From 2f6b91afd002d626e204c927cdbe24555464f17e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simon=20H=C3=B8xbro=20Hansen?= Date: Tue, 5 Nov 2024 14:50:26 +0100 Subject: [PATCH 1/3] fix: log auth errors --- panel/io/server.py | 1 + 1 file changed, 1 insertion(+) diff --git a/panel/io/server.py b/panel/io/server.py index 153a8c76cb..74c76e4dce 100644 --- a/panel/io/server.py +++ b/panel/io/server.py @@ -426,6 +426,7 @@ def _authorize(self, session=False): auth_error = None except Exception: auth_error = f'Authorization callback errored. Could not validate user {state.user}.' + logger.warning(auth_error) return authorized, auth_error def _render_auth_error(self, auth_error): From 781731d7821c3b79b3081e563b36ae9f8db7242b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simon=20H=C3=B8xbro=20Hansen?= Date: Tue, 5 Nov 2024 17:12:34 +0100 Subject: [PATCH 2/3] Add test --- panel/tests/command/test_serve.py | 27 +++++++++++++++++++++++++-- panel/tests/util.py | 5 ++++- 2 files changed, 29 insertions(+), 3 deletions(-) diff --git a/panel/tests/command/test_serve.py b/panel/tests/command/test_serve.py index f15c451420..5cc4d17eb0 100644 --- a/panel/tests/command/test_serve.py +++ b/panel/tests/command/test_serve.py @@ -3,12 +3,14 @@ import tempfile import time +from textwrap import dedent + import pytest import requests from panel.tests.util import ( - linux_only, run_panel_serve, unix_only, wait_for_port, wait_for_regex, - write_file, + NBSR, linux_only, run_panel_serve, unix_only, wait_for_port, + wait_for_regex, write_file, ) @@ -175,3 +177,24 @@ def test_serve_setup(tmp_path): with run_panel_serve(["--port", "0", py, "--setup", setup_py], cwd=tmp_path) as p: _, output = wait_for_regex(p.stdout, regex=regex, return_output=True) assert output[0].strip() == "Setup running before" + + +def test_serve_authorize_callback_exception(tmp_path): + app = "import panel as pn; pn.panel('Hello').servable()" + py = tmp_path / "app.py" + py.write_text(app) + + setup_app = """\ + import panel as pn + def auth(userinfo): + raise ValueError("This is an error") + pn.config.authorize_callback = auth""" + setup_py = tmp_path / "setup.py" + setup_py.write_text(dedent(setup_app)) + + regex = re.compile('(Authorization callback errored)') + with run_panel_serve(["--port", "0", py, "--setup", setup_py], cwd=tmp_path) as p: + nsbr = NBSR(p.stdout) + port = wait_for_port(nsbr) + requests.get(f"http://localhost:{port}/") + wait_for_regex(nsbr, regex=regex) diff --git a/panel/tests/util.py b/panel/tests/util.py index e7d87b3ac7..f86f1a5cc1 100644 --- a/panel/tests/util.py +++ b/panel/tests/util.py @@ -395,7 +395,10 @@ def readline(self, timeout=None): return None def wait_for_regex(stdout, regex, count=1, return_output=False): - nbsr = NBSR(stdout) + if isinstance(stdout, NBSR): + nbsr = stdout + else: + nbsr = NBSR(stdout) m = None output, found = [], [] for _ in range(20): From c3b3f8ccac023f7b7bd60d9371a8edc41036f33b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Simon=20H=C3=B8xbro=20Hansen?= Date: Tue, 5 Nov 2024 17:32:01 +0100 Subject: [PATCH 3/3] Set status code to 403 --- panel/io/server.py | 1 + panel/tests/command/test_serve.py | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/panel/io/server.py b/panel/io/server.py index 74c76e4dce..61bb6c1cb7 100644 --- a/panel/io/server.py +++ b/panel/io/server.py @@ -456,6 +456,7 @@ async def get(self, *args, **kwargs): if authorized is None: return elif not authorized: + self.set_status(403) page = self._render_auth_error(auth_error) self.set_header("Content-Type", 'text/html') self.write(page) diff --git a/panel/tests/command/test_serve.py b/panel/tests/command/test_serve.py index 5cc4d17eb0..74b121f832 100644 --- a/panel/tests/command/test_serve.py +++ b/panel/tests/command/test_serve.py @@ -196,5 +196,6 @@ def auth(userinfo): with run_panel_serve(["--port", "0", py, "--setup", setup_py], cwd=tmp_path) as p: nsbr = NBSR(p.stdout) port = wait_for_port(nsbr) - requests.get(f"http://localhost:{port}/") + resp = requests.get(f"http://localhost:{port}/") wait_for_regex(nsbr, regex=regex) + assert resp.status_code == 403