do not crash if no idp is found (#19260)

Also improve logging of no idp situation in default backend.
This commit is contained in:
Benjamin Dauvergne 2019-06-07 10:22:10 +02:00
parent 42620b50a9
commit b673b3a7fe
2 changed files with 9 additions and 3 deletions

View File

@ -14,19 +14,26 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
from __future__ import unicode_literals
import logging
from django.contrib.auth.backends import ModelBackend
from . import utils
logger = logging.getLogger(__name__)
class SAMLBackend(ModelBackend):
def authenticate(self, request=None, **credentials):
saml_attributes = credentials.get('saml_attributes') or {}
# without an issuer we can do nothing
if 'issuer' not in saml_attributes:
return
logger.debug('no idp in saml_attributes')
return None
idp = utils.get_idp(saml_attributes['issuer'])
if not idp:
logger.debug('unknown idp %s', saml_attributes['issuer'])
return None
adapters = utils.get_adapters(idp)
for adapter in adapters:
if not hasattr(adapter, 'authorize'):

View File

@ -130,7 +130,7 @@ class LoginView(ProfileMixin, LogMixin, View):
for idp in utils.get_idps():
return idp
else:
return None
return {}
else:
return utils.get_idp(entity_id)
@ -305,7 +305,6 @@ class LoginView(ProfileMixin, LogMixin, View):
'no entity id found for this artifact %r' % artifact)
idp = utils.get_idp(login.remoteProviderId)
if not idp:
self.log.warning('entity id %r is unknown', login.remoteProviderId)
return HttpResponseBadRequest(
'entity id %r is unknown' % login.remoteProviderId)
verify_ssl_certificate = utils.get_setting(