update

manuel-sommer · manuel-sommer · commit 3230e5c51d5e · 2025-10-26T21:18:34.000+01:00
diff --git a/dojo/middleware.py b/dojo/middleware.py
@@ -82,9 +82,15 @@ def __call__(self, request):
 
 class CustomSocialAuthExceptionMiddleware(SocialAuthExceptionMiddleware):
     def process_exception(self, request, exception):
-        if isinstance(exception, (requests.exceptions.RequestException, AuthCanceled, AuthFailed)):
+        if isinstance(exception, requests.exceptions.RequestException):
             messages.error(request, "Login via social authentication is temporarily unavailable. Please use the standard login below.")
             return redirect("/login")
+        if isinstance(exception, AuthCanceled):
+            messages.warning(request, "Social login was canceled. Please try again or use the standard login.")
+            return redirect("/login")
+        if isinstance(exception, AuthFailed):
+            messages.error(request, "Social login failed. Please try again or use the standard login.")
+            return redirect("/login")
         return super().process_exception(request, exception)
 
 
diff --git a/unittests/test_social_auth_failure_handling.py b/unittests/test_social_auth_failure_handling.py
@@ -1,10 +1,12 @@
 
+from django.contrib import messages
 from django.contrib.auth.models import AnonymousUser
 from django.contrib.messages.storage.fallback import FallbackStorage
 from django.contrib.sessions.middleware import SessionMiddleware
 from django.http import HttpResponse
 from django.test import RequestFactory, override_settings
 from requests.exceptions import ConnectionError as RequestsConnectionError
+from social_core.exceptions import AuthCanceled, AuthFailed
 
 from dojo.middleware import CustomSocialAuthExceptionMiddleware
 
@@ -46,10 +48,17 @@ def test_social_auth_exception_redirects_to_login(self):
             "/login/keycloak-oauth2/",
             "/login/github/",
         ]
-
+        exceptions = [
+            (RequestsConnectionError("Host unreachable"), "Login via social authentication is temporarily unavailable. Please use the standard login below."),
+            (AuthCanceled("User canceled login"), "Social login was canceled. Please try again or use the standard login."),
+            (AuthFailed("Token exchange failed"), "Social login failed. Please try again or use the standard login."),
+        ]
         for path in login_paths:
-            with self.subTest(path=path):
-                request = self._prepare_request(path)
-                response = self.middleware.process_exception(request, RequestsConnectionError("Host unreachable"))
-                self.assertEqual(response.status_code, 302)
-                self.assertEqual(response.url, "/login")
+            for exception, expected_message in exceptions:
+                with self.subTest(path=path, exception=type(exception).__name__):
+                    request = self._prepare_request(path)
+                    response = self.middleware.process_exception(request, exception)
+                    self.assertEqual(response.status_code, 302)
+                    self.assertEqual(response.url, "/login")
+                    storage = list(messages.get_messages(request))
+                    self.assertTrue(any(expected_message in str(msg) for msg in storage))
