django.utils.oidc_user_from_decoded_token: Relax fields constraint (!45) · Merge requests · Platform / Development / swh-auth

Antoine R. Dumont requested to merge generated-differential-D5281-source into generated-differential-D5281-target Mar 18, 2021

In some application (e.g. deposit), those user fields might not be filled in. As it's not enforced by keycloak, relax such constraint.

Without this diff, user connection on the deposit fails with the following server side:

swh-deposit_1                   | Internal Server Error: /deposit/1/servicedocument/
swh-deposit_1                   | Traceback (most recent call last):
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/django/core/handlers/exception.py", line 34, in inner
swh-deposit_1                   |     response = get_response(request)
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/django/core/handlers/base.py", line 115, in _get_response
swh-deposit_1                   |     response = self.process_exception_by_middleware(e, request)
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/django/core/handlers/base.py", line 113, in _get_response
swh-deposit_1                   |     response = wrapped_callback(request, *callback_args, **callback_kwargs)
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
swh-deposit_1                   |     return view_func(*args, **kwargs)
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/django/views/generic/base.py", line 71, in view
swh-deposit_1                   |     return self.dispatch(request, *args, **kwargs)
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/views.py", line 509, in dispatch
swh-deposit_1                   |     response = self.handle_exception(exc)
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/views.py", line 469, in handle_exception
swh-deposit_1                   |     self.raise_uncaught_exception(exc)
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/views.py", line 480, in raise_uncaught_exception
swh-deposit_1                   |     raise exc
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/views.py", line 497, in dispatch
swh-deposit_1                   |     self.initial(request, *args, **kwargs)
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/views.py", line 414, in initial
swh-deposit_1                   |     self.perform_authentication(request)
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/views.py", line 324, in perform_authentication
swh-deposit_1                   |     request.user
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/request.py", line 227, in user
swh-deposit_1                   |     self._authenticate()
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/request.py", line 380, in _authenticate
swh-deposit_1                   |     user_auth_tuple = authenticator.authenticate(self)
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/rest_framework/authentication.py", line 87, in authenticate
swh-deposit_1                   |     return self.authenticate_credentials(userid, password, request)
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/swh/deposit/auth.py", line 151, in authenticate_credentials
swh-deposit_1                   |     oidc_user = oidc_user_from_profile(self.client, oidc_profile)
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/swh/auth/django/utils.py", line 80, in oidc_user_from_profile
swh-deposit_1                   |     user = oidc_user_from_decoded_token(decoded_token, client_id=oidc_client.client_id)
swh-deposit_1                   |   File "/srv/softwareheritage/venv/lib/python3.7/site-packages/swh/auth/django/utils.py", line 39, in oidc_user_from_decoded_token
swh-deposit_1                   |     email=decoded_token["email"],
swh-deposit_1                   | KeyError: 'email'

Related to swh-deposit#2858 (closed)

Test Plan

Testing through docker with the diff snippets!10 (closed) (to create users) and swh-deposit!399 (closed) to actually use the deposit with said user [1]

[1] configuring the deposit within docker:

swh deposit admin user create --username hal-test --provider-url https://hal-test.archives-ouvertes.fr/ --domain archives-ouvertes.fr

Migrated from D5281 (view on Phabricator)

django.utils.oidc_user_from_decoded_token: Relax fields constraint

Test Plan

Merge request reports