Render a layout when there's an SSO error
This commit is contained in:
parent
7f207fd411
commit
52d78294cc
|
@ -72,23 +72,21 @@ class SessionController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def sso_login
|
def sso_login
|
||||||
unless SiteSetting.enable_sso
|
raise Discourse::NotFound.new unless SiteSetting.enable_sso
|
||||||
return render(nothing: true, status: 404)
|
|
||||||
end
|
|
||||||
|
|
||||||
sso = DiscourseSingleSignOn.parse(request.query_string)
|
sso = DiscourseSingleSignOn.parse(request.query_string)
|
||||||
if !sso.nonce_valid?
|
if !sso.nonce_valid?
|
||||||
if SiteSetting.verbose_sso_logging
|
if SiteSetting.verbose_sso_logging
|
||||||
Rails.logger.warn("Verbose SSO log: Nonce has already expired\n\n#{sso.diagnostics}")
|
Rails.logger.warn("Verbose SSO log: Nonce has already expired\n\n#{sso.diagnostics}")
|
||||||
end
|
end
|
||||||
return render(text: I18n.t("sso.timeout_expired"), status: 419)
|
return render_sso_error(text: I18n.t("sso.timeout_expired"), status: 419)
|
||||||
end
|
end
|
||||||
|
|
||||||
if ScreenedIpAddress.should_block?(request.remote_ip)
|
if ScreenedIpAddress.should_block?(request.remote_ip)
|
||||||
if SiteSetting.verbose_sso_logging
|
if SiteSetting.verbose_sso_logging
|
||||||
Rails.logger.warn("Verbose SSO log: IP address is blocked #{request.remote_ip}\n\n#{sso.diagnostics}")
|
Rails.logger.warn("Verbose SSO log: IP address is blocked #{request.remote_ip}\n\n#{sso.diagnostics}")
|
||||||
end
|
end
|
||||||
return render(text: I18n.t("sso.unknown_error"), status: 500)
|
return render_sso_error(text: I18n.t("sso.unknown_error"), status: 500)
|
||||||
end
|
end
|
||||||
|
|
||||||
return_path = sso.return_path
|
return_path = sso.return_path
|
||||||
|
@ -101,7 +99,7 @@ class SessionController < ApplicationController
|
||||||
if SiteSetting.sso_not_approved_url.present?
|
if SiteSetting.sso_not_approved_url.present?
|
||||||
redirect_to SiteSetting.sso_not_approved_url
|
redirect_to SiteSetting.sso_not_approved_url
|
||||||
else
|
else
|
||||||
render text: I18n.t("sso.account_not_approved"), status: 403
|
render_sso_error(text: I18n.t("sso.account_not_approved"), status: 403)
|
||||||
end
|
end
|
||||||
return
|
return
|
||||||
elsif !user.active?
|
elsif !user.active?
|
||||||
|
@ -128,7 +126,7 @@ class SessionController < ApplicationController
|
||||||
|
|
||||||
redirect_to return_path
|
redirect_to return_path
|
||||||
else
|
else
|
||||||
render text: I18n.t("sso.not_found"), status: 500
|
render_sso_error(text: I18n.t("sso.not_found"), status: 500)
|
||||||
end
|
end
|
||||||
rescue ActiveRecord::RecordInvalid => e
|
rescue ActiveRecord::RecordInvalid => e
|
||||||
if SiteSetting.verbose_sso_logging
|
if SiteSetting.verbose_sso_logging
|
||||||
|
@ -139,7 +137,7 @@ class SessionController < ApplicationController
|
||||||
#{sso.diagnostics}
|
#{sso.diagnostics}
|
||||||
EOF
|
EOF
|
||||||
end
|
end
|
||||||
render text: I18n.t("sso.unknown_error"), status: 500
|
render_sso_error(text: I18n.t("sso.unknown_error"), status: 500)
|
||||||
rescue => e
|
rescue => e
|
||||||
message = "Failed to create or lookup user: #{e}."
|
message = "Failed to create or lookup user: #{e}."
|
||||||
message << "\n\n" << "-" * 100 << "\n\n"
|
message << "\n\n" << "-" * 100 << "\n\n"
|
||||||
|
@ -149,7 +147,7 @@ class SessionController < ApplicationController
|
||||||
|
|
||||||
Rails.logger.error(message)
|
Rails.logger.error(message)
|
||||||
|
|
||||||
render text: I18n.t("sso.unknown_error"), status: 500
|
render_sso_error(text: I18n.t("sso.unknown_error"), status: 500)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -315,4 +313,9 @@ class SessionController < ApplicationController
|
||||||
render_serialized(user, UserSerializer)
|
render_serialized(user, UserSerializer)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
|
def render_sso_error(status:, text:)
|
||||||
|
@sso_error = text
|
||||||
|
render status: status, layout: 'no_ember'
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -0,0 +1,2 @@
|
||||||
|
<h1><%= @sso_error %></h1>
|
||||||
|
|
Loading…
Reference in New Issue