Infrastructure/ipsilon-fedora
5
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

Properly error out when we can't login to IPA

Browse source 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
This commit is contained in:
Aurélien Bompard 2021-05-07 09:54:28 +02:00
parent 7a0ae880e5
commit dd3ea36d47
No known key found for this signature in database
GPG key ID: 31584CFEB9BF64AD
1 changed files with 8 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

9
ipsilon/providers/openid/extensions/api.py
View file

@ -3,6 +3,7 @@
from __future__ import absolute_import
from python_freeipa.client_meta import ClientMeta as IPAClient
from python_freeipa.exceptions import InvalidSessionPassword
from ipsilon.providers.openid.extensions.common import OpenidExtensionBase
import ipsilon.root
@ -89,7 +90,13 @@ class APIV1Page(Page):
ipa_config.read("/etc/ipa/default.conf")
ipa_server = ipa_config.get("global", "server", fallback=None)
ipa = IPAClient(ipa_server, verify_ssl="/etc/ipa/ca.crt")
auth = ipa.login(username, password)
try:
auth = ipa.login(username, password)
except InvalidSessionPassword:
print('Could not authenticate %s to IPA' % username)
return {'success': False,
'status': 400,
'message': 'Authentication failed'}
if auth and auth.logged_in:
user = ipa.user_find(whoami=True)["result"][0]
userdata = {