django.utils.oidc_user_from_decoded_token: Relax fields constraint
In some application (e.g. deposit), those user fields might not be filled in. As it's not enforced by keycloak, relax such constraint.
Without this diff, user connection on the deposit fails with the following server side:
swh-deposit_1 | Internal Server Error: /deposit/1/servicedocument/
swh-deposit_1 | Traceback (most recent call last):
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/django/core/handlers/exception.py", line 34, in inner
swh-deposit_1 | response = get_response(request)
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/django/core/handlers/base.py", line 115, in _get_response
swh-deposit_1 | response = self.process_exception_by_middleware(e, request)
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/django/core/handlers/base.py", line 113, in _get_response
swh-deposit_1 | response = wrapped_callback(request, *callback_args, **callback_kwargs)
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
swh-deposit_1 | return view_func(*args, **kwargs)
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/django/views/generic/base.py", line 71, in view
swh-deposit_1 | return self.dispatch(request, *args, **kwargs)
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/views.py", line 509, in dispatch
swh-deposit_1 | response = self.handle_exception(exc)
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/views.py", line 469, in handle_exception
swh-deposit_1 | self.raise_uncaught_exception(exc)
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/views.py", line 480, in raise_uncaught_exception
swh-deposit_1 | raise exc
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/views.py", line 497, in dispatch
swh-deposit_1 | self.initial(request, *args, **kwargs)
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/views.py", line 414, in initial
swh-deposit_1 | self.perform_authentication(request)
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/views.py", line 324, in perform_authentication
swh-deposit_1 | request.user
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/request.py", line 227, in user
swh-deposit_1 | self._authenticate()
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/request.py", line 380, in _authenticate
swh-deposit_1 | user_auth_tuple = authenticator.authenticate(self)
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/authentication.py", line 87, in authenticate
swh-deposit_1 | return self.authenticate_credentials(userid, password, request)
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/swh/deposit/auth.py", line 151, in authenticate_credentials
swh-deposit_1 | oidc_user = oidc_user_from_profile(self.client, oidc_profile)
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/swh/auth/django/utils.py", line 80, in oidc_user_from_profile
swh-deposit_1 | user = oidc_user_from_decoded_token(decoded_token, client_id=oidc_client.client_id)
swh-deposit_1 | File "/srv/softwareheritage/venv/lib/python3.7/site-packages/swh/auth/django/utils.py", line 39, in oidc_user_from_decoded_token
swh-deposit_1 | email=decoded_token["email"],
swh-deposit_1 | KeyError: 'email'
Related to swh-deposit#2858 (closed)
Test Plan
Testing through docker with the diff snippets!10 (closed) (to create users) and swh-deposit!399 (closed) to actually use the deposit with said user [1]
- [1] configuring the deposit within docker:
swh deposit admin user create --username hal-test --provider-url https://hal-test.archives-ouvertes.fr/ --domain archives-ouvertes.fr
Migrated from D5281 (view on Phabricator)
Merge request reports
Activity
Build is green
Patch application report for D5281 (id=18918)
Rebasing onto 679c0a5e...
Current branch diff-target is up to date.
Changes applied before test
commit 7c87b9568bb97521a2f3a21dab3566ab36bb5f3c Author: Antoine R. Dumont (@ardumont) <ardumont@softwareheritage.org> Date: Thu Mar 18 18:00:20 2021 +0100 django.utils.oidc_user_from_decoded_token: Relax fields constraint In some application, those user fields might not be filled in. As it's not enforced by keycloak, relax such constraint. Related to swh/devel/swh-deposit#2858
See https://jenkins.softwareheritage.org/job/DAUTH/job/tests-on-diff/34/ for more details.
Some references in the commit message have been migrated:
- T2858 is now swh-deposit#2858 (closed)
Build is green
Patch application report for D5281 (id=18919)
Rebasing onto 679c0a5e...
Current branch diff-target is up to date.
Changes applied before test
commit 57583d2bcc3ff821591b9640d4141d7bfb32222e Author: Antoine R. Dumont (@ardumont) <ardumont@softwareheritage.org> Date: Thu Mar 18 18:00:20 2021 +0100 django.utils.oidc_user_from_decoded_token: Relax fields constraint In some application, those user fields might not be filled in. As it's not enforced by keycloak, relax such constraint. Related to swh/devel/swh-deposit#2858
See https://jenkins.softwareheritage.org/job/DAUTH/job/tests-on-diff/35/ for more details.