From aedf392c0f3a4a43f0b39a43d15720aceac9e936 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Fri, 22 Jan 2016 16:35:41 +0100 Subject: [PATCH] log errors when loading IdP metadata instead of throwing a traceback (fixes #9745) --- mellon/utils.py | 28 +++++++++++++++++++++------- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/mellon/utils.py b/mellon/utils.py index 9fd5772..7512a20 100644 --- a/mellon/utils.py +++ b/mellon/utils.py @@ -43,6 +43,7 @@ def create_metadata(request): SERVERS = {} def create_server(request): + logger = logging.getLogger(__name__) root = request.build_absolute_uri('/') if root not in SERVERS: idps = get_idps() @@ -69,17 +70,30 @@ def create_server(request): password = key[1] key = key[0] server.setEncryptionPrivateKeyWithPassword(key, password) - for idp in idps: + for i, idp in enumerate(idps): if 'METADATA_URL' in idp and 'METADATA' not in idp: verify_ssl_certificate = get_setting( idp, 'VERIFY_SSL_CERTIFICATE') - idp['METADATA'] = requests.get(idp['METADATA_URL'], - verify=verify_ssl_certificate).content - metadata = idp['METADATA'] - if metadata.startswith('/'): - metadata = file(metadata).read() + response = requests.get(idp['METADATA_URL'], + verify=verify_ssl_certificate) + if not response.ok: + logger.error('retrieval of metadata URL %r failed with status %r for %d-th idp', + idp['METADATA_URL'], response.status_code, i) + continue + metadata = response.content + elif 'METADATA' in idp: + if idp['METADATA'].startswith('/'): + metadata = file(idp['METADATA']).read() + else: + logger.error(u'missing METADATA or METADATA_URL in %d-th idp', i) + continue + try: + server.addProviderFromBuffer(lasso.PROVIDER_ROLE_IDP, metadata) + except lasso.Error, e: + logger.error(u'bad metadata in %d-th idp: %s', i, e) + continue idp['ENTITY_ID'] = ET.fromstring(metadata).attrib['entityID'] - server.addProviderFromBuffer(lasso.PROVIDER_ROLE_IDP, metadata) + idp['METADATA'] = metadata SERVERS[root] = server return SERVERS[root] -- 2.1.4