From 2cd6d87ee70b7176d44c581bb1ece1462ff8d7e7 Mon Sep 17 00:00:00 2001 From: Pierre-Yves Chibon Date: Jan 03 2017 11:38:43 +0000 Subject: Bails if the OpenID does not provide an username Username is a required field so if it is not there we cannot continue. Instead of running into a cryptic load of errors, let's just bail out and inform the user about the situation. --- diff --git a/pagure/__init__.py b/pagure/__init__.py index 2998d52..b7b47f4 100644 --- a/pagure/__init__.py +++ b/pagure/__init__.py @@ -97,6 +97,14 @@ if APP.config.get('PAGURE_AUTH', None) in ['fas', 'openid']: @FAS.postlogin def set_user(return_url): ''' After login method. ''' + if flask.g.fas_user.username is None: + flask.flash( + 'It looks like your OpenID provider did not provide an ' + 'username we could retrieve, username being needed we cannot ' + 'go further.', 'error') + logout() + return flask.redirect(return_url) + flask.session['_new_user'] = False if not pagure.lib.search_user( SESSION, username=flask.g.fas_user.username):