paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-11 09:27:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Handle social auth exception in auth_complete.

Browse Source 
In case of an exception, we log it and return None which results in a
redirect to the login page.
This commit is contained in:
Umair Khan
2017-03-07 12:32:40 +05:00
committed by Tim Abbott
parent fa9b8d8114
commit 1f60baba6b
2 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
zerver/tests/test_auth_backends.py
View File

@@ -37,7 +37,7 @@ from zproject.backends import ZulipDummyBackend, EmailAuthBackend, \
from zerver.views.auth import maybe_send_to_registration from zerver.views.auth import maybe_send_to_registration
from version import ZULIP_VERSION from version import ZULIP_VERSION
from social_core.exceptions import AuthFailed from social_core.exceptions import AuthFailed, AuthStateForbidden
from social_django.strategy import DjangoStrategy from social_django.strategy import DjangoStrategy
from social_django.storage import BaseDjangoStorage from social_django.storage import BaseDjangoStorage
from social_core.backends.github import GithubOrganizationOAuth2, GithubTeamOAuth2, \ from social_core.backends.github import GithubOrganizationOAuth2, GithubTeamOAuth2, \
@@ -521,6 +521,19 @@ class GitHubAuthBackendTest(ZulipTestCase):
utils.BACKENDS = settings.AUTHENTICATION_BACKENDS utils.BACKENDS = settings.AUTHENTICATION_BACKENDS
def test_github_complete_when_base_exc_is_raised(self):
# type: () -> None
from social_django import utils
utils.BACKENDS = ('zproject.backends.GitHubAuthBackend',)
with mock.patch('social_core.backends.oauth.BaseOAuth2.auth_complete',
side_effect=AuthStateForbidden('State forbidden')), \
mock.patch('zproject.backends.logging.exception'):
result = self.client_get(reverse('social:complete', args=['github']))
self.assertEqual(result.status_code, 302)
self.assertIn('login', result.url)
utils.BACKENDS = settings.AUTHENTICATION_BACKENDS
class ResponseMock(object): class ResponseMock(object):
def __init__(self, status_code, data): def __init__(self, status_code, data):
# type: (int, Any) -> None # type: (int, Any) -> None

5
zproject/backends.py
View File

@@ -19,7 +19,7 @@ from apiclient.sample_tools import client as googleapiclient
from oauth2client.crypt import AppIdentityError from oauth2client.crypt import AppIdentityError
from social_core.backends.github import GithubOAuth2, GithubOrganizationOAuth2, \ from social_core.backends.github import GithubOAuth2, GithubOrganizationOAuth2, \
GithubTeamOAuth2 GithubTeamOAuth2
from social_core.exceptions import AuthFailed from social_core.exceptions import AuthFailed, SocialAuthBaseException
from django.contrib.auth import authenticate from django.contrib.auth import authenticate
from zerver.lib.users import check_full_name from zerver.lib.users import check_full_name
from zerver.lib.request import JsonableError from zerver.lib.request import JsonableError
@@ -185,6 +185,9 @@ class SocialAuthMixin(ZulipAuthMixin):
return super(SocialAuthMixin, self).auth_complete(*args, **kwargs) # type: ignore return super(SocialAuthMixin, self).auth_complete(*args, **kwargs) # type: ignore
except AuthFailed: except AuthFailed:
return None return None
except SocialAuthBaseException as e:
logging.exception(e)
return None
class ZulipDummyBackend(ZulipAuthMixin): class ZulipDummyBackend(ZulipAuthMixin):
""" """