Propagate redirect exceptions to the client
When a developer is implementing an Authentication plugin, in some cases (like an OpenID Connect plugin) it is needed to perform a redirect to the provider to complete the flow. This was possible in the past (before moving to Flask) by raising an exception with the proper HTTP code set, but the framework change made this possibility not available anymore. Closes-Bug: #1854041 Co-authored-by: Alvaro Lopez Garcia <aloga@ifca.unican.es> Change-Id: I333eb15c66f37207e6937d0cb3a80f26cf9bebfc
This commit is contained in:
parent
262d763f79
commit
1c106f48b0
|
@ -755,3 +755,20 @@ class OAuth2OtherError(OAuth2Error):
|
|||
def __init__(self, code, title, message):
|
||||
error_title = 'other_error'
|
||||
super().__init__(code, title, error_title, message)
|
||||
|
||||
|
||||
class RedirectRequired(Exception):
|
||||
"""Error class for redirection.
|
||||
|
||||
Child classes should define an HTTP redirect url
|
||||
message_format.
|
||||
|
||||
"""
|
||||
|
||||
redirect_url = None
|
||||
code = http.client.FOUND
|
||||
|
||||
def __init__(self, redirect_url, **kwargs):
|
||||
self.redirect_url = redirect_url
|
||||
|
||||
super(RedirectRequired, self).__init__(**kwargs)
|
||||
|
|
|
@ -78,6 +78,9 @@ def _handle_keystone_exception(error):
|
|||
elif isinstance(error, exception.OAuth2Error):
|
||||
return oauth2_handlers.build_response(error)
|
||||
|
||||
if isinstance(error, exception.RedirectRequired):
|
||||
return flask.redirect(error.redirect_url)
|
||||
|
||||
# Handle logging
|
||||
if isinstance(error, exception.Unauthorized):
|
||||
LOG.warning(
|
||||
|
|
Loading…
Reference in New Issue