saml2: raise correctly errors during metadata fetching

2013-11-04 15:46:00 +01:00 · 2013-11-04 15:46:00 +01:00 · 839fb8726a
parent c04708de4b
commit 839fb8726a
2 changed files with 16 additions and 4 deletions
--- a/mandaye/auth/saml2.py
+++ b/mandaye/auth/saml2.py
@ -9,6 +9,7 @@ from urlparse import parse_qs
 from mandaye import config, utils
 from mandaye.saml import saml2utils
 from mandaye.auth.authform import AuthForm
+from mandaye.exceptions import MandayeSamlException
 from mandaye.response import _302, _500, _401
 from mandaye.log import logger
 from mandaye.template import serve_template
@ -145,8 +146,10 @@ class SAML2Auth(AuthForm):
                    response = urllib2.urlopen(self.config.IDP_METADATA)
                    metadata = response.read()
                    response.close()
-                except:
-                    return _500('sso', 'Unable to find metadata.')
+                except Exception, e:
+                    logger.error("Unable to fetch metadata %s: %s" % \
+                                 (self.config.IDP_METADATA, str(e)))
+                    raise MandayeSamlException("Unable to find metadata: %s" % str(e))
                metadata_file = open(metadata_file_path, 'a+')
                metadata_file.write(metadata)
                metadata_file.close()
@ -165,7 +168,10 @@ class SAML2Auth(AuthForm):
    def sso(self, env, values, request, response):
        qs = parse_qs(env['QUERY_STRING'])
        target_idp = self.config.IDP_METADATA
-        metadata_file_path = self._get_idp_metadata_file_path()
+        try:
+            metadata_file_path = self._get_idp_metadata_file_path()
+        except MandayeSamlException, e:
+            return _500('sso', str(e))
        if not metadata_file_path:
            return _500('sso', 'Unable to load provider.')
        logger.debug('sso: target_idp is %s' % target_idp)
@ -206,7 +212,10 @@ class SAML2Auth(AuthForm):

    def single_sign_on_post(self, env, values, request, response):
        target_idp = None
-        metadata_file_path = self._get_idp_metadata_file_path()
+        try:
+            metadata_file_path = self._get_idp_metadata_file_path()
+        except MandayeSamlException, e:
+            return _500('sso', str(e))
        if not metadata_file_path:
            return _500('single_sign_on_post', 'Unable to load provider.')
        server = lasso.Server.newFromBuffers(self._get_metadata(env),
--- a/mandaye/exceptions.py
+++ b/mandaye/exceptions.py
@ -10,3 +10,6 @@ class MandayeException(Exception):
    "Mandaye generic exception"
    pass

+class MandayeSamlException(Exception):
+    "Mandaye SAML 2 exception"
+    pass