summary refs log tree commit diff
path: root/synapse
diff options
context:
space:
mode:
authorRichard van der Hoff <richard@matrix.org>2019-07-01 12:13:22 +0100
committerRichard van der Hoff <richard@matrix.org>2019-07-01 12:13:22 +0100
commit3bcb13edd098ae634946d213472a2caf5134b9a8 (patch)
treeadc340db72003d8cddc98105b0b73da290c8442f /synapse
parentrename BaseSSORedirectServlet for consistency (diff)
downloadsynapse-3bcb13edd098ae634946d213472a2caf5134b9a8.tar.xz
Address review comments
Diffstat (limited to '')
-rw-r--r--synapse/handlers/saml_handler.py12
1 files changed, 7 insertions, 5 deletions
diff --git a/synapse/handlers/saml_handler.py b/synapse/handlers/saml_handler.py
index 03a0ac4384..a1ce6929cf 100644
--- a/synapse/handlers/saml_handler.py
+++ b/synapse/handlers/saml_handler.py
@@ -18,7 +18,7 @@ import attr
 import saml2
 from saml2.client import Saml2Client
 
-from synapse.api.errors import CodeMessageException
+from synapse.api.errors import SynapseError
 from synapse.http.servlet import parse_string
 from synapse.rest.client.v1.login import SSOAuthHandler
 
@@ -84,14 +84,16 @@ class SamlHandler:
                 outstanding=self._outstanding_requests_dict,
             )
         except Exception as e:
-            logger.warning("Exception parsing SAML2 response", exc_info=1)
-            raise CodeMessageException(400, "Unable to parse SAML2 response: %s" % (e,))
+            logger.warning("Exception parsing SAML2 response: %s", e)
+            raise SynapseError(400, "Unable to parse SAML2 response: %s" % (e,))
 
         if saml2_auth.not_signed:
-            raise CodeMessageException(400, "SAML2 response was not signed")
+            logger.warning("SAML2 response was not signed")
+            raise SynapseError(400, "SAML2 response was not signed")
 
         if "uid" not in saml2_auth.ava:
-            raise CodeMessageException(400, "uid not in SAML2 response")
+            logger.warning("SAML2 response lacks a 'uid' attestation")
+            raise SynapseError(400, "uid not in SAML2 response")
 
         self._outstanding_requests_dict.pop(saml2_auth.in_response_to, None)