Properly error out when we can't login to IPA

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
This commit is contained in:
Aurélien Bompard 2021-05-07 09:54:28 +02:00
parent 7a0ae880e5
commit dd3ea36d47
No known key found for this signature in database
GPG key ID: 31584CFEB9BF64AD

View file

@ -3,6 +3,7 @@
from __future__ import absolute_import
from python_freeipa.client_meta import ClientMeta as IPAClient
from python_freeipa.exceptions import InvalidSessionPassword
from ipsilon.providers.openid.extensions.common import OpenidExtensionBase
import ipsilon.root
@ -89,7 +90,13 @@ class APIV1Page(Page):
ipa_config.read("/etc/ipa/default.conf")
ipa_server = ipa_config.get("global", "server", fallback=None)
ipa = IPAClient(ipa_server, verify_ssl="/etc/ipa/ca.crt")
auth = ipa.login(username, password)
try:
auth = ipa.login(username, password)
except InvalidSessionPassword:
print('Could not authenticate %s to IPA' % username)
return {'success': False,
'status': 400,
'message': 'Authentication failed'}
if auth and auth.logged_in:
user = ipa.user_find(whoami=True)["result"][0]
userdata = {