Skip to content

🐛 Catch AuthTokenError in middleware #13608

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Nov 5, 2025
+6 −2
Merged

🐛 Catch AuthTokenError in middleware #13608

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion dojo/middleware.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
from django.shortcuts import redirect
from django.urls import reverse
from django.utils.functional import SimpleLazyObject
from social_core.exceptions import AuthCanceled, AuthFailed, AuthForbidden
from social_core.exceptions import AuthCanceled, AuthFailed, AuthForbidden, AuthTokenError
from social_django.middleware import SocialAuthExceptionMiddleware
from watson.middleware import SearchContextMiddleware
from watson.search import search_context_manager
Expand Down Expand Up @@ -94,6 +94,9 @@ def process_exception(self, request, exception):
if isinstance(exception, AuthForbidden):
messages.error(request, "You are not authorized to log in via this method. Please contact support or use the standard login.")
return redirect("/login?force_login_form")
if isinstance(exception, AuthTokenError):
messages.error(request, "Social login failed due to an invalid or expired token. Please try again or use the standard login.")
return redirect("/login?force_login_form")
if isinstance(exception, TypeError) and "'NoneType' object is not iterable" in str(exception):
logger.warning("OIDC login error: NoneType is not iterable")
messages.error(request, "An unexpected error occurred during social login. Please use the standard login.")
Expand Down
3 changes: 2 additions & 1 deletion unittests/test_social_auth_failure_handling.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
from django.http import HttpResponse
from django.test import RequestFactory, override_settings
from requests.exceptions import ConnectionError as RequestsConnectionError
from social_core.exceptions import AuthCanceled, AuthFailed, AuthForbidden
from social_core.exceptions import AuthCanceled, AuthFailed, AuthForbidden, AuthTokenError

from dojo.middleware import CustomSocialAuthExceptionMiddleware

Expand Down Expand Up @@ -52,6 +52,7 @@ def test_social_auth_exception_redirects_to_login(self):
(AuthCanceled("User canceled login"), "Social login was canceled. Please try again or use the standard login."),
(AuthFailed("Token exchange failed"), "Social login failed. Please try again or use the standard login."),
(AuthForbidden("User not allowed"), "You are not authorized to log in via this method. Please contact support or use the standard login."),
(AuthTokenError("Invalid or expired token"), "Social login failed due to an invalid or expired token. Please try again or use the standard login."),
]
for path in login_paths:
for exception, expected_message in exceptions:
Expand Down