api: if no NameID or email, get_user returns None (#6172)
This commit is contained in:
parent
2cfcbfca8c
commit
22c96b7c1f
|
@ -60,8 +60,12 @@ def get_user_from_api_query_string():
|
|||
raise AccessForbiddenError('timestamp delta is more '
|
||||
'than %s seconds: %s seconds' % (MAX_DELTA, delta))
|
||||
|
||||
# Signature is good. Now looking for the user, by email/NameID.
|
||||
# If email or NameID exist but are empty, return None
|
||||
user = None
|
||||
if get_request().form.get('email'):
|
||||
if not ('email' in get_request().form or 'NameID' in get_request().form):
|
||||
raise AccessForbiddenError('missing email or NameID fields')
|
||||
elif get_request().form.get('email'):
|
||||
email = get_request().form.get('email')
|
||||
if not isinstance(email, basestring):
|
||||
raise AccessForbiddenError('multiple email field')
|
||||
|
@ -79,8 +83,6 @@ def get_user_from_api_query_string():
|
|||
user = users[0]
|
||||
else:
|
||||
raise AccessForbiddenError('unknown NameID')
|
||||
else:
|
||||
raise AccessForbiddenError('missing email or NameID fields')
|
||||
|
||||
return user
|
||||
|
||||
|
|
Loading…
Reference in New Issue