Render a layout when there's an SSO error

This commit is contained in:
Robin Ward 2017-03-21 14:04:25 -04:00
parent 7f207fd411
commit 52d78294cc
2 changed files with 14 additions and 9 deletions

View File

@ -72,23 +72,21 @@ class SessionController < ApplicationController
end end
def sso_login def sso_login
unless SiteSetting.enable_sso raise Discourse::NotFound.new unless SiteSetting.enable_sso
return render(nothing: true, status: 404)
end
sso = DiscourseSingleSignOn.parse(request.query_string) sso = DiscourseSingleSignOn.parse(request.query_string)
if !sso.nonce_valid? if !sso.nonce_valid?
if SiteSetting.verbose_sso_logging if SiteSetting.verbose_sso_logging
Rails.logger.warn("Verbose SSO log: Nonce has already expired\n\n#{sso.diagnostics}") Rails.logger.warn("Verbose SSO log: Nonce has already expired\n\n#{sso.diagnostics}")
end end
return render(text: I18n.t("sso.timeout_expired"), status: 419) return render_sso_error(text: I18n.t("sso.timeout_expired"), status: 419)
end end
if ScreenedIpAddress.should_block?(request.remote_ip) if ScreenedIpAddress.should_block?(request.remote_ip)
if SiteSetting.verbose_sso_logging if SiteSetting.verbose_sso_logging
Rails.logger.warn("Verbose SSO log: IP address is blocked #{request.remote_ip}\n\n#{sso.diagnostics}") Rails.logger.warn("Verbose SSO log: IP address is blocked #{request.remote_ip}\n\n#{sso.diagnostics}")
end end
return render(text: I18n.t("sso.unknown_error"), status: 500) return render_sso_error(text: I18n.t("sso.unknown_error"), status: 500)
end end
return_path = sso.return_path return_path = sso.return_path
@ -101,7 +99,7 @@ class SessionController < ApplicationController
if SiteSetting.sso_not_approved_url.present? if SiteSetting.sso_not_approved_url.present?
redirect_to SiteSetting.sso_not_approved_url redirect_to SiteSetting.sso_not_approved_url
else else
render text: I18n.t("sso.account_not_approved"), status: 403 render_sso_error(text: I18n.t("sso.account_not_approved"), status: 403)
end end
return return
elsif !user.active? elsif !user.active?
@ -128,7 +126,7 @@ class SessionController < ApplicationController
redirect_to return_path redirect_to return_path
else else
render text: I18n.t("sso.not_found"), status: 500 render_sso_error(text: I18n.t("sso.not_found"), status: 500)
end end
rescue ActiveRecord::RecordInvalid => e rescue ActiveRecord::RecordInvalid => e
if SiteSetting.verbose_sso_logging if SiteSetting.verbose_sso_logging
@ -139,7 +137,7 @@ class SessionController < ApplicationController
#{sso.diagnostics} #{sso.diagnostics}
EOF EOF
end end
render text: I18n.t("sso.unknown_error"), status: 500 render_sso_error(text: I18n.t("sso.unknown_error"), status: 500)
rescue => e rescue => e
message = "Failed to create or lookup user: #{e}." message = "Failed to create or lookup user: #{e}."
message << "\n\n" << "-" * 100 << "\n\n" message << "\n\n" << "-" * 100 << "\n\n"
@ -149,7 +147,7 @@ class SessionController < ApplicationController
Rails.logger.error(message) Rails.logger.error(message)
render text: I18n.t("sso.unknown_error"), status: 500 render_sso_error(text: I18n.t("sso.unknown_error"), status: 500)
end end
end end
@ -315,4 +313,9 @@ class SessionController < ApplicationController
render_serialized(user, UserSerializer) render_serialized(user, UserSerializer)
end end
def render_sso_error(status:, text:)
@sso_error = text
render status: status, layout: 'no_ember'
end
end end

View File

@ -0,0 +1,2 @@
<h1><%= @sso_error %></h1>