Return proper errorcodes from auth plugin

Instead of raising an exception which will cause both a server log
and an email to be sent, return a proper http 400 message when the
incoming authentication request is bad. This will also show the
proper error message to the client, instead of a generic internal
server error.

diff --git a/hamnadmin/auth.py b/hamnadmin/auth.py
index 8b02de1c8f4ca8325d597faea793d3478a7a1730..a420c5f9924176f116f9180ceefc03f20144e691 100644 (file)
--- a/hamnadmin/auth.py
+++ b/hamnadmin/auth.py
@@ -14,7 +14,7 @@
 #   provider website)
 #
 
-from django.http import HttpResponseRedirect
+from django.http import HttpResponseRedirect, HttpResponse
 from django.contrib.auth.models import User
 from django.contrib.auth.backends import ModelBackend
 from django.contrib.auth import login as django_login
@@ -63,9 +63,9 @@ def auth_receive(request):
                return HttpResponseRedirect('/')
 
        if not request.GET.has_key('i'):
-               raise Exception("Missing IV")
+               return HttpResponse("Missing IV in url!", status=400)
        if not request.GET.has_key('d'):
-               raise Exception("Missing data!")
+               return HttpResponse("Missing data in url!", status=400)
 
        # Set up an AES object and decrypt the data we received
        decryptor = AES.new(base64.b64decode(settings.PGAUTH_KEY),
@@ -76,12 +76,12 @@ def auth_receive(request):
        # Now un-urlencode it
        try:
                data = urlparse.parse_qs(s, strict_parsing=True)
-       except ValueError, e:
-               raise Exception("Invalid encrypted data received.")
+       except ValueError:
+               return HttpResponse("Invalid encrypted data received.", status=400)
 
        # Check the timestamp in the authentication
        if (int(data['t'][0]) < time.time() - 10):
-               raise Exception("Authentication token too old.")
+               return HttpResponse("Authentication token too old.", status=400)
 
        # Update the user record (if any)
        try:
@@ -99,7 +99,7 @@ def auth_receive(request):
                        changed= True
                if changed:
                        user.save()
-       except User.DoesNotExist, e:
+       except User.DoesNotExist:
                # User not found, create it!
                user = User(username=data['u'][0],
                                        first_name=data['f'][0],
@@ -121,4 +121,4 @@ def auth_receive(request):
        # No redirect specified, see if we have it in our settings
        if hasattr(settings, 'PGAUTH_REDIRECT_SUCCESS'):
                return HttpResponseRedirect(settings.PGAUTH_REDIRECT_SUCCESS)
-       raise Exception("Authentication successful, but don't know where to redirect!")
+       return HttpResponse("Authentication successful, but don't know where to redirect!", status=500)