gimme-aws-creds icon indicating copy to clipboard operation
gimme-aws-creds copied to clipboard

Published 20 hours ago verified publisher icon Nike-Inc

Okta response Error handling

Open DarkMukke opened this issue 3 years ago • 0 comments

When the okta instances returns an error code (eg 404) there is an uncaught exception

Eg when the response is not json and it still tries to parse it as json.

Expected Behavior

Formated messages returning the HTTP error code and maybe even a test version of the response ( in case it was html )

Current Behavior

Threaddump and unhandled exception

File "/usr/local/lib/python3.8/site-packages/gimme_aws_creds/okta.py", line 147, in auth
    flow_state = self._login_username_password(None, self._okta_org_url + '/api/v1/authn')
  File "/usr/local/lib/python3.8/site-packages/gimme_aws_creds/okta.py", line 341, in _login_username_password
    response_data = response.json()
  File "/usr/local/lib/python3.8/site-packages/requests/models.py", line 898, in json
    return complexjson.loads(self.text, **kwargs)
  File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/json/__init__.py", line 357, in loads
    return _default_decoder.decode(s)
  File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/json/decoder.py", line 337, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
  File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/json/decoder.py", line 355, in raw_decode
    raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)

Possible Solution

read the response code before trying to decode the json. And even then, catch the JSON decoder exception and print or log the actual content and HTTP code

Steps to Reproduce (for bugs)

  1. create a local nginx/apache and have it return a 404 without json
  2. set your okta url to this local server 3 run gimme creds and see the threadump

Context

This is annoying because the errors can range from anything like the wrong url to the a misconfigured environment. Which would be easier to detect and fix if I knew what was wrong

Your Environment

Latest version as of last week We are behind a corporate proxy which sometimes just fails when it is overloaded and behaves different in different environments which can result in making mistakes in the setup of those environments. ( eg wrong proxy address, wrong port, http vs https and so on )

DarkMukke avatar Nov 02 '20 23:11 DarkMukke