Return a useful error page every time and invalid or expired
transaction is requested, instead of ending up with an internal
backtrace and an ugly 500 error.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
from ipsilon.login.common import LoginPageBase, LoginManagerBase
from ipsilon.login.common import FACILITY
from ipsilon.util.plugin import PluginObject
from ipsilon.login.common import LoginPageBase, LoginManagerBase
from ipsilon.login.common import FACILITY
from ipsilon.util.plugin import PluginObject
-from ipsilon.util.trans import Transaction
from ipsilon.util.user import UserSession
from string import Template
import cherrypy
from ipsilon.util.user import UserSession
from string import Template
import cherrypy
class KrbAuth(LoginPageBase):
def root(self, *args, **kwargs):
class KrbAuth(LoginPageBase):
def root(self, *args, **kwargs):
- trans = Transaction('login', **kwargs)
+ trans = self.get_valid_transaction('login', **kwargs)
# If we can get here, we must be authenticated and remote_user
# was set. Check the session has a user set already or error.
us = UserSession()
# If we can get here, we must be authenticated and remote_user
# was set. Check the session has a user set already or error.
us = UserSession()
cont=conturl)
# If we get here, negotiate failed
cont=conturl)
# If we get here, negotiate failed
- return self.lm.auth_failed(Transaction('login', **kwargs))
+ trans = self.get_valid_transaction('login', **kwargs)
+ return self.lm.auth_failed(trans)
class LoginManager(LoginManagerBase):
class LoginManager(LoginManagerBase):
from ipsilon.util.plugin import PluginInstaller
from ipsilon.info.common import Info
from ipsilon.util.cookies import SecureCookie
from ipsilon.util.plugin import PluginInstaller
from ipsilon.info.common import Info
from ipsilon.util.cookies import SecureCookie
-from ipsilon.util.trans import Transaction
return self._template(self.formtemplate, **context)
def root(self, *args, **kwargs):
return self._template(self.formtemplate, **context)
def root(self, *args, **kwargs):
- self.trans = Transaction('login', **kwargs)
+ self.trans = self.get_valid_transaction('login', **kwargs)
op = getattr(self, cherrypy.request.method, self.GET)
if callable(op):
return op(*args, **kwargs)
op = getattr(self, cherrypy.request.method, self.GET)
if callable(op):
return op(*args, **kwargs)
def root(self, *args, **kwargs):
if self.first_login:
def root(self, *args, **kwargs):
if self.first_login:
- trans = Transaction('login', **kwargs)
+ trans = self.get_valid_transaction('login', **kwargs)
redirect = '%s/login/%s?%s' % (self.basepath,
self.first_login.path,
trans.get_GET_arg())
redirect = '%s/login/%s?%s' % (self.basepath,
self.first_login.path,
trans.get_GET_arg())
from ipsilon.util.log import Log
from ipsilon.util.user import UserSession
from ipsilon.util.log import Log
from ipsilon.util.user import UserSession
+from ipsilon.util.trans import Transaction
from urllib import unquote
import cherrypy
from urllib import unquote
import cherrypy
def del_subtree(self, name):
del self.__dict__[name]
def del_subtree(self, name):
del self.__dict__[name]
+ def get_valid_transaction(self, provider, **kwargs):
+ try:
+ return Transaction(provider, **kwargs)
+ except ValueError:
+ msg = 'Transaction expired, or cookies not available'
+ raise cherrypy.HTTPError(401, msg)
+