - return + logger.debug('no idp in saml_attributes') + return None idp = utils.get_idp(saml_attributes['issuer']) + if not idp: + logger.debug('unknown idp %s', saml_attributes['issuer']) + return None adapters = utils.get_adapters(idp) for adapter in adapters: if not hasattr(adapter, 'authorize'): diff --git a/mellon/views.py b/mellon/views.py index 6228a93..f7afb0c 100644 --- a/mellon/views.py +++ b/mellon/views.py @@ -130,7 +130,7 @@ class LoginView(ProfileMixin, LogMixin, View): for idp in utils.get_idps(): return idp else: - return None + return {} else: return utils.get_idp(entity_id) @@ -305,7 +305,6 @@ class LoginView(ProfileMixin, LogMixin, View): 'no entity id found for this artifact %r' % artifact) idp = utils.get_idp(login.remoteProviderId) if not idp: - self.log.warning('entity id %r is unknown', login.remoteProviderId) return HttpResponseBadRequest( 'entity id %r is unknown' % login.remoteProviderId) verify_ssl_certificate = utils.get_setting( -- 2.22.0