Handle social auth exception in auth_complete.

In case of an exception, we log it and return None which results in a redirect to the login page.
2025-11-04 05:53:43 +00:00 · 2017-03-07 12:32:40 +05:00
parent fa9b8d8114
commit 1f60baba6b
2 changed files with 18 additions and 2 deletions
--- a/zerver/tests/test_auth_backends.py
+++ b/zerver/tests/test_auth_backends.py
@@ -37,7 +37,7 @@ from zproject.backends import ZulipDummyBackend, EmailAuthBackend, \
 from zerver.views.auth import maybe_send_to_registration
 from version import ZULIP_VERSION

-from social_core.exceptions import AuthFailed
+from social_core.exceptions import AuthFailed, AuthStateForbidden
 from social_django.strategy import DjangoStrategy
 from social_django.storage import BaseDjangoStorage
 from social_core.backends.github import GithubOrganizationOAuth2, GithubTeamOAuth2, \
@@ -521,6 +521,19 @@ class GitHubAuthBackendTest(ZulipTestCase):

        utils.BACKENDS = settings.AUTHENTICATION_BACKENDS

+    def test_github_complete_when_base_exc_is_raised(self):
+        # type: () -> None
+        from social_django import utils
+        utils.BACKENDS = ('zproject.backends.GitHubAuthBackend',)
+        with mock.patch('social_core.backends.oauth.BaseOAuth2.auth_complete',
+                        side_effect=AuthStateForbidden('State forbidden')), \
+                mock.patch('zproject.backends.logging.exception'):
+            result = self.client_get(reverse('social:complete', args=['github']))
+            self.assertEqual(result.status_code, 302)
+            self.assertIn('login', result.url)
+
+        utils.BACKENDS = settings.AUTHENTICATION_BACKENDS
+
 class ResponseMock(object):
    def __init__(self, status_code, data):
        # type: (int, Any) -> None