From 4eb831969776d2e5cf766465eb91cfc0b95ae2ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sybren=20A=2E=20St=C3=BCvel?= Date: Tue, 11 Oct 2016 17:09:02 +0200 Subject: [PATCH] Better logging of OAuth issues, in the hope to figure out what's going on. --- pillar/__init__.py | 2 +- pillar/web/users/routes.py | 17 ++++++++++++----- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/pillar/__init__.py b/pillar/__init__.py index fc832e4c..30d4b304 100644 --- a/pillar/__init__.py +++ b/pillar/__init__.py @@ -307,7 +307,7 @@ class PillarServer(Eve): super(PillarServer, self).register_error_handlers() # Register error handlers per code. - for code in (403, 404, 500): + for code in (403, 404, 412, 500): self.register_error_handler(code, self.pillar_error_handler) # Register error handlers per exception. diff --git a/pillar/web/users/routes.py b/pillar/web/users/routes.py index cdaac312..abab2ddf 100644 --- a/pillar/web/users/routes.py +++ b/pillar/web/users/routes.py @@ -47,12 +47,19 @@ def login(): @blueprint.route('/oauth/blender-id/authorized') def blender_id_authorized(): check_oauth_provider(current_app.oauth_blender_id) - oauth_resp = current_app.oauth_blender_id.authorized_response() + try: + oauth_resp = current_app.oauth_blender_id.authorized_response() + except OAuthException as ex: + log.warning('Error parsing BlenderID OAuth response. data=%s; message=%s', + ex.data, ex.message) + raise wz_exceptions.Forbidden('Access denied, sorry!') + if oauth_resp is None: - return 'Access denied: reason=%s error=%s' % ( - request.args['error_reason'], - request.args['error_description'] - ) + msg = 'Access denied: reason=%s error=%s' % ( + request.args.get('error_reason'), request.args.get('error_description')) + log.warning('Access denied to user because oauth_resp=None: %s', msg) + return wz_exceptions.Forbidden(msg) + if isinstance(oauth_resp, OAuthException): return 'Access denied: %s' % oauth_resp.message