From 840265c745e668addfcd4afa741f7835cd98dca9 Mon Sep 17 00:00:00 2001 From: Georg Date: Wed, 1 Sep 2021 16:36:05 +0200 Subject: Improved error handling and Kiwi redirect Signed-off-by: Georg --- flaskapp.py | 27 +++++++++++++++------------ irc_register.py | 32 ++++++++++++++++++++++---------- 2 files changed, 37 insertions(+), 22 deletions(-) diff --git a/flaskapp.py b/flaskapp.py index cfa21e8..c8ce2d3 100644 --- a/flaskapp.py +++ b/flaskapp.py @@ -11,14 +11,15 @@ app.config['SECRET_KEY'] = '$secret' #remove later def hello(): return render_template('home.html') +#@app.route('/kiwi') +#def kiwi(): +# return redirect("https://liberta.casa/kiwi/") @app.route('/kiwi') -def kiwi(): - return redirect("https://liberta.casa/kiwi/") -@app.route('/kiwi/') -def kiwinick(nick, show_password_box): +def kiwinick(): nick = request.args.get('nick', None) - show_password_box = requests.args.get('show_password_box', None) - return redirect("https://liberta.casa/kiwi/") + show_password_box = request.args.get('show_password_box', None) + redirect_url = 'https://liberta.casa/kiwi/'+'?nick='+nick+'&show_password_box'+'='+show_password_box + return redirect(redirect_url) @app.route('/register', methods=['GET', 'POST']) def register(): @@ -30,14 +31,16 @@ def register(): password = request.form.get('password') # email = request.form.get('email') add password arg to ircregisterfunction response = ircregister(username, password, email) - if response == "server failure": - flash("Server Unavailable") - elif response == "433": - flash("Username already taken. Please select a different username") + if response == "433": + flash("IRC username already taken. Please select a different username") + elif response == "409": + flash("User already exists.") elif response == "success": return redirect(url_for('kiwinick', nick=username, show_password_box='true')) - elif response == "failure": - flash("Failure! Please try after some time or use NickServ.") + elif response == "invalidemail": + flash("Is that a valid email address?") + elif response == "ssoerr": + flash("Sorry, we messed up. Please contact an administrator.") return render_template('register.html', title='Register', form=form) diff --git a/irc_register.py b/irc_register.py index fcad711..0492a86 100644 --- a/irc_register.py +++ b/irc_register.py @@ -19,10 +19,10 @@ def ircregister(username, password, email): e.pop(s.send(e.pending())) # registering the connection to the server - _send(irctokens.build("USER", [username, "0", "*", username])) _send(irctokens.build("NICK", [username])) + # define Keycloak related variables server = 'http://192.168.0.115:8880' realm = 'devel' tokenurl = 'http://localhost/kctoken' @@ -32,11 +32,10 @@ def ircregister(username, password, email): lastname = 'Bar' # go through the cases - while True: lines = d.push(s.recv(1024)) - if lines == None: #if nothing is received from server + if lines == None: # if nothing is received from server return "server error" break @@ -48,8 +47,9 @@ def ircregister(username, password, email): elif line.command == "005": # when 005 is received pass the nickserv register command command _send(irctokens.build("PRIVMSG", ["NickServ", f"REGISTER {password}"])) - if line.command == 'NOTICE' and line.params == [username, f"Account created"]: + if line.command == 'NOTICE' and line.params == [username, f"Account created"]: # the IRC registration succeeded _send(irctokens.build("QUIT")) + # proceed with connecting to Keycloak try: tokendl = requests.get(tokenurl) tokendata = tokendl.json() @@ -57,6 +57,7 @@ def ircregister(username, password, email): url = server + '/auth/admin/realms/' + realm + '/users' except: print("ERROR: Keycloak token could not be installed.") + # register the user with Keycloak if re.match(r"[^@]+@[^@]+\.[^@]+", email): payload = { "firstName": firstname, @@ -82,25 +83,36 @@ def ircregister(username, password, email): except: print("Keycloak: No or invalid response JSON. This it not an error.") status = response.status_code - if status == 201: + if status == 201: # success print(" SSO User " + username + " created.") + return "success" # ok, done if status == 400: print("ERROR: Keycloak indicated that the request is invalid.") - if status == 401: + return "ssoerr" + if status == 401: # unauthorized, usually an issue with the token print("ERROR: Fix your Keycloak API credentials and/or client roles, doh.") + return "ssoerr" if status == 403: print("ERROR: Keycloak indicated that the authorization provided is not enough to access the resource.") - if status == 404: + return "ssoerr" + if status == 404: # not found, usually an issue with the URL print("ERROR: Keycloak indicated that the requested resource does not exist.") - if status == 409: + return "ssoerr" + if status == 409: # likely already occupied username or email address print("ERROR: Keycloak indicated that the resource already exists or \"some other coonflict when processing the request\" occured.") + return "ssoerr" + return "409" + #to-do: parse response JSON to inform the user whether it's the username OR the email address causing the culprit if status == 415: print("ERROR: Keycloak indicated that the requested media type is not supported.") + return "ssoerr" if status == 500: print("ERROR: Keycloak indicated that the server could not fullfill the request due to \"some unexpected error \".") - else: + return "ssoerr" + else: # email address doesn't look like an email address print('Invalid email address supplied.') + return "invalidemail" - return "success" + #return "success" # ok, done # register("hello", "test") -- cgit v1.2.3