Clean up exception handling in SAML2ResponseResource (#7614)

* Expose `return_html_error`, and allow it to take a Jinja2 template instead of a raw string * Clean up exception handling in SAML2ResponseResource * use the existing code in `return_html_error` instead of re-implementing it (giving it a jinja2 template rather than inventing a new form of template) * do the exception-catching in the REST layer rather than in the handler layer, to make sure we catch all exceptions.
author: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> 2020-06-03 10:41:12 +0100
committer: GitHub <noreply@github.com> 2020-06-03 10:41:12 +0100
commit: 1bbc9e2df6cf9251460ca110918d876d3f50a379 (patch)
tree: a265286c7b9acf3c97147e1db33c35444d083431 /synapse/config/saml2_config.py
parent: update grafana dashboard (diff)
download: synapse-1bbc9e2df6cf9251460ca110918d876d3f50a379.tar.xz
1 files changed, 13 insertions, 5 deletions
diff --git a/synapse/config/saml2_config.py b/synapse/config/saml2_config.py
index 726a27d7b2..38ec256984 100644
--- a/synapse/config/saml2_config.py
+++ b/synapse/config/saml2_config.py
@@ -15,8 +15,8 @@
 # limitations under the License.
 
 import logging
-import os
 
+import jinja2
 import pkg_resources
 
 from synapse.python_dependencies import DependencyException, check_requirements
@@ -167,9 +167,11 @@ class SAML2Config(Config):
         if not template_dir:
             template_dir = pkg_resources.resource_filename("synapse", "res/templates",)
 
-        self.saml2_error_html_content = self.read_file(
-            os.path.join(template_dir, "saml_error.html"), "saml2_config.saml_error",
-        )
+        loader = jinja2.FileSystemLoader(template_dir)
+        # enable auto-escape here, to having to remember to escape manually in the
+        # template
+        env = jinja2.Environment(loader=loader, autoescape=True)
+        self.saml2_error_html_template = env.get_template("saml_error.html")
 
     def _default_saml_config_dict(
         self, required_attributes: set, optional_attributes: set
@@ -349,7 +351,13 @@ class SAML2Config(Config):
           # * HTML page to display to users if something goes wrong during the
           #   authentication process: 'saml_error.html'.
           #
-          #   This template doesn't currently need any variable to render.
+          #   When rendering, this template is given the following variables:
+          #     * code: an HTML error code corresponding to the error that is being
+          #       returned (typically 400 or 500)
+          #
+          #     * msg: a textual message describing the error.
+          #
+          #   The variables will automatically be HTML-escaped.
           #
           # You can see the default templates at:
           # https://github.com/matrix-org/synapse/tree/master/synapse/res/templates
author	Richard van der Hoff <1389908+richvdh@users.noreply.github.com>	2020-06-03 10:41:12 +0100
committer	GitHub <noreply@github.com>	2020-06-03 10:41:12 +0100
commit	1bbc9e2df6cf9251460ca110918d876d3f50a379 (patch)
tree	a265286c7b9acf3c97147e1db33c35444d083431 /synapse/config/saml2_config.py
parent	update grafana dashboard (diff)
download	synapse-1bbc9e2df6cf9251460ca110918d876d3f50a379.tar.xz