Commit fbe59c0f authored by echel0n's avatar echel0n
Browse files

Added better exception handling for when external SiCKRAGE API or SiCKRAGE SSO...

Added better exception handling for when external SiCKRAGE API or SiCKRAGE SSO server is unreachable
parent 73f7f4b3
......@@ -115,6 +115,9 @@ class API(object):
def token_expiration(self):
try:
certs = sickrage.app.auth_server.certs()
if not certs:
return time.time()
decoded_token = sickrage.app.auth_server.decode_token(self.token['access_token'], certs)
return decoded_token.get('exp', time.time())
except ExpiredSignatureError:
......
......@@ -21,6 +21,7 @@
import requests
from keycloak.exceptions import KeycloakClientError
from keycloak.openid_connect import KeycloakOpenidConnect
from keycloak.realm import KeycloakRealm
......@@ -62,7 +63,7 @@ class AuthServer(object):
def get_url(self, *args, **kwargs):
try:
return self.client.get_url(*args, **kwargs)
except requests.exceptions.ConnectionError as e:
except (KeycloakClientError, requests.exceptions.ConnectionError) as e:
return
def certs(self):
......
......@@ -53,6 +53,9 @@ class APIBaseHandler(RequestHandler):
return
certs = sickrage.app.auth_server.certs()
if not certs:
return
auth_header = self.request.headers.get('Authorization')
if auth_header:
......@@ -134,6 +137,9 @@ class APIBaseHandler(RequestHandler):
auth_header = self.request.headers.get('Authorization')
if 'bearer' in auth_header.lower():
certs = sickrage.app.auth_server.certs()
if not certs:
return
token = auth_header.strip('Bearer').strip()
decoded_token = sickrage.app.auth_server.decode_token(token, certs)
if sickrage.app.config.user.sub_id == decoded_token.get('sub'):
......
......@@ -52,6 +52,10 @@ class LoginHandler(BaseHandler):
def handle_jwt_auth_get(self):
certs = sickrage.app.auth_server.certs()
if not certs:
self.set_status(401)
return {'error': 'Unable to verify token'}
auth_token = self.request.headers['Authorization'].strip('Bearer').strip()
try:
......
......@@ -32,6 +32,10 @@ class WebSocketUIHandler(WebSocketHandler):
json_message = json.loads(message)
if json_message.get('initial', False):
certs = sickrage.app.auth_server.certs()
if not certs:
WebSocketUIHandler.clients.remove(self)
return self.close(401, 'Unable to verify token')
auth_token = json_message['token']
try:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment