refactor(oidc): include exception handling in authentication (#224)

sbanoeon · web-flow · commit e4dee66650b9 · 2025-02-12T16:54:48.000+01:00
diff --git a/app/Entirety/entirety/oidc.py b/app/Entirety/entirety/oidc.py
@@ -1,5 +1,6 @@
 import logging
 
+from django.contrib import messages
 from mozilla_django_oidc.auth import OIDCAuthenticationBackend
 from django.conf import settings
 from jsonpath_ng import parse
@@ -19,8 +20,7 @@ def update_user(self, user, claims):
     def __set_user_values(self, user, claims):
 
         path = settings.OIDC_TOKEN_ROLE_PATH
-        parsed_result = parse(path).find(
-            claims)
+        parsed_result = parse(path).find(claims)
         if len(parsed_result) > 0:
             roles = parsed_result[0].value
 
@@ -38,23 +38,26 @@ def __set_user_values(self, user, claims):
 
         user.save()
 
-        logger.info(
-            user.first_name
-            + " is accessing with roles "
-            + roles.__str__()
-        )
+        logger.info(user.first_name + " is accessing with roles " + roles.__str__())
         return user
 
     def verify_claims(self, claims):
         logger.info(claims.get("given_name") + " is verifying claim")
         verified = super(CustomOIDCAB, self).verify_claims(claims)
         path = settings.OIDC_TOKEN_ROLE_PATH
-        parsed_result = parse(path).find(
-            claims)
+        parsed_result = parse(path).find(claims)
         if len(parsed_result) > 0:
             value = parsed_result[0].value
         else:
             value = []
         is_user = settings.OIDC_USER_ROLE in value
 
         return verified and is_user
+
+    def authenticate(self, request, **kwargs):
+        try:
+            user = super().authenticate(request, **kwargs)
+            return user
+        except Exception as e:
+            messages.error(self.request, "Authentication Error: " + e.__str__())
+            return None
