fix (AuthServer): fix logging error/result

TaykYoku · TaykYoku · commit 26be3d7b0acc · 2022-02-23T01:48:58.000+01:00
diff --git a/src/DIRAC/FrameworkSystem/private/authorization/AuthServer.py b/src/DIRAC/FrameworkSystem/private/authorization/AuthServer.py
@@ -1,6 +1,5 @@
 """ This class provides authorization server activity. """
 import re
-import six
 import json
 import pprint
 from dominate import tags as dom
@@ -343,11 +342,15 @@ def handle_response(self, status_code=None, payload=None, headers=None, newSessi
 
         :return: TornadoResponse()
         """
-        sLog.debug(
-            f"Handle authorization response with {status_code} status code:",
-            "HTML page" if isinstance(payload, str) and payload.startswith("<!DOCTYPE html>") else payload,
-        )
         resp = TornadoResponse(payload, status_code)
+        if not isinstance(payload, dict):
+            sLog.debug(
+                f"Handle authorization response with {status_code} status code:",
+                "HTML page" if payload.startswith("<!DOCTYPE html>") else payload,
+            )
+        elif "error" in payload:
+            resp.clear_cookie("auth_session")  # pylint: disable=no-member
+            sLog.error(f"{payload['error']}: {payload.get('error_description', 'unknown')}")
         if headers:
             sLog.debug("Headers:", headers)
             for key, value in headers:
@@ -356,7 +359,7 @@ def handle_response(self, status_code=None, payload=None, headers=None, newSessi
             sLog.debug("Initialize new session:", newSession)
             # pylint: disable=no-member
             resp.set_secure_cookie("auth_session", json.dumps(newSession), secure=True, httponly=True)
-        if delSession or isinstance(payload, dict) and "error" in payload:
+        if delSession:
             resp.clear_cookie("auth_session")  # pylint: disable=no-member
         return resp
 
@@ -386,18 +389,13 @@ def validate_consent_request(self, request, provider=None):
 
         :return: response generated by `handle_response` or S_ERROR or html
         """
-        if request.method != "GET":
-            return self.handle_response(
-                payload=getHTML("use GET method", theme="error", info="Use GET method to access this endpoint."),
-                delSession=True,
-            )
         try:
             request = self.create_oauth2_request(request)
             # Check Identity Provider
             req = self.validateIdentityProvider(request, provider)
 
-            # If return IdP selector
-            if isinstance(req, six.string_types):
+            # If return HTML page with IdP selector
+            if isinstance(req, str):
                 return req
 
             sLog.info("Validate consent request for ", req.state)
