feat(TPA): Add middleware to handle TPA exceptions #171
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Can you add a before and after screenshot? |
The before screen is a regular 500 error page. I added a screenshot with how the error message is displayed. |
mariajgrimaldi
approved these changes
Aug 17, 2021
magajh
approved these changes
Aug 17, 2021
MoisesGSalas
force-pushed
the
mgs/tpa_middleware
branch
from
522b932
to
6eb9427
Compare
johanseto
added a commit
to eduNEXT/eox-tenant
that referenced
this pull request
Dec 19, 2023
This change the heritance of the eox-tenant-auth-exception. This with the purpose of the exception to be handled by the social tpa middleware exception process. You can see here that the new class is also based in value error exception. https://github.com/python-social-auth/social-core/blob/29cbbd22b98d81d569a886b1cc0bd9a316cd124f/social_core/exceptions.py#L1 But the change is related with this PR: eduNEXT/eox-core#171 So now as the exception is family of the SocialAuthBaseException. The the tpa middleware could managed it. https://github.com/python-social-auth/social-app-django/blob/5.4.0/social_django/middleware.py#L35 Keep in mind that this middleware is parent of edx-platform middleware. https://github.com/openedx/edx-platform/blob/ebcbe1cd9208191c0589d7fe538c6ac13470abe6/common/djangoapps/third_party_auth/middleware.py#L18
4 tasks
johanseto
added a commit
to eduNEXT/eox-tenant
that referenced
this pull request
Dec 19, 2023
This change the heritance of the eox-tenant-auth-exception. This with the purpose of the exception to be handled by the social tpa middleware exception process. You can see here that the new class is also based in value error exception. https://github.com/python-social-auth/social-core/blob/29cbbd22b98d81d569a886b1cc0bd9a316cd124f/social_core/exceptions.py#L1 But the change is related with this PR: eduNEXT/eox-core#171 So now as the exception is family of the SocialAuthBaseException. The the tpa middleware could managed it. https://github.com/python-social-auth/social-app-django/blob/5.4.0/social_django/middleware.py#L35 Keep in mind that this middleware is parent of edx-platform middleware. https://github.com/openedx/edx-platform/blob/ebcbe1cd9208191c0589d7fe538c6ac13470abe6/common/djangoapps/third_party_auth/middleware.py#L18
johanseto
added a commit
to eduNEXT/eox-tenant
that referenced
this pull request
Jan 4, 2024
This change the heritance of the eox-tenant-auth-exception. This with the purpose of the exception to be handled by the social tpa middleware exception process. You can see here that the new class is also based in value error exception. https://github.com/python-social-auth/social-core/blob/29cbbd22b98d81d569a886b1cc0bd9a316cd124f/social_core/exceptions.py#L1 But the change is related with this PR: eduNEXT/eox-core#171 So now as the exception is family of the SocialAuthBaseException. The the tpa middleware could managed it. https://github.com/python-social-auth/social-app-django/blob/5.4.0/social_django/middleware.py#L35 Keep in mind that this middleware is parent of edx-platform middleware. https://github.com/openedx/edx-platform/blob/ebcbe1cd9208191c0589d7fe538c6ac13470abe6/common/djangoapps/third_party_auth/middleware.py#L18
johanseto
added a commit
to eduNEXT/eox-tenant
that referenced
this pull request
Jan 4, 2024
* refactor: inherit from social auth exception This change the heritance of the eox-tenant-auth-exception. This with the purpose of the exception to be handled by the social tpa middleware exception process. You can see here that the new class is also based in value error exception. https://github.com/python-social-auth/social-core/blob/29cbbd22b98d81d569a886b1cc0bd9a316cd124f/social_core/exceptions.py#L1 But the change is related with this PR: eduNEXT/eox-core#171 So now as the exception is family of the SocialAuthBaseException. The the tpa middleware could managed it. https://github.com/python-social-auth/social-app-django/blob/5.4.0/social_django/middleware.py#L35 Keep in mind that this middleware is parent of edx-platform middleware. https://github.com/openedx/edx-platform/blob/ebcbe1cd9208191c0589d7fe538c6ac13470abe6/common/djangoapps/third_party_auth/middleware.py#L18 * refactor: social-auth-core pkg inclusion
johanseto
added a commit
to eduNEXT/eox-tenant
that referenced
this pull request
Jan 4, 2024
* refactor: inherit from social auth exception This change the heritance of the eox-tenant-auth-exception. This with the purpose of the exception to be handled by the social tpa middleware exception process. You can see here that the new class is also based in value error exception. https://github.com/python-social-auth/social-core/blob/29cbbd22b98d81d569a886b1cc0bd9a316cd124f/social_core/exceptions.py#L1 But the change is related with this PR: eduNEXT/eox-core#171 So now as the exception is family of the SocialAuthBaseException. The the tpa middleware could managed it. https://github.com/python-social-auth/social-app-django/blob/5.4.0/social_django/middleware.py#L35 Keep in mind that this middleware is parent of edx-platform middleware. https://github.com/openedx/edx-platform/blob/ebcbe1cd9208191c0589d7fe538c6ac13470abe6/common/djangoapps/third_party_auth/middleware.py#L18 * refactor: social-auth-core pkg inclusion (cherry picked from commit c542749)
4 tasks
johanseto
added a commit
to eduNEXT/eox-tenant
that referenced
this pull request
Feb 9, 2024
* refactor: inherit from social auth exception This change the heritance of the eox-tenant-auth-exception. This with the purpose of the exception to be handled by the social tpa middleware exception process. You can see here that the new class is also based in value error exception. https://github.com/python-social-auth/social-core/blob/29cbbd22b98d81d569a886b1cc0bd9a316cd124f/social_core/exceptions.py#L1 But the change is related with this PR: eduNEXT/eox-core#171 So now as the exception is family of the SocialAuthBaseException. The the tpa middleware could managed it. https://github.com/python-social-auth/social-app-django/blob/5.4.0/social_django/middleware.py#L35 Keep in mind that this middleware is parent of edx-platform middleware. https://github.com/openedx/edx-platform/blob/ebcbe1cd9208191c0589d7fe538c6ac13470abe6/common/djangoapps/third_party_auth/middleware.py#L18 * refactor: social-auth-core pkg inclusion (cherry picked from commit c542749)
johanseto
added a commit
to eduNEXT/eox-tenant
that referenced
this pull request
Feb 9, 2024
* refactor: inherit from social auth exception This change the heritance of the eox-tenant-auth-exception. This with the purpose of the exception to be handled by the social tpa middleware exception process. You can see here that the new class is also based in value error exception. https://github.com/python-social-auth/social-core/blob/29cbbd22b98d81d569a886b1cc0bd9a316cd124f/social_core/exceptions.py#L1 But the change is related with this PR: eduNEXT/eox-core#171 So now as the exception is family of the SocialAuthBaseException. The the tpa middleware could managed it. https://github.com/python-social-auth/social-app-django/blob/5.4.0/social_django/middleware.py#L35 Keep in mind that this middleware is parent of edx-platform middleware. https://github.com/openedx/edx-platform/blob/ebcbe1cd9208191c0589d7fe538c6ac13470abe6/common/djangoapps/third_party_auth/middleware.py#L18 * refactor: social-auth-core pkg inclusion (cherry picked from commit c542749) chore: run make upgrade
johanseto
added a commit
to eduNEXT/eox-tenant
that referenced
this pull request
Mar 4, 2024
* refactor: inherit from social auth exception This change the heritance of the eox-tenant-auth-exception. This with the purpose of the exception to be handled by the social tpa middleware exception process. You can see here that the new class is also based in value error exception. https://github.com/python-social-auth/social-core/blob/29cbbd22b98d81d569a886b1cc0bd9a316cd124f/social_core/exceptions.py#L1 But the change is related with this PR: eduNEXT/eox-core#171 So now as the exception is family of the SocialAuthBaseException. The the tpa middleware could managed it. https://github.com/python-social-auth/social-app-django/blob/5.4.0/social_django/middleware.py#L35 Keep in mind that this middleware is parent of edx-platform middleware. https://github.com/openedx/edx-platform/blob/ebcbe1cd9208191c0589d7fe538c6ac13470abe6/common/djangoapps/third_party_auth/middleware.py#L18 * refactor: social-auth-core pkg inclusion (cherry picked from commit c542749) chore: run make upgrade
MaferMazu
pushed a commit
to eduNEXT/eox-tenant
that referenced
this pull request
Apr 11, 2024
* refactor: inherit from social auth exception * refactor: inherit from social auth exception This change the heritance of the eox-tenant-auth-exception. This with the purpose of the exception to be handled by the social tpa middleware exception process. You can see here that the new class is also based in value error exception. https://github.com/python-social-auth/social-core/blob/29cbbd22b98d81d569a886b1cc0bd9a316cd124f/social_core/exceptions.py#L1 But the change is related with this PR: eduNEXT/eox-core#171 So now as the exception is family of the SocialAuthBaseException. The the tpa middleware could managed it. https://github.com/python-social-auth/social-app-django/blob/5.4.0/social_django/middleware.py#L35 Keep in mind that this middleware is parent of edx-platform middleware. https://github.com/openedx/edx-platform/blob/ebcbe1cd9208191c0589d7fe538c6ac13470abe6/common/djangoapps/third_party_auth/middleware.py#L18 * refactor: social-auth-core pkg inclusion (cherry picked from commit c542749) chore: run make upgrade * fix: pylint update change way to load config add use-yield-from (R1737) due pylint update to 3.1.0
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
During the third party authentication process there are some errors that are not correctly handled and result in a misleading 500 error page.
As far as we know, this issue happens under any of this three conditions, so far:
safer_associate_by_emailraisesEoxTenantAuthExceptionwhen trying to associate a staff/admin account or when an account with the same email already exists. This is becauseEoxTenantAuthExceptiondoesn't inherit fromSocialAuthBaseException.safer_associate_by_emailis not defined in the pipeline a databaseIntegrityErroris raised due to conflicting emails.To solve the issue a new middleware class was created that process this exceptions and passes the correct
AuthExceptionto the next layer in the middleware chain.Testing Instructions
OIDC_ENDPOINTpoints to the wrong url.safer_associate_by_emailin the pipeline.Aditional details
The error message should look like this: